ReactOS 0.4.16-dev-1292-g1ece139
ntifs.template.h
Go to the documentation of this file.
1/*
2 * ntifs.h
3 *
4 * Windows NT Filesystem Driver Developer Kit
5 *
6 * This file is part of the ReactOS DDK package.
7 *
8 * Contributors:
9 * Amine Khaldi
10 * Timo Kreuzer (timo.kreuzer@reactos.org)
11 *
12 * THIS SOFTWARE IS NOT COPYRIGHTED
13 *
14 * This source code is offered for use in the public domain. You may
15 * use, modify or distribute it freely.
16 *
17 * This code is distributed in the hope that it will be useful but
18 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
19 * DISCLAIMED. This includes but is not limited to warranties of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
21 *
22 */
23
24#pragma once
25
26#define _NTIFS_INCLUDED_
27#define _GNU_NTIFS_
28
29#ifdef __cplusplus
30extern "C" {
31#endif
32
33$define(UCHAR=UCHAR)
34$define(ULONG=ULONG)
35$define(USHORT=USHORT)
36
37/* Dependencies */
38#include <ntddk.h>
39#include <excpt.h>
40#include <ntdef.h>
41#include <ntnls.h>
42#include <ntstatus.h>
43#include <bugcodes.h>
44#include <ntiologc.h>
45
46$define (_NTIFS_)
47
48#ifndef FlagOn
49#define FlagOn(_F,_SF) ((_F) & (_SF))
50#endif
51
52#ifndef BooleanFlagOn
53#define BooleanFlagOn(F,SF) ((BOOLEAN)(((F) & (SF)) != 0))
54#endif
55
56#ifndef SetFlag
57#define SetFlag(_F,_SF) ((_F) |= (_SF))
58#endif
59
60#ifndef ClearFlag
61#define ClearFlag(_F,_SF) ((_F) &= ~(_SF))
62#endif
63
64typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
65typedef STRING LSA_STRING, *PLSA_STRING;
66typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
67
68$include (setypes.h)
69$include (obtypes.h)
70$include (rtltypes.h)
71$include (rtlfuncs.h)
72
73_IRQL_requires_max_(PASSIVE_LEVEL)
74__kernel_entry
75NTSYSCALLAPI
76NTSTATUS
77NTAPI
78NtQueryObject(
79 _In_opt_ HANDLE Handle,
80 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass,
81 _Out_writes_bytes_opt_(ObjectInformationLength) PVOID ObjectInformation,
82 _In_ ULONG ObjectInformationLength,
83 _Out_opt_ PULONG ReturnLength);
84
85#if (NTDDI_VERSION >= NTDDI_WIN2K)
86
87_Must_inspect_result_
88__kernel_entry
89NTSYSCALLAPI
90NTSTATUS
91NTAPI
92NtOpenThreadToken(
93 _In_ HANDLE ThreadHandle,
94 _In_ ACCESS_MASK DesiredAccess,
95 _In_ BOOLEAN OpenAsSelf,
96 _Out_ PHANDLE TokenHandle);
97
98_Must_inspect_result_
99__kernel_entry
100NTSYSCALLAPI
101NTSTATUS
102NTAPI
103NtOpenProcessToken(
104 _In_ HANDLE ProcessHandle,
105 _In_ ACCESS_MASK DesiredAccess,
106 _Out_ PHANDLE TokenHandle);
107
108_When_(TokenInformationClass == TokenAccessInformation,
109 _At_(TokenInformationLength,
110 _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION))))
111_Must_inspect_result_
112__kernel_entry
113NTSYSCALLAPI
114NTSTATUS
115NTAPI
116NtQueryInformationToken(
117 _In_ HANDLE TokenHandle,
118 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
119 _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation,
120 _In_ ULONG TokenInformationLength,
121 _Out_ PULONG ReturnLength);
122
123_Must_inspect_result_
124__kernel_entry
125NTSYSCALLAPI
126NTSTATUS
127NTAPI
128NtAdjustPrivilegesToken(
129 _In_ HANDLE TokenHandle,
130 _In_ BOOLEAN DisableAllPrivileges,
131 _In_opt_ PTOKEN_PRIVILEGES NewState,
132 _In_ ULONG BufferLength,
133 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
134 _When_(PreviousState != NULL, _Out_) PULONG ReturnLength);
135
136__kernel_entry
137NTSYSCALLAPI
138NTSTATUS
139NTAPI
140NtCreateFile(
141 _Out_ PHANDLE FileHandle,
142 _In_ ACCESS_MASK DesiredAccess,
143 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
144 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
145 _In_opt_ PLARGE_INTEGER AllocationSize,
146 _In_ ULONG FileAttributes,
147 _In_ ULONG ShareAccess,
148 _In_ ULONG CreateDisposition,
149 _In_ ULONG CreateOptions,
150 _In_reads_bytes_opt_(EaLength) PVOID EaBuffer,
151 _In_ ULONG EaLength);
152
153__kernel_entry
154NTSYSCALLAPI
155NTSTATUS
156NTAPI
157NtDeviceIoControlFile(
158 _In_ HANDLE FileHandle,
159 _In_opt_ HANDLE Event,
160 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
161 _In_opt_ PVOID ApcContext,
162 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
163 _In_ ULONG IoControlCode,
164 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
165 _In_ ULONG InputBufferLength,
166 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
167 _In_ ULONG OutputBufferLength);
168
169__kernel_entry
170NTSYSCALLAPI
171NTSTATUS
172NTAPI
173NtFsControlFile(
174 _In_ HANDLE FileHandle,
175 _In_opt_ HANDLE Event,
176 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
177 _In_opt_ PVOID ApcContext,
178 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
179 _In_ ULONG FsControlCode,
180 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
181 _In_ ULONG InputBufferLength,
182 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
183 _In_ ULONG OutputBufferLength);
184
185__kernel_entry
186NTSYSCALLAPI
187NTSTATUS
188NTAPI
189NtLockFile(
190 _In_ HANDLE FileHandle,
191 _In_opt_ HANDLE Event,
192 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
193 _In_opt_ PVOID ApcContext,
194 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
195 _In_ PLARGE_INTEGER ByteOffset,
196 _In_ PLARGE_INTEGER Length,
197 _In_ ULONG Key,
198 _In_ BOOLEAN FailImmediately,
199 _In_ BOOLEAN ExclusiveLock);
200
201__kernel_entry
202NTSYSCALLAPI
203NTSTATUS
204NTAPI
205NtOpenFile(
206 _Out_ PHANDLE FileHandle,
207 _In_ ACCESS_MASK DesiredAccess,
208 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
209 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
210 _In_ ULONG ShareAccess,
211 _In_ ULONG OpenOptions);
212
213__kernel_entry
214NTSYSCALLAPI
215NTSTATUS
216NTAPI
217NtQueryDirectoryFile(
218 _In_ HANDLE FileHandle,
219 _In_opt_ HANDLE Event,
220 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
221 _In_opt_ PVOID ApcContext,
222 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
223 _Out_writes_bytes_(Length) PVOID FileInformation,
224 _In_ ULONG Length,
225 _In_ FILE_INFORMATION_CLASS FileInformationClass,
226 _In_ BOOLEAN ReturnSingleEntry,
227 _In_opt_ PUNICODE_STRING FileName,
228 _In_ BOOLEAN RestartScan);
229
230__kernel_entry
231NTSYSCALLAPI
232NTSTATUS
233NTAPI
234NtQueryInformationFile(
235 _In_ HANDLE FileHandle,
236 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
237 _Out_writes_bytes_(Length) PVOID FileInformation,
238 _In_ ULONG Length,
239 _In_ FILE_INFORMATION_CLASS FileInformationClass);
240
241__kernel_entry
242NTSYSCALLAPI
243NTSTATUS
244NTAPI
245NtQueryQuotaInformationFile(
246 _In_ HANDLE FileHandle,
247 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
248 _Out_writes_bytes_(Length) PVOID Buffer,
249 _In_ ULONG Length,
250 _In_ BOOLEAN ReturnSingleEntry,
251 _In_reads_bytes_opt_(SidListLength) PVOID SidList,
252 _In_ ULONG SidListLength,
253 _In_reads_bytes_opt_((8 + (4 * ((SID *)StartSid)->SubAuthorityCount))) PSID StartSid,
254 _In_ BOOLEAN RestartScan);
255
256__kernel_entry
257NTSYSCALLAPI
258NTSTATUS
259NTAPI
260NtQueryVolumeInformationFile(
261 _In_ HANDLE FileHandle,
262 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
263 _Out_writes_bytes_(Length) PVOID FsInformation,
264 _In_ ULONG Length,
265 _In_ FS_INFORMATION_CLASS FsInformationClass);
266
267__kernel_entry
268NTSYSCALLAPI
269NTSTATUS
270NTAPI
271NtReadFile(
272 _In_ HANDLE FileHandle,
273 _In_opt_ HANDLE Event,
274 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
275 _In_opt_ PVOID ApcContext,
276 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
277 _Out_writes_bytes_(Length) PVOID Buffer,
278 _In_ ULONG Length,
279 _In_opt_ PLARGE_INTEGER ByteOffset,
280 _In_opt_ PULONG Key);
281
282__kernel_entry
283NTSYSCALLAPI
284NTSTATUS
285NTAPI
286NtSetInformationFile(
287 _In_ HANDLE FileHandle,
288 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
289 _In_reads_bytes_(Length) PVOID FileInformation,
290 _In_ ULONG Length,
291 _In_ FILE_INFORMATION_CLASS FileInformationClass);
292
293__kernel_entry
294NTSYSCALLAPI
295NTSTATUS
296NTAPI
297NtSetQuotaInformationFile(
298 _In_ HANDLE FileHandle,
299 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
300 _In_reads_bytes_(Length) PVOID Buffer,
301 _In_ ULONG Length);
302
303__kernel_entry
304NTSYSCALLAPI
305NTSTATUS
306NTAPI
307NtSetVolumeInformationFile(
308 _In_ HANDLE FileHandle,
309 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
310 _In_reads_bytes_(Length) PVOID FsInformation,
311 _In_ ULONG Length,
312 _In_ FS_INFORMATION_CLASS FsInformationClass);
313
314__kernel_entry
315NTSYSCALLAPI
316NTSTATUS
317NTAPI
318NtWriteFile(
319 _In_ HANDLE FileHandle,
320 _In_opt_ HANDLE Event,
321 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
322 _In_opt_ PVOID ApcContext,
323 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
324 _In_reads_bytes_(Length) PVOID Buffer,
325 _In_ ULONG Length,
326 _In_opt_ PLARGE_INTEGER ByteOffset,
327 _In_opt_ PULONG Key);
328
329__kernel_entry
330NTSYSCALLAPI
331NTSTATUS
332NTAPI
333NtUnlockFile(
334 _In_ HANDLE FileHandle,
335 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
336 _In_ PLARGE_INTEGER ByteOffset,
337 _In_ PLARGE_INTEGER Length,
338 _In_ ULONG Key);
339
340_IRQL_requires_max_(PASSIVE_LEVEL)
341__kernel_entry
342NTSYSCALLAPI
343NTSTATUS
344NTAPI
345NtSetSecurityObject(
346 _In_ HANDLE Handle,
347 _In_ SECURITY_INFORMATION SecurityInformation,
348 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
349
350_IRQL_requires_max_(PASSIVE_LEVEL)
351__kernel_entry
352NTSYSCALLAPI
353NTSTATUS
354NTAPI
355NtQuerySecurityObject(
356 _In_ HANDLE Handle,
357 _In_ SECURITY_INFORMATION SecurityInformation,
358 _Out_writes_bytes_opt_(Length) PSECURITY_DESCRIPTOR SecurityDescriptor,
359 _In_ ULONG Length,
360 _Out_ PULONG LengthNeeded);
361
362_IRQL_requires_max_(PASSIVE_LEVEL)
363__kernel_entry
364NTSYSCALLAPI
365NTSTATUS
366NTAPI
367NtClose(
368 _In_ HANDLE Handle);
369
370#endif
371
372#if (NTDDI_VERSION >= NTDDI_WINXP)
373
374_Must_inspect_result_
375__kernel_entry
376NTSYSCALLAPI
377NTSTATUS
378NTAPI
379NtOpenThreadTokenEx(
380 _In_ HANDLE ThreadHandle,
381 _In_ ACCESS_MASK DesiredAccess,
382 _In_ BOOLEAN OpenAsSelf,
383 _In_ ULONG HandleAttributes,
384 _Out_ PHANDLE TokenHandle);
385
386_Must_inspect_result_
387__kernel_entry
388NTSYSCALLAPI
389NTSTATUS
390NTAPI
391NtOpenProcessTokenEx(
392 _In_ HANDLE ProcessHandle,
393 _In_ ACCESS_MASK DesiredAccess,
394 _In_ ULONG HandleAttributes,
395 _Out_ PHANDLE TokenHandle);
396
397_Must_inspect_result_
398NTSYSAPI
399NTSTATUS
400NTAPI
401NtOpenJobObjectToken(
402 _In_ HANDLE JobHandle,
403 _In_ ACCESS_MASK DesiredAccess,
404 _Out_ PHANDLE TokenHandle);
405
406_Must_inspect_result_
407__kernel_entry
408NTSYSCALLAPI
409NTSTATUS
410NTAPI
411NtDuplicateToken(
412 _In_ HANDLE ExistingTokenHandle,
413 _In_ ACCESS_MASK DesiredAccess,
414 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
415 _In_ BOOLEAN EffectiveOnly,
416 _In_ TOKEN_TYPE TokenType,
417 _Out_ PHANDLE NewTokenHandle);
418
419_Must_inspect_result_
420__kernel_entry
421NTSYSCALLAPI
422NTSTATUS
423NTAPI
424NtFilterToken(
425 _In_ HANDLE ExistingTokenHandle,
426 _In_ ULONG Flags,
427 _In_opt_ PTOKEN_GROUPS SidsToDisable,
428 _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete,
429 _In_opt_ PTOKEN_GROUPS RestrictedSids,
430 _Out_ PHANDLE NewTokenHandle);
431
432_Must_inspect_result_
433__kernel_entry
434NTSYSCALLAPI
435NTSTATUS
436NTAPI
437NtImpersonateAnonymousToken(
438 _In_ HANDLE ThreadHandle);
439
440_Must_inspect_result_
441__kernel_entry
442NTSYSCALLAPI
443NTSTATUS
444NTAPI
445NtSetInformationToken(
446 _In_ HANDLE TokenHandle,
447 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
448 _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
449 _In_ ULONG TokenInformationLength);
450
451_Must_inspect_result_
452__kernel_entry
453NTSYSCALLAPI
454NTSTATUS
455NTAPI
456NtAdjustGroupsToken(
457 _In_ HANDLE TokenHandle,
458 _In_ BOOLEAN ResetToDefault,
459 _In_opt_ PTOKEN_GROUPS NewState,
460 _In_opt_ ULONG BufferLength,
461 _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState,
462 _Out_ PULONG ReturnLength);
463
464_Must_inspect_result_
465__kernel_entry
466NTSYSCALLAPI
467NTSTATUS
468NTAPI
469NtPrivilegeCheck(
470 _In_ HANDLE ClientToken,
471 _Inout_ PPRIVILEGE_SET RequiredPrivileges,
472 _Out_ PBOOLEAN Result);
473
474_Must_inspect_result_
475__kernel_entry
476NTSYSCALLAPI
477NTSTATUS
478NTAPI
479NtAccessCheckAndAuditAlarm(
480 _In_ PUNICODE_STRING SubsystemName,
481 _In_opt_ PVOID HandleId,
482 _In_ PUNICODE_STRING ObjectTypeName,
483 _In_ PUNICODE_STRING ObjectName,
484 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
485 _In_ ACCESS_MASK DesiredAccess,
486 _In_ PGENERIC_MAPPING GenericMapping,
487 _In_ BOOLEAN ObjectCreation,
488 _Out_ PACCESS_MASK GrantedAccess,
489 _Out_ PNTSTATUS AccessStatus,
490 _Out_ PBOOLEAN GenerateOnClose);
491
492_Must_inspect_result_
493__kernel_entry
494NTSYSCALLAPI
495NTSTATUS
496NTAPI
497NtAccessCheckByTypeAndAuditAlarm(
498 _In_ PUNICODE_STRING SubsystemName,
499 _In_opt_ PVOID HandleId,
500 _In_ PUNICODE_STRING ObjectTypeName,
501 _In_ PUNICODE_STRING ObjectName,
502 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
503 _In_opt_ PSID PrincipalSelfSid,
504 _In_ ACCESS_MASK DesiredAccess,
505 _In_ AUDIT_EVENT_TYPE AuditType,
506 _In_ ULONG Flags,
507 _In_reads_opt_(ObjectTypeLength) POBJECT_TYPE_LIST ObjectTypeList,
508 _In_ ULONG ObjectTypeLength,
509 _In_ PGENERIC_MAPPING GenericMapping,
510 _In_ BOOLEAN ObjectCreation,
511 _Out_ PACCESS_MASK GrantedAccess,
512 _Out_ PNTSTATUS AccessStatus,
513 _Out_ PBOOLEAN GenerateOnClose);
514
515_Must_inspect_result_
516__kernel_entry
517NTSYSCALLAPI
518NTSTATUS
519NTAPI
520NtAccessCheckByTypeResultListAndAuditAlarm(
521 _In_ PUNICODE_STRING SubsystemName,
522 _In_opt_ PVOID HandleId,
523 _In_ PUNICODE_STRING ObjectTypeName,
524 _In_ PUNICODE_STRING ObjectName,
525 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
526 _In_opt_ PSID PrincipalSelfSid,
527 _In_ ACCESS_MASK DesiredAccess,
528 _In_ AUDIT_EVENT_TYPE AuditType,
529 _In_ ULONG Flags,
530 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
531 _In_ ULONG ObjectTypeListLength,
532 _In_ PGENERIC_MAPPING GenericMapping,
533 _In_ BOOLEAN ObjectCreation,
534 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
535 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
536 _Out_ PBOOLEAN GenerateOnClose);
537
538_Must_inspect_result_
539__kernel_entry
540NTSYSCALLAPI
541NTSTATUS
542NTAPI
543NtAccessCheckByTypeResultListAndAuditAlarmByHandle(
544 _In_ PUNICODE_STRING SubsystemName,
545 _In_opt_ PVOID HandleId,
546 _In_ HANDLE ClientToken,
547 _In_ PUNICODE_STRING ObjectTypeName,
548 _In_ PUNICODE_STRING ObjectName,
549 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
550 _In_opt_ PSID PrincipalSelfSid,
551 _In_ ACCESS_MASK DesiredAccess,
552 _In_ AUDIT_EVENT_TYPE AuditType,
553 _In_ ULONG Flags,
554 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
555 _In_ ULONG ObjectTypeListLength,
556 _In_ PGENERIC_MAPPING GenericMapping,
557 _In_ BOOLEAN ObjectCreation,
558 _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess,
559 _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus,
560 _Out_ PBOOLEAN GenerateOnClose);
561
562__kernel_entry
563NTSYSCALLAPI
564NTSTATUS
565NTAPI
566NtOpenObjectAuditAlarm(
567 _In_ PUNICODE_STRING SubsystemName,
568 _In_opt_ PVOID HandleId,
569 _In_ PUNICODE_STRING ObjectTypeName,
570 _In_ PUNICODE_STRING ObjectName,
571 _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor,
572 _In_ HANDLE ClientToken,
573 _In_ ACCESS_MASK DesiredAccess,
574 _In_ ACCESS_MASK GrantedAccess,
575 _In_opt_ PPRIVILEGE_SET Privileges,
576 _In_ BOOLEAN ObjectCreation,
577 _In_ BOOLEAN AccessGranted,
578 _Out_ PBOOLEAN GenerateOnClose);
579
580__kernel_entry
581NTSYSCALLAPI
582NTSTATUS
583NTAPI
584NtPrivilegeObjectAuditAlarm(
585 _In_ PUNICODE_STRING SubsystemName,
586 _In_opt_ PVOID HandleId,
587 _In_ HANDLE ClientToken,
588 _In_ ACCESS_MASK DesiredAccess,
589 _In_ PPRIVILEGE_SET Privileges,
590 _In_ BOOLEAN AccessGranted);
591
592__kernel_entry
593NTSYSCALLAPI
594NTSTATUS
595NTAPI
596NtCloseObjectAuditAlarm(
597 _In_ PUNICODE_STRING SubsystemName,
598 _In_opt_ PVOID HandleId,
599 _In_ BOOLEAN GenerateOnClose);
600
601__kernel_entry
602NTSYSCALLAPI
603NTSTATUS
604NTAPI
605NtDeleteObjectAuditAlarm(
606 _In_ PUNICODE_STRING SubsystemName,
607 _In_opt_ PVOID HandleId,
608 _In_ BOOLEAN GenerateOnClose);
609
610__kernel_entry
611NTSYSCALLAPI
612NTSTATUS
613NTAPI
614NtPrivilegedServiceAuditAlarm(
615 _In_ PUNICODE_STRING SubsystemName,
616 _In_ PUNICODE_STRING ServiceName,
617 _In_ HANDLE ClientToken,
618 _In_ PPRIVILEGE_SET Privileges,
619 _In_ BOOLEAN AccessGranted);
620
621__kernel_entry
622NTSYSCALLAPI
623NTSTATUS
624NTAPI
625NtSetInformationThread(
626 _In_ HANDLE ThreadHandle,
627 _In_ THREADINFOCLASS ThreadInformationClass,
628 _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation,
629 _In_ ULONG ThreadInformationLength);
630
631_Must_inspect_result_
632__kernel_entry
633NTSYSCALLAPI
634NTSTATUS
635NTAPI
636NtCreateSection(
637 _Out_ PHANDLE SectionHandle,
638 _In_ ACCESS_MASK DesiredAccess,
639 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
640 _In_opt_ PLARGE_INTEGER MaximumSize,
641 _In_ ULONG SectionPageProtection,
642 _In_ ULONG AllocationAttributes,
643 _In_opt_ HANDLE FileHandle);
644
645#endif
646
647#define COMPRESSION_FORMAT_NONE (0x0000)
648#define COMPRESSION_FORMAT_DEFAULT (0x0001)
649#define COMPRESSION_FORMAT_LZNT1 (0x0002)
650#define COMPRESSION_ENGINE_STANDARD (0x0000)
651#define COMPRESSION_ENGINE_MAXIMUM (0x0100)
652#define COMPRESSION_ENGINE_HIBER (0x0200)
653
654#define MAX_UNICODE_STACK_BUFFER_LENGTH 256
655
656#define METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3))
657
658#define METHOD_DIRECT_TO_HARDWARE METHOD_IN_DIRECT
659#define METHOD_DIRECT_FROM_HARDWARE METHOD_OUT_DIRECT
660
661typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
662
663typedef enum _SECURITY_LOGON_TYPE {
664 UndefinedLogonType = 0,
665 Interactive = 2,
666 Network,
667 Batch,
668 Service,
669 Proxy,
670 Unlock,
671 NetworkCleartext,
672 NewCredentials,
673#if (_WIN32_WINNT >= 0x0501)
674 RemoteInteractive,
675 CachedInteractive,
676#endif
677#if (_WIN32_WINNT >= 0x0502)
678 CachedRemoteInteractive,
679 CachedUnlock
680#endif
681} SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
682
683#ifndef _NTLSA_AUDIT_
684#define _NTLSA_AUDIT_
685
686#ifndef GUID_DEFINED
687#include <guiddef.h>
688#endif
689
690#endif /* _NTLSA_AUDIT_ */
691
692_IRQL_requires_same_
693_IRQL_requires_max_(PASSIVE_LEVEL)
694NTSTATUS
695NTAPI
696LsaRegisterLogonProcess(
697 _In_ PLSA_STRING LogonProcessName,
698 _Out_ PHANDLE LsaHandle,
699 _Out_ PLSA_OPERATIONAL_MODE SecurityMode);
700
701_IRQL_requires_same_
702_IRQL_requires_max_(PASSIVE_LEVEL)
703NTSTATUS
704NTAPI
705LsaLogonUser(
706 _In_ HANDLE LsaHandle,
707 _In_ PLSA_STRING OriginName,
708 _In_ SECURITY_LOGON_TYPE LogonType,
709 _In_ ULONG AuthenticationPackage,
710 _In_reads_bytes_(AuthenticationInformationLength) PVOID AuthenticationInformation,
711 _In_ ULONG AuthenticationInformationLength,
712 _In_opt_ PTOKEN_GROUPS LocalGroups,
713 _In_ PTOKEN_SOURCE SourceContext,
714 _Out_ PVOID *ProfileBuffer,
715 _Out_ PULONG ProfileBufferLength,
716 _Inout_ PLUID LogonId,
717 _Out_ PHANDLE Token,
718 _Out_ PQUOTA_LIMITS Quotas,
719 _Out_ PNTSTATUS SubStatus);
720
721_IRQL_requires_same_
722NTSTATUS
723NTAPI
724LsaFreeReturnBuffer(
725 _In_ PVOID Buffer);
726
727#ifndef _NTLSA_IFS_
728#define _NTLSA_IFS_
729#endif
730
731#define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
732#define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
733#define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
734
735#define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
736#define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
737
738#define MSV1_0_CHALLENGE_LENGTH 8
739#define MSV1_0_USER_SESSION_KEY_LENGTH 16
740#define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
741
742#define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
743#define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
744#define MSV1_0_RETURN_USER_PARAMETERS 0x08
745#define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
746#define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
747#define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
748#define MSV1_0_USE_CLIENT_CHALLENGE 0x80
749#define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
750#define MSV1_0_RETURN_PROFILE_PATH 0x200
751#define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
752#define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
753
754#define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
755#define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
756
757#if (_WIN32_WINNT >= 0x0502)
758#define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
759#define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
760#endif
761
762#define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
763#define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
764
765#if (_WIN32_WINNT >= 0x0600)
766#define MSV1_0_S4U2SELF 0x00020000
767#define MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0x00040000
768#endif
769
770#define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
771#define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
772#define MSV1_0_MNS_LOGON 0x01000000
773
774#define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
775#define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
776
777#define LOGON_GUEST 0x01
778#define LOGON_NOENCRYPTION 0x02
779#define LOGON_CACHED_ACCOUNT 0x04
780#define LOGON_USED_LM_PASSWORD 0x08
781#define LOGON_EXTRA_SIDS 0x20
782#define LOGON_SUBAUTH_SESSION_KEY 0x40
783#define LOGON_SERVER_TRUST_ACCOUNT 0x80
784#define LOGON_NTLMV2_ENABLED 0x100
785#define LOGON_RESOURCE_GROUPS 0x200
786#define LOGON_PROFILE_PATH_RETURNED 0x400
787#define LOGON_NT_V2 0x800
788#define LOGON_LM_V2 0x1000
789#define LOGON_NTLM_V2 0x2000
790
791#if (_WIN32_WINNT >= 0x0600)
792
793#define LOGON_OPTIMIZED 0x4000
794#define LOGON_WINLOGON 0x8000
795#define LOGON_PKINIT 0x10000
796#define LOGON_NO_OPTIMIZED 0x20000
797
798#endif
799
800#define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
801
802#define LOGON_GRACE_LOGON 0x01000000
803
804#define MSV1_0_OWF_PASSWORD_LENGTH 16
805#define MSV1_0_CRED_LM_PRESENT 0x1
806#define MSV1_0_CRED_NT_PRESENT 0x2
807#define MSV1_0_CRED_VERSION 0
808
809#define MSV1_0_NTLM3_RESPONSE_LENGTH 16
810#define MSV1_0_NTLM3_OWF_LENGTH 16
811
812#if (_WIN32_WINNT == 0x0500)
813#define MSV1_0_MAX_NTLM3_LIFE 1800
814#else
815#define MSV1_0_MAX_NTLM3_LIFE 129600
816#endif
817#define MSV1_0_MAX_AVL_SIZE 64000
818
819#if (_WIN32_WINNT >= 0x0501)
820
821#define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
822
823#if (_WIN32_WINNT >= 0x0600)
824#define MSV1_0_AV_FLAG_MIC_HANDSHAKE_MESSAGES 0x00000002
825#endif
826
827#endif
828
829#define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
830
831#if(_WIN32_WINNT >= 0x0502)
832#define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
833#endif
834
835#define USE_PRIMARY_PASSWORD 0x01
836#define RETURN_PRIMARY_USERNAME 0x02
837#define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
838#define RETURN_NON_NT_USER_SESSION_KEY 0x08
839#define GENERATE_CLIENT_CHALLENGE 0x10
840#define GCR_NTLM3_PARMS 0x20
841#define GCR_TARGET_INFO 0x40
842#define RETURN_RESERVED_PARAMETER 0x80
843#define GCR_ALLOW_NTLM 0x100
844#define GCR_USE_OEM_SET 0x200
845#define GCR_MACHINE_CREDENTIAL 0x400
846#define GCR_USE_OWF_PASSWORD 0x800
847#define GCR_ALLOW_LM 0x1000
848#define GCR_ALLOW_NO_TARGET 0x2000
849
850typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
851 MsV1_0InteractiveLogon = 2,
852 MsV1_0Lm20Logon,
853 MsV1_0NetworkLogon,
854 MsV1_0SubAuthLogon,
855 MsV1_0WorkstationUnlockLogon = 7,
856 MsV1_0S4ULogon = 12,
857 MsV1_0VirtualLogon = 82
858} MSV1_0_LOGON_SUBMIT_TYPE, *PMSV1_0_LOGON_SUBMIT_TYPE;
859
860typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
861 MsV1_0InteractiveProfile = 2,
862 MsV1_0Lm20LogonProfile,
863 MsV1_0SmartCardProfile
864} MSV1_0_PROFILE_BUFFER_TYPE, *PMSV1_0_PROFILE_BUFFER_TYPE;
865
866typedef struct _MSV1_0_INTERACTIVE_LOGON {
867 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
868 UNICODE_STRING LogonDomainName;
869 UNICODE_STRING UserName;
870 UNICODE_STRING Password;
871} MSV1_0_INTERACTIVE_LOGON, *PMSV1_0_INTERACTIVE_LOGON;
872
873typedef struct _MSV1_0_INTERACTIVE_PROFILE {
874 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
875 USHORT LogonCount;
876 USHORT BadPasswordCount;
877 LARGE_INTEGER LogonTime;
878 LARGE_INTEGER LogoffTime;
879 LARGE_INTEGER KickOffTime;
880 LARGE_INTEGER PasswordLastSet;
881 LARGE_INTEGER PasswordCanChange;
882 LARGE_INTEGER PasswordMustChange;
883 UNICODE_STRING LogonScript;
884 UNICODE_STRING HomeDirectory;
885 UNICODE_STRING FullName;
886 UNICODE_STRING ProfilePath;
887 UNICODE_STRING HomeDirectoryDrive;
888 UNICODE_STRING LogonServer;
889 ULONG UserFlags;
890} MSV1_0_INTERACTIVE_PROFILE, *PMSV1_0_INTERACTIVE_PROFILE;
891
892typedef struct _MSV1_0_LM20_LOGON {
893 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
894 UNICODE_STRING LogonDomainName;
895 UNICODE_STRING UserName;
896 UNICODE_STRING Workstation;
897 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
898 STRING CaseSensitiveChallengeResponse;
899 STRING CaseInsensitiveChallengeResponse;
900 ULONG ParameterControl;
901} MSV1_0_LM20_LOGON, * PMSV1_0_LM20_LOGON;
902
903typedef struct _MSV1_0_SUBAUTH_LOGON {
904 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
905 UNICODE_STRING LogonDomainName;
906 UNICODE_STRING UserName;
907 UNICODE_STRING Workstation;
908 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
909 STRING AuthenticationInfo1;
910 STRING AuthenticationInfo2;
911 ULONG ParameterControl;
912 ULONG SubAuthPackageId;
913} MSV1_0_SUBAUTH_LOGON, * PMSV1_0_SUBAUTH_LOGON;
914
915#if (_WIN32_WINNT >= 0x0600)
916
917#define MSV1_0_S4U_LOGON_FLAG_CHECK_LOGONHOURS 0x2
918
919typedef struct _MSV1_0_S4U_LOGON {
920 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
921 ULONG Flags;
922 UNICODE_STRING UserPrincipalName;
923 UNICODE_STRING DomainName;
924} MSV1_0_S4U_LOGON, *PMSV1_0_S4U_LOGON;
925
926#endif
927
928typedef struct _MSV1_0_LM20_LOGON_PROFILE {
929 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
930 LARGE_INTEGER KickOffTime;
931 LARGE_INTEGER LogoffTime;
932 ULONG UserFlags;
933 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
934 UNICODE_STRING LogonDomainName;
935 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
936 UNICODE_STRING LogonServer;
937 UNICODE_STRING UserParameters;
938} MSV1_0_LM20_LOGON_PROFILE, * PMSV1_0_LM20_LOGON_PROFILE;
939
940typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
941 ULONG Version;
942 ULONG Flags;
943 UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
944 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
945} MSV1_0_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
946
947typedef struct _MSV1_0_NTLM3_RESPONSE {
948 UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
949 UCHAR RespType;
950 UCHAR HiRespType;
951 USHORT Flags;
952 ULONG MsgWord;
953 ULONGLONG TimeStamp;
954 UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
955 ULONG AvPairsOff;
956 UCHAR Buffer[1];
957} MSV1_0_NTLM3_RESPONSE, *PMSV1_0_NTLM3_RESPONSE;
958
959typedef enum _MSV1_0_AVID {
960 MsvAvEOL,
961 MsvAvNbComputerName,
962 MsvAvNbDomainName,
963 MsvAvDnsComputerName,
964 MsvAvDnsDomainName,
965#if (_WIN32_WINNT >= 0x0501)
966 MsvAvDnsTreeName,
967 MsvAvFlags,
968#if (_WIN32_WINNT >= 0x0600)
969 MsvAvTimestamp,
970 MsvAvRestrictions,
971 MsvAvTargetName,
972 MsvAvChannelBindings,
973#endif
974#endif
975} MSV1_0_AVID;
976
977typedef struct _MSV1_0_AV_PAIR {
978 USHORT AvId;
979 USHORT AvLen;
980} MSV1_0_AV_PAIR, *PMSV1_0_AV_PAIR;
981
982typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
983 MsV1_0Lm20ChallengeRequest = 0,
984 MsV1_0Lm20GetChallengeResponse,
985 MsV1_0EnumerateUsers,
986 MsV1_0GetUserInfo,
987 MsV1_0ReLogonUsers,
988 MsV1_0ChangePassword,
989 MsV1_0ChangeCachedPassword,
990 MsV1_0GenericPassthrough,
991 MsV1_0CacheLogon,
992 MsV1_0SubAuth,
993 MsV1_0DeriveCredential,
994 MsV1_0CacheLookup,
995#if (_WIN32_WINNT >= 0x0501)
996 MsV1_0SetProcessOption,
997#endif
998#if (_WIN32_WINNT >= 0x0600)
999 MsV1_0ConfigLocalAliases,
1000 MsV1_0ClearCachedCredentials,
1001#endif
1002} MSV1_0_PROTOCOL_MESSAGE_TYPE, *PMSV1_0_PROTOCOL_MESSAGE_TYPE;
1003
1004typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST {
1005 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1006} MSV1_0_LM20_CHALLENGE_REQUEST, *PMSV1_0_LM20_CHALLENGE_REQUEST;
1007
1008typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE {
1009 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1010 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1011} MSV1_0_LM20_CHALLENGE_RESPONSE, *PMSV1_0_LM20_CHALLENGE_RESPONSE;
1012
1013typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 {
1014 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1015 ULONG ParameterControl;
1016 LUID LogonId;
1017 UNICODE_STRING Password;
1018 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1019} MSV1_0_GETCHALLENRESP_REQUEST_V1, *PMSV1_0_GETCHALLENRESP_REQUEST_V1;
1020
1021typedef struct _MSV1_0_GETCHALLENRESP_REQUEST {
1022 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1023 ULONG ParameterControl;
1024 LUID LogonId;
1025 UNICODE_STRING Password;
1026 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
1027 UNICODE_STRING UserName;
1028 UNICODE_STRING LogonDomainName;
1029 UNICODE_STRING ServerName;
1030} MSV1_0_GETCHALLENRESP_REQUEST, *PMSV1_0_GETCHALLENRESP_REQUEST;
1031
1032typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE {
1033 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1034 STRING CaseSensitiveChallengeResponse;
1035 STRING CaseInsensitiveChallengeResponse;
1036 UNICODE_STRING UserName;
1037 UNICODE_STRING LogonDomainName;
1038 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
1039 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
1040} MSV1_0_GETCHALLENRESP_RESPONSE, *PMSV1_0_GETCHALLENRESP_RESPONSE;
1041
1042typedef struct _MSV1_0_ENUMUSERS_REQUEST {
1043 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1044} MSV1_0_ENUMUSERS_REQUEST, *PMSV1_0_ENUMUSERS_REQUEST;
1045
1046typedef struct _MSV1_0_ENUMUSERS_RESPONSE {
1047 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1048 ULONG NumberOfLoggedOnUsers;
1049 PLUID LogonIds;
1050 PULONG EnumHandles;
1051} MSV1_0_ENUMUSERS_RESPONSE, *PMSV1_0_ENUMUSERS_RESPONSE;
1052
1053typedef struct _MSV1_0_GETUSERINFO_REQUEST {
1054 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1055 LUID LogonId;
1056} MSV1_0_GETUSERINFO_REQUEST, *PMSV1_0_GETUSERINFO_REQUEST;
1057
1058typedef struct _MSV1_0_GETUSERINFO_RESPONSE {
1059 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1060 PSID UserSid;
1061 UNICODE_STRING UserName;
1062 UNICODE_STRING LogonDomainName;
1063 UNICODE_STRING LogonServer;
1064 SECURITY_LOGON_TYPE LogonType;
1065} MSV1_0_GETUSERINFO_RESPONSE, *PMSV1_0_GETUSERINFO_RESPONSE;
1066
1067$include (iotypes.h)
1068
1069typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
1070 ULONG Attributes;
1071 ACCESS_MASK GrantedAccess;
1072 ULONG HandleCount;
1073 ULONG PointerCount;
1074 ULONG Reserved[10];
1075} PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;
1076
1077typedef struct _PUBLIC_OBJECT_TYPE_INFORMATION {
1078 UNICODE_STRING TypeName;
1079 ULONG Reserved [22];
1080} PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;
1081
1082#define SYSTEM_PAGE_PRIORITY_BITS 3
1083#define SYSTEM_PAGE_PRIORITY_LEVELS (1 << SYSTEM_PAGE_PRIORITY_BITS)
1084
1085$include (ketypes.h)
1086$include (kefuncs.h)
1087$include (extypes.h)
1088$include (exfuncs.h)
1089$include (sefuncs.h)
1090$include (psfuncs.h)
1091$include (iofuncs.h)
1092$include (potypes.h)
1093$include (pofuncs.h)
1094$include (mmtypes.h)
1095$include (mmfuncs.h)
1096$include (obfuncs.h)
1097$include (fsrtltypes.h)
1098$include (fsrtlfuncs.h)
1099$include (cctypes.h)
1100$include (ccfuncs.h)
1101$include (zwfuncs.h)
1102$include (sspi.h)
1103
1104/* #if !defined(_X86AMD64_) FIXME : WHAT ?! */
1105#if defined(_WIN64)
1106C_ASSERT(sizeof(ERESOURCE) == 0x68);
1107C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x18);
1108C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x1a);
1109#else
1110C_ASSERT(sizeof(ERESOURCE) == 0x38);
1111C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x0c);
1112C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x0e);
1113#endif
1114/* #endif */
1115
1116#if defined(_IA64_)
1117#if (NTDDI_VERSION >= NTDDI_WIN2K)
1118//DECLSPEC_DEPRECATED_DDK
1119NTHALAPI
1120ULONG
1121NTAPI
1122HalGetDmaAlignmentRequirement(
1123 VOID);
1124#endif
1125#endif
1126
1127#if defined(_M_IX86) || defined(_M_AMD64)
1128#define HalGetDmaAlignmentRequirement() 1L
1129#endif
1130
1131#ifdef _NTSYSTEM_
1132extern PUSHORT NlsOemLeadByteInfo;
1133#define NLS_OEM_LEAD_BYTE_INFO NlsOemLeadByteInfo
1134#else
1135__CREATE_NTOS_DATA_IMPORT_ALIAS(NlsOemLeadByteInfo)
1136extern PUSHORT *NlsOemLeadByteInfo;
1137#define NLS_OEM_LEAD_BYTE_INFO (*NlsOemLeadByteInfo)
1138#endif
1139
1140#if (NTDDI_VERSION >= NTDDI_VISTA)
1141
1142typedef enum _NETWORK_OPEN_LOCATION_QUALIFIER {
1143 NetworkOpenLocationAny,
1144 NetworkOpenLocationRemote,
1145 NetworkOpenLocationLoopback
1146} NETWORK_OPEN_LOCATION_QUALIFIER;
1147
1148typedef enum _NETWORK_OPEN_INTEGRITY_QUALIFIER {
1149 NetworkOpenIntegrityAny,
1150 NetworkOpenIntegrityNone,
1151 NetworkOpenIntegritySigned,
1152 NetworkOpenIntegrityEncrypted,
1153 NetworkOpenIntegrityMaximum
1154} NETWORK_OPEN_INTEGRITY_QUALIFIER;
1155
1156#if (NTDDI_VERSION >= NTDDI_WIN7)
1157
1158#define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_COLLAPSING 0x1
1159#define NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_DURABILITY 0x2
1160#define NETWORK_OPEN_ECP_IN_FLAG_FORCE_BUFFERED_SYNCHRONOUS_IO_HACK 0x80000000
1161
1162typedef struct _NETWORK_OPEN_ECP_CONTEXT {
1163 USHORT Size;
1164 USHORT Reserved;
1165 _ANONYMOUS_STRUCT struct {
1166 struct {
1167 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1168 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1169 ULONG Flags;
1170 } in;
1171 struct {
1172 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1173 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1174 ULONG Flags;
1175 } out;
1176 } DUMMYSTRUCTNAME;
1177} NETWORK_OPEN_ECP_CONTEXT, *PNETWORK_OPEN_ECP_CONTEXT;
1178
1179typedef struct _NETWORK_OPEN_ECP_CONTEXT_V0 {
1180 USHORT Size;
1181 USHORT Reserved;
1182 _ANONYMOUS_STRUCT struct {
1183 struct {
1184 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1185 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1186 } in;
1187 struct {
1188 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1189 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1190 } out;
1191 } DUMMYSTRUCTNAME;
1192} NETWORK_OPEN_ECP_CONTEXT_V0, *PNETWORK_OPEN_ECP_CONTEXT_V0;
1193
1194#elif (NTDDI_VERSION >= NTDDI_VISTA)
1195typedef struct _NETWORK_OPEN_ECP_CONTEXT {
1196 USHORT Size;
1197 USHORT Reserved;
1198 _ANONYMOUS_STRUCT struct {
1199 struct {
1200 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1201 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1202 } in;
1203 struct {
1204 NETWORK_OPEN_LOCATION_QUALIFIER Location;
1205 NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity;
1206 } out;
1207 } DUMMYSTRUCTNAME;
1208} NETWORK_OPEN_ECP_CONTEXT, *PNETWORK_OPEN_ECP_CONTEXT;
1209#endif
1210
1211DEFINE_GUID(GUID_ECP_NETWORK_OPEN_CONTEXT, 0xc584edbf, 0x00df, 0x4d28, 0xb8, 0x84, 0x35, 0xba, 0xca, 0x89, 0x11, 0xe8);
1212
1213#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1214
1215
1216#if (NTDDI_VERSION >= NTDDI_VISTA)
1217
1218typedef struct _PREFETCH_OPEN_ECP_CONTEXT {
1219 PVOID Context;
1220} PREFETCH_OPEN_ECP_CONTEXT, *PPREFETCH_OPEN_ECP_CONTEXT;
1221
1222DEFINE_GUID(GUID_ECP_PREFETCH_OPEN, 0xe1777b21, 0x847e, 0x4837, 0xaa, 0x45, 0x64, 0x16, 0x1d, 0x28, 0x6, 0x55);
1223
1224#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1225
1226#if (NTDDI_VERSION >= NTDDI_WIN7)
1227
1228DEFINE_GUID (GUID_ECP_NFS_OPEN, 0xf326d30c, 0xe5f8, 0x4fe7, 0xab, 0x74, 0xf5, 0xa3, 0x19, 0x6d, 0x92, 0xdb);
1229DEFINE_GUID (GUID_ECP_SRV_OPEN, 0xbebfaebc, 0xaabf, 0x489d, 0x9d, 0x2c, 0xe9, 0xe3, 0x61, 0x10, 0x28, 0x53);
1230
1231typedef struct sockaddr_storage *PSOCKADDR_STORAGE_NFS;
1232
1233typedef struct _NFS_OPEN_ECP_CONTEXT {
1234 PUNICODE_STRING ExportAlias;
1235 PSOCKADDR_STORAGE_NFS ClientSocketAddress;
1236} NFS_OPEN_ECP_CONTEXT, *PNFS_OPEN_ECP_CONTEXT, **PPNFS_OPEN_ECP_CONTEXT;
1237
1238typedef struct _SRV_OPEN_ECP_CONTEXT {
1239 PUNICODE_STRING ShareName;
1240 PSOCKADDR_STORAGE_NFS SocketAddress;
1241 BOOLEAN OplockBlockState;
1242 BOOLEAN OplockAppState;
1243 BOOLEAN OplockFinalState;
1244} SRV_OPEN_ECP_CONTEXT, *PSRV_OPEN_ECP_CONTEXT;
1245
1246#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
1247
1248#define PIN_WAIT (1)
1249#define PIN_EXCLUSIVE (2)
1250#define PIN_NO_READ (4)
1251#define PIN_IF_BCB (8)
1252#define PIN_CALLER_TRACKS_DIRTY_DATA (32)
1253#define PIN_HIGH_PRIORITY (64)
1254
1255#define MAP_WAIT 1
1256#define MAP_NO_READ (16)
1257#define MAP_HIGH_PRIORITY (64)
1258
1259#define IOCTL_REDIR_QUERY_PATH CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 99, METHOD_NEITHER, FILE_ANY_ACCESS)
1260#define IOCTL_REDIR_QUERY_PATH_EX CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 100, METHOD_NEITHER, FILE_ANY_ACCESS)
1261
1262typedef struct _QUERY_PATH_REQUEST {
1263 ULONG PathNameLength;
1264 PIO_SECURITY_CONTEXT SecurityContext;
1265 WCHAR FilePathName[1];
1266} QUERY_PATH_REQUEST, *PQUERY_PATH_REQUEST;
1267
1268typedef struct _QUERY_PATH_REQUEST_EX {
1269 PIO_SECURITY_CONTEXT pSecurityContext;
1270 ULONG EaLength;
1271 PVOID pEaBuffer;
1272 UNICODE_STRING PathName;
1273 UNICODE_STRING DomainServiceName;
1274 ULONG_PTR Reserved[ 3 ];
1275} QUERY_PATH_REQUEST_EX, *PQUERY_PATH_REQUEST_EX;
1276
1277typedef struct _QUERY_PATH_RESPONSE {
1278 ULONG LengthAccepted;
1279} QUERY_PATH_RESPONSE, *PQUERY_PATH_RESPONSE;
1280
1281#define VOLSNAPCONTROLTYPE 0x00000053
1282#define IOCTL_VOLSNAP_FLUSH_AND_HOLD_WRITES CTL_CODE(VOLSNAPCONTROLTYPE, 0, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS)
1283
1284/* FIXME : These definitions below don't belong here (or anywhere in ddk really) */
1285#ifndef VER_PRODUCTBUILD
1286#define VER_PRODUCTBUILD 10000
1287#endif
1288
1289#include "csq.h"
1290
1291#define FS_LFN_APIS 0x00004000
1292
1293#define FILE_STORAGE_TYPE_SPECIFIED 0x00000041 /* FILE_DIRECTORY_FILE | FILE_NON_DIRECTORY_FILE */
1294#define FILE_STORAGE_TYPE_DEFAULT (StorageTypeDefault << FILE_STORAGE_TYPE_SHIFT)
1295#define FILE_STORAGE_TYPE_DIRECTORY (StorageTypeDirectory << FILE_STORAGE_TYPE_SHIFT)
1296#define FILE_STORAGE_TYPE_FILE (StorageTypeFile << FILE_STORAGE_TYPE_SHIFT)
1297#define FILE_STORAGE_TYPE_DOCFILE (StorageTypeDocfile << FILE_STORAGE_TYPE_SHIFT)
1298#define FILE_STORAGE_TYPE_JUNCTION_POINT (StorageTypeJunctionPoint << FILE_STORAGE_TYPE_SHIFT)
1299#define FILE_STORAGE_TYPE_CATALOG (StorageTypeCatalog << FILE_STORAGE_TYPE_SHIFT)
1300#define FILE_STORAGE_TYPE_STRUCTURED_STORAGE (StorageTypeStructuredStorage << FILE_STORAGE_TYPE_SHIFT)
1301#define FILE_STORAGE_TYPE_EMBEDDING (StorageTypeEmbedding << FILE_STORAGE_TYPE_SHIFT)
1302#define FILE_STORAGE_TYPE_STREAM (StorageTypeStream << FILE_STORAGE_TYPE_SHIFT)
1303#define FILE_MINIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_DEFAULT
1304#define FILE_MAXIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_STREAM
1305#define FILE_STORAGE_TYPE_MASK 0x000f0000
1306#define FILE_STORAGE_TYPE_SHIFT 16
1307
1308#define FILE_VC_QUOTAS_LOG_VIOLATIONS 0x00000004
1309
1310#ifdef _X86_
1311#define HARDWARE_PTE HARDWARE_PTE_X86
1312#define PHARDWARE_PTE PHARDWARE_PTE_X86
1313#endif
1314
1315#define IO_ATTACH_DEVICE_API 0x80000000
1316
1317#define IO_TYPE_APC 18
1318#define IO_TYPE_DPC 19
1319#define IO_TYPE_DEVICE_QUEUE 20
1320#define IO_TYPE_EVENT_PAIR 21
1321#define IO_TYPE_INTERRUPT 22
1322#define IO_TYPE_PROFILE 23
1323
1324#define IRP_BEING_VERIFIED 0x10
1325
1326#define MAILSLOT_CLASS_FIRSTCLASS 1
1327#define MAILSLOT_CLASS_SECONDCLASS 2
1328
1329#define MAILSLOT_SIZE_AUTO 0
1330
1331#define MEM_DOS_LIM 0x40000000
1332
1333#define OB_TYPE_TYPE 1
1334#define OB_TYPE_DIRECTORY 2
1335#define OB_TYPE_SYMBOLIC_LINK 3
1336#define OB_TYPE_TOKEN 4
1337#define OB_TYPE_PROCESS 5
1338#define OB_TYPE_THREAD 6
1339#define OB_TYPE_EVENT 7
1340#define OB_TYPE_EVENT_PAIR 8
1341#define OB_TYPE_MUTANT 9
1342#define OB_TYPE_SEMAPHORE 10
1343#define OB_TYPE_TIMER 11
1344#define OB_TYPE_PROFILE 12
1345#define OB_TYPE_WINDOW_STATION 13
1346#define OB_TYPE_DESKTOP 14
1347#define OB_TYPE_SECTION 15
1348#define OB_TYPE_KEY 16
1349#define OB_TYPE_PORT 17
1350#define OB_TYPE_ADAPTER 18
1351#define OB_TYPE_CONTROLLER 19
1352#define OB_TYPE_DEVICE 20
1353#define OB_TYPE_DRIVER 21
1354#define OB_TYPE_IO_COMPLETION 22
1355#define OB_TYPE_FILE 23
1356
1357#define SEC_BASED 0x00200000
1358
1359/* end winnt.h */
1360
1361#if (VER_PRODUCTBUILD >= 1381)
1362#define FSCTL_GET_HFS_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, FILE_ANY_ACCESS)
1363#endif /* (VER_PRODUCTBUILD >= 1381) */
1364
1365#if (VER_PRODUCTBUILD >= 2195)
1366
1367#define FSCTL_READ_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 33, METHOD_NEITHER, FILE_ANY_ACCESS)
1368#define FSCTL_WRITE_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 34, METHOD_NEITHER, FILE_ANY_ACCESS)
1369
1370#define FSCTL_DUMP_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 37, METHOD_NEITHER, FILE_ANY_ACCESS)
1371
1372#define FSCTL_HSM_MSG CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 66, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA)
1373#define FSCTL_NSS_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 67, METHOD_BUFFERED, FILE_WRITE_DATA)
1374#define FSCTL_HSM_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 68, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA)
1375#define FSCTL_NSS_RCONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 70, METHOD_BUFFERED, FILE_READ_DATA)
1376#endif /* (VER_PRODUCTBUILD >= 2195) */
1377
1378#define FSCTL_NETWORK_SET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 102, METHOD_IN_DIRECT, FILE_ANY_ACCESS)
1379#define FSCTL_NETWORK_GET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 103, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)
1380#define FSCTL_NETWORK_GET_CONNECTION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 104, METHOD_NEITHER, FILE_ANY_ACCESS)
1381#define FSCTL_NETWORK_ENUMERATE_CONNECTIONS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 105, METHOD_NEITHER, FILE_ANY_ACCESS)
1382#define FSCTL_NETWORK_DELETE_CONNECTION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 107, METHOD_BUFFERED, FILE_ANY_ACCESS)
1383#define FSCTL_NETWORK_GET_STATISTICS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 116, METHOD_BUFFERED, FILE_ANY_ACCESS)
1384#define FSCTL_NETWORK_SET_DOMAIN_NAME CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_ANY_ACCESS)
1385#define FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 250, METHOD_BUFFERED, FILE_ANY_ACCESS)
1386
1387typedef enum _FILE_STORAGE_TYPE {
1388 StorageTypeDefault = 1,
1389 StorageTypeDirectory,
1390 StorageTypeFile,
1391 StorageTypeJunctionPoint,
1392 StorageTypeCatalog,
1393 StorageTypeStructuredStorage,
1394 StorageTypeEmbedding,
1395 StorageTypeStream
1396} FILE_STORAGE_TYPE;
1397
1398typedef struct _OBJECT_BASIC_INFORMATION
1399{
1400 ULONG Attributes;
1401 ACCESS_MASK GrantedAccess;
1402 ULONG HandleCount;
1403 ULONG PointerCount;
1404 ULONG PagedPoolCharge;
1405 ULONG NonPagedPoolCharge;
1406 ULONG Reserved[ 3 ];
1407 ULONG NameInfoSize;
1408 ULONG TypeInfoSize;
1409 ULONG SecurityDescriptorSize;
1410 LARGE_INTEGER CreationTime;
1411} OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
1412
1413typedef struct _FILE_COPY_ON_WRITE_INFORMATION {
1414 BOOLEAN ReplaceIfExists;
1415 HANDLE RootDirectory;
1416 ULONG FileNameLength;
1417 WCHAR FileName[1];
1418} FILE_COPY_ON_WRITE_INFORMATION, *PFILE_COPY_ON_WRITE_INFORMATION;
1419
1420typedef struct _FILE_FULL_DIRECTORY_INFORMATION {
1421 ULONG NextEntryOffset;
1422 ULONG FileIndex;
1423 LARGE_INTEGER CreationTime;
1424 LARGE_INTEGER LastAccessTime;
1425 LARGE_INTEGER LastWriteTime;
1426 LARGE_INTEGER ChangeTime;
1427 LARGE_INTEGER EndOfFile;
1428 LARGE_INTEGER AllocationSize;
1429 ULONG FileAttributes;
1430 ULONG FileNameLength;
1431 ULONG EaSize;
1432 WCHAR FileName[ANYSIZE_ARRAY];
1433} FILE_FULL_DIRECTORY_INFORMATION, *PFILE_FULL_DIRECTORY_INFORMATION;
1434
1435/* raw internal file lock struct returned from FsRtlGetNextFileLock */
1436typedef struct _FILE_SHARED_LOCK_ENTRY {
1437 PVOID Unknown1;
1438 PVOID Unknown2;
1439 FILE_LOCK_INFO FileLock;
1440} FILE_SHARED_LOCK_ENTRY, *PFILE_SHARED_LOCK_ENTRY;
1441
1442/* raw internal file lock struct returned from FsRtlGetNextFileLock */
1443typedef struct _FILE_EXCLUSIVE_LOCK_ENTRY {
1444 LIST_ENTRY ListEntry;
1445 PVOID Unknown1;
1446 PVOID Unknown2;
1447 FILE_LOCK_INFO FileLock;
1448} FILE_EXCLUSIVE_LOCK_ENTRY, *PFILE_EXCLUSIVE_LOCK_ENTRY;
1449
1450typedef struct _FILE_MAILSLOT_PEEK_BUFFER {
1451 ULONG ReadDataAvailable;
1452 ULONG NumberOfMessages;
1453 ULONG MessageLength;
1454} FILE_MAILSLOT_PEEK_BUFFER, *PFILE_MAILSLOT_PEEK_BUFFER;
1455
1456typedef struct _FILE_OLE_CLASSID_INFORMATION {
1457 GUID ClassId;
1458} FILE_OLE_CLASSID_INFORMATION, *PFILE_OLE_CLASSID_INFORMATION;
1459
1460typedef struct _FILE_OLE_ALL_INFORMATION {
1461 FILE_BASIC_INFORMATION BasicInformation;
1462 FILE_STANDARD_INFORMATION StandardInformation;
1463 FILE_INTERNAL_INFORMATION InternalInformation;
1464 FILE_EA_INFORMATION EaInformation;
1465 FILE_ACCESS_INFORMATION AccessInformation;
1466 FILE_POSITION_INFORMATION PositionInformation;
1467 FILE_MODE_INFORMATION ModeInformation;
1468 FILE_ALIGNMENT_INFORMATION AlignmentInformation;
1469 USN LastChangeUsn;
1470 USN ReplicationUsn;
1471 LARGE_INTEGER SecurityChangeTime;
1472 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
1473 FILE_OBJECTID_INFORMATION ObjectIdInformation;
1474 FILE_STORAGE_TYPE StorageType;
1475 ULONG OleStateBits;
1476 ULONG OleId;
1477 ULONG NumberOfStreamReferences;
1478 ULONG StreamIndex;
1479 ULONG SecurityId;
1480 BOOLEAN ContentIndexDisable;
1481 BOOLEAN InheritContentIndexDisable;
1482 FILE_NAME_INFORMATION NameInformation;
1483} FILE_OLE_ALL_INFORMATION, *PFILE_OLE_ALL_INFORMATION;
1484
1485typedef struct _FILE_OLE_DIR_INFORMATION {
1486 ULONG NextEntryOffset;
1487 ULONG FileIndex;
1488 LARGE_INTEGER CreationTime;
1489 LARGE_INTEGER LastAccessTime;
1490 LARGE_INTEGER LastWriteTime;
1491 LARGE_INTEGER ChangeTime;
1492 LARGE_INTEGER EndOfFile;
1493 LARGE_INTEGER AllocationSize;
1494 ULONG FileAttributes;
1495 ULONG FileNameLength;
1496 FILE_STORAGE_TYPE StorageType;
1497 GUID OleClassId;
1498 ULONG OleStateBits;
1499 BOOLEAN ContentIndexDisable;
1500 BOOLEAN InheritContentIndexDisable;
1501 WCHAR FileName[1];
1502} FILE_OLE_DIR_INFORMATION, *PFILE_OLE_DIR_INFORMATION;
1503
1504typedef struct _FILE_OLE_INFORMATION {
1505 LARGE_INTEGER SecurityChangeTime;
1506 FILE_OLE_CLASSID_INFORMATION OleClassIdInformation;
1507 FILE_OBJECTID_INFORMATION ObjectIdInformation;
1508 FILE_STORAGE_TYPE StorageType;
1509 ULONG OleStateBits;
1510 BOOLEAN ContentIndexDisable;
1511 BOOLEAN InheritContentIndexDisable;
1512} FILE_OLE_INFORMATION, *PFILE_OLE_INFORMATION;
1513
1514typedef struct _FILE_OLE_STATE_BITS_INFORMATION {
1515 ULONG StateBits;
1516 ULONG StateBitsMask;
1517} FILE_OLE_STATE_BITS_INFORMATION, *PFILE_OLE_STATE_BITS_INFORMATION;
1518
1519typedef struct _MAPPING_PAIR {
1520 ULONGLONG Vcn;
1521 ULONGLONG Lcn;
1522} MAPPING_PAIR, *PMAPPING_PAIR;
1523
1524typedef struct _GET_RETRIEVAL_DESCRIPTOR {
1525 ULONG NumberOfPairs;
1526 ULONGLONG StartVcn;
1527 MAPPING_PAIR Pair[1];
1528} GET_RETRIEVAL_DESCRIPTOR, *PGET_RETRIEVAL_DESCRIPTOR;
1529
1530typedef struct _MOVEFILE_DESCRIPTOR {
1531 HANDLE FileHandle;
1532 ULONG Reserved;
1533 LARGE_INTEGER StartVcn;
1534 LARGE_INTEGER TargetLcn;
1535 ULONG NumVcns;
1536 ULONG Reserved1;
1537} MOVEFILE_DESCRIPTOR, *PMOVEFILE_DESCRIPTOR;
1538
1539typedef struct _OBJECT_BASIC_INFO {
1540 ULONG Attributes;
1541 ACCESS_MASK GrantedAccess;
1542 ULONG HandleCount;
1543 ULONG ReferenceCount;
1544 ULONG PagedPoolUsage;
1545 ULONG NonPagedPoolUsage;
1546 ULONG Reserved[3];
1547 ULONG NameInformationLength;
1548 ULONG TypeInformationLength;
1549 ULONG SecurityDescriptorLength;
1550 LARGE_INTEGER CreateTime;
1551} OBJECT_BASIC_INFO, *POBJECT_BASIC_INFO;
1552
1553typedef struct _OBJECT_HANDLE_ATTRIBUTE_INFO {
1554 BOOLEAN Inherit;
1555 BOOLEAN ProtectFromClose;
1556} OBJECT_HANDLE_ATTRIBUTE_INFO, *POBJECT_HANDLE_ATTRIBUTE_INFO;
1557
1558typedef struct _OBJECT_NAME_INFO {
1559 UNICODE_STRING ObjectName;
1560 WCHAR ObjectNameBuffer[1];
1561} OBJECT_NAME_INFO, *POBJECT_NAME_INFO;
1562
1563typedef struct _OBJECT_PROTECTION_INFO {
1564 BOOLEAN Inherit;
1565 BOOLEAN ProtectHandle;
1566} OBJECT_PROTECTION_INFO, *POBJECT_PROTECTION_INFO;
1567
1568typedef struct _OBJECT_TYPE_INFO {
1569 UNICODE_STRING ObjectTypeName;
1570 UCHAR Unknown[0x58];
1571 WCHAR ObjectTypeNameBuffer[1];
1572} OBJECT_TYPE_INFO, *POBJECT_TYPE_INFO;
1573
1574typedef struct _OBJECT_ALL_TYPES_INFO {
1575 ULONG NumberOfObjectTypes;
1576 OBJECT_TYPE_INFO ObjectsTypeInfo[1];
1577} OBJECT_ALL_TYPES_INFO, *POBJECT_ALL_TYPES_INFO;
1578
1579#if defined(USE_LPC6432)
1580#define LPC_CLIENT_ID CLIENT_ID64
1581#define LPC_SIZE_T ULONGLONG
1582#define LPC_PVOID ULONGLONG
1583#define LPC_HANDLE ULONGLONG
1584#else
1585#define LPC_CLIENT_ID CLIENT_ID
1586#define LPC_SIZE_T SIZE_T
1587#define LPC_PVOID PVOID
1588#define LPC_HANDLE HANDLE
1589#endif
1590
1591typedef struct _PORT_MESSAGE
1592{
1593 union
1594 {
1595 struct
1596 {
1597 CSHORT DataLength;
1598 CSHORT TotalLength;
1599 } s1;
1600 ULONG Length;
1601 } u1;
1602 union
1603 {
1604 struct
1605 {
1606 CSHORT Type;
1607 CSHORT DataInfoOffset;
1608 } s2;
1609 ULONG ZeroInit;
1610 } u2;
1611 __GNU_EXTENSION union
1612 {
1613 LPC_CLIENT_ID ClientId;
1614 double DoNotUseThisField;
1615 };
1616 ULONG MessageId;
1617 __GNU_EXTENSION union
1618 {
1619 LPC_SIZE_T ClientViewSize;
1620 ULONG CallbackId;
1621 };
1622} PORT_MESSAGE, *PPORT_MESSAGE;
1623
1624#define LPC_KERNELMODE_MESSAGE (CSHORT)((USHORT)0x8000)
1625
1626typedef struct _PORT_VIEW
1627{
1628 ULONG Length;
1629 LPC_HANDLE SectionHandle;
1630 ULONG SectionOffset;
1631 LPC_SIZE_T ViewSize;
1632 LPC_PVOID ViewBase;
1633 LPC_PVOID ViewRemoteBase;
1634} PORT_VIEW, *PPORT_VIEW;
1635
1636typedef struct _REMOTE_PORT_VIEW
1637{
1638 ULONG Length;
1639 LPC_SIZE_T ViewSize;
1640 LPC_PVOID ViewBase;
1641} REMOTE_PORT_VIEW, *PREMOTE_PORT_VIEW;
1642
1643typedef struct _VAD_HEADER {
1644 PVOID StartVPN;
1645 PVOID EndVPN;
1646 struct _VAD_HEADER* ParentLink;
1647 struct _VAD_HEADER* LeftLink;
1648 struct _VAD_HEADER* RightLink;
1649 ULONG Flags; /* LSB = CommitCharge */
1650 PVOID ControlArea;
1651 PVOID FirstProtoPte;
1652 PVOID LastPTE;
1653 ULONG Unknown;
1654 LIST_ENTRY Secured;
1655} VAD_HEADER, *PVAD_HEADER;
1656
1657NTKERNELAPI
1658LARGE_INTEGER
1659NTAPI
1660CcGetLsnForFileObject (
1661 _In_ PFILE_OBJECT FileObject,
1662 _Out_opt_ PLARGE_INTEGER OldestLsn
1663);
1664
1665NTKERNELAPI
1666PVOID
1667NTAPI
1668FsRtlAllocatePool (
1669 _In_ POOL_TYPE PoolType,
1670 _In_ ULONG NumberOfBytes
1671);
1672
1673NTKERNELAPI
1674PVOID
1675NTAPI
1676FsRtlAllocatePoolWithQuota (
1677 _In_ POOL_TYPE PoolType,
1678 _In_ ULONG NumberOfBytes
1679);
1680
1681NTKERNELAPI
1682PVOID
1683NTAPI
1684FsRtlAllocatePoolWithQuotaTag (
1685 _In_ POOL_TYPE PoolType,
1686 _In_ ULONG NumberOfBytes,
1687 _In_ ULONG Tag
1688);
1689
1690NTKERNELAPI
1691PVOID
1692NTAPI
1693FsRtlAllocatePoolWithTag (
1694 _In_ POOL_TYPE PoolType,
1695 _In_ ULONG NumberOfBytes,
1696 _In_ ULONG Tag
1697);
1698
1699NTKERNELAPI
1700BOOLEAN
1701NTAPI
1702FsRtlMdlReadComplete (
1703 _In_ PFILE_OBJECT FileObject,
1704 _In_ PMDL MdlChain
1705);
1706
1707NTKERNELAPI
1708BOOLEAN
1709NTAPI
1710FsRtlMdlWriteComplete (
1711 _In_ PFILE_OBJECT FileObject,
1712 _In_ PLARGE_INTEGER FileOffset,
1713 _In_ PMDL MdlChain
1714);
1715
1716NTKERNELAPI
1717VOID
1718NTAPI
1719FsRtlNotifyChangeDirectory (
1720 _In_ PNOTIFY_SYNC NotifySync,
1721 _In_ PVOID FsContext,
1722 _In_ PSTRING FullDirectoryName,
1723 _In_ PLIST_ENTRY NotifyList,
1724 _In_ BOOLEAN WatchTree,
1725 _In_ ULONG CompletionFilter,
1726 _In_ PIRP NotifyIrp
1727);
1728
1729#if 1
1730NTKERNELAPI
1731NTSTATUS
1732NTAPI
1733ObCreateObject(
1734 _In_opt_ KPROCESSOR_MODE ObjectAttributesAccessMode,
1735 _In_ POBJECT_TYPE ObjectType,
1736 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
1737 _In_ KPROCESSOR_MODE AccessMode,
1738 _Inout_opt_ PVOID ParseContext,
1739 _In_ ULONG ObjectSize,
1740 _In_opt_ ULONG PagedPoolCharge,
1741 _In_opt_ ULONG NonPagedPoolCharge,
1742 _Out_ PVOID *Object
1743);
1744
1745NTKERNELAPI
1746NTSTATUS
1747NTAPI
1748ObReferenceObjectByName (
1749 _In_ PUNICODE_STRING ObjectName,
1750 _In_ ULONG Attributes,
1751 _In_opt_ PACCESS_STATE PassedAccessState,
1752 _In_opt_ ACCESS_MASK DesiredAccess,
1753 _In_ POBJECT_TYPE ObjectType,
1754 _In_ KPROCESSOR_MODE AccessMode,
1755 _Inout_opt_ PVOID ParseContext,
1756 _Out_ PVOID *Object
1757);
1758
1759#define PsDereferenceImpersonationToken(T) \
1760 {if (ARGUMENT_PRESENT(T)) { \
1761 (ObDereferenceObject((T))); \
1762 } else { \
1763 ; \
1764 } \
1765}
1766
1767NTKERNELAPI
1768NTSTATUS
1769NTAPI
1770PsLookupProcessThreadByCid (
1771 _In_ PCLIENT_ID Cid,
1772 _Out_opt_ PEPROCESS *Process,
1773 _Out_ PETHREAD *Thread
1774);
1775
1776NTSYSAPI
1777NTSTATUS
1778NTAPI
1779RtlSetSaclSecurityDescriptor (
1780 _Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1781 _In_ BOOLEAN SaclPresent,
1782 _In_ PACL Sacl,
1783 _In_ BOOLEAN SaclDefaulted
1784);
1785
1786#define SeEnableAccessToExports() SeExports = *(PSE_EXPORTS *)SeExports;
1787
1788#endif
1789
1790#ifdef __cplusplus
1791}
1792#endif
NtQueryObject
NTSTATUS NtQueryObject(IN HANDLE Handle, IN OBJECT_INFO_CLASS ObjectInformationClass, OUT PVOID ObjectInformation, IN ULONG ObjectInformationLength, OUT PULONG ReturnLength)
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
GenericMapping
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
TOKEN_TYPE
TOKEN_TYPE
Definition: asmpp.cpp:29
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ServiceName
static WCHAR ServiceName[]
Definition: browser.c:19
NTSYSAPI
#define NTSYSAPI
Definition: ntoskrnl.h:12
FileOffset
_In_ PFCB _In_ LONGLONG FileOffset
Definition: cdprocs.h:160
Buffer
Definition: bufpool.h:45
exfuncs
LOCAL ex_t * exfuncs
Definition: comerr.c:50
ObjectInformation
IN CINT OUT PVOID ObjectInformation
Definition: conport.c:48
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
NULL
#define NULL
Definition: types.h:112
THREADINFOCLASS
enum _THREADINFOCLASS THREADINFOCLASS
Definition: thread.c:101
ShareAccess
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK _In_ USHORT ShareAccess
Definition: create.c:4148
_IRQL_requires_same_
#define _IRQL_requires_same_
Definition: driverspecs.h:232
_IRQL_requires_max_
#define _IRQL_requires_max_(irql)
Definition: driverspecs.h:230
PASSIVE_LEVEL
#define PASSIVE_LEVEL
Definition: env_spec_w32.h:693
ERESOURCE
ULONG ERESOURCE
Definition: env_spec_w32.h:594
ExclusiveLock
IN PLARGE_INTEGER IN PLARGE_INTEGER PEPROCESS ULONG BOOLEAN BOOLEAN ExclusiveLock
Definition: fatprocs.h:2715
FailImmediately
IN PLARGE_INTEGER IN PLARGE_INTEGER PEPROCESS ULONG BOOLEAN FailImmediately
Definition: fatprocs.h:2714
EaLength
IN PVCB IN PDIRENT OUT PULONG EaLength
Definition: fatprocs.h:879
ByteOffset
IN PDCB IN PCCB IN VBO IN OUT PULONG OUT PDIRENT OUT PBCB OUT PVBO ByteOffset
Definition: fatprocs.h:732
AllocationSize
IN PFCB IN PFILE_OBJECT FileObject IN ULONG AllocationSize
Definition: fatprocs.h:323
RestartScan
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ ULONG _In_ BOOLEAN _In_ ULONG _In_opt_ PULONG _In_ BOOLEAN RestartScan
Definition: fltkernel.h:2299
FsInformationClass
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ ULONG _In_ FS_INFORMATION_CLASS FsInformationClass
Definition: fltkernel.h:1330
FileAttributes
_Must_inspect_result_ _In_opt_ PFLT_INSTANCE _Out_ PHANDLE _In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Out_ PIO_STATUS_BLOCK _In_opt_ PLARGE_INTEGER _In_ ULONG FileAttributes
Definition: fltkernel.h:1236
FsControlCode
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ ULONG FsControlCode
Definition: fltkernel.h:1370
FileHandle
_Must_inspect_result_ _In_opt_ PFLT_INSTANCE _Out_ PHANDLE FileHandle
Definition: fltkernel.h:1231
ReturnSingleEntry
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ ULONG _In_ BOOLEAN ReturnSingleEntry
Definition: fltkernel.h:2295
FullDirectoryName
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING FullDirectoryName
Definition: fltkernel.h:2240
CompletionFilter
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG CompletionFilter
Definition: fltkernel.h:2243
WatchTree
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN WatchTree
Definition: fltkernel.h:2241
Thread
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
NotifyList
_Inout_ PLIST_ENTRY NotifyList
Definition: fltkernel.h:2238
FsContext
_Inout_ PLIST_ENTRY _In_ PVOID FsContext
Definition: fltkernel.h:2239
STRING
std::wstring STRING
Definition: fontsub.cpp:33
FILE_INFORMATION_CLASS
enum _FILE_INFORMATION_CLASS FILE_INFORMATION_CLASS
Definition: directory.c:44
FS_INFORMATION_CLASS
enum _FSINFOCLASS FS_INFORMATION_CLASS
MdlChain
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ ULONG _In_ ULONG _Outptr_ PMDL * MdlChain
Definition: fsrtlfuncs.h:49
NotifyIrp
_In_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_opt_ PIRP NotifyIrp
Definition: fsrtlfuncs.h:728
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
Handle
ULONG Handle
Definition: gdb_input.c:15
h
GLfloat GLfloat GLfloat GLfloat h
Definition: glext.h:7723
_NTIFS_
#define _NTIFS_
Definition: ifssupp.h:20
OBJECT_INFORMATION_CLASS
enum _OBJECT_INFORMATION_CLASS OBJECT_INFORMATION_CLASS
C_ASSERT
#define C_ASSERT(e)
Definition: intsafe.h:73
PNTSTATUS
* PNTSTATUS
Definition: strlen.c:14
ObjectTypeName
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:79
ObjectType
ObjectType
Definition: metafile.c:81
IoStatusBlock
static OUT PIO_STATUS_BLOCK IoStatusBlock
Definition: pipe.c:75
FileInformation
static OUT PIO_STATUS_BLOCK OUT PVOID FileInformation
Definition: pipe.c:75
FileInformationClass
static OUT PIO_STATUS_BLOCK OUT PVOID IN ULONG IN FILE_INFORMATION_CLASS FileInformationClass
Definition: pipe.c:75
SECURITY_INFORMATION
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311
OpenOptions
_Must_inspect_result_ _Out_ PNDIS_STATUS _Out_ PNDIS_STATUS _Out_ PNDIS_HANDLE _Out_ PUINT _In_ UINT _In_ NDIS_HANDLE _In_ NDIS_HANDLE _In_ PNDIS_STRING _In_ UINT OpenOptions
Definition: ndis.h:6017
ApcContext
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE _In_opt_ PVOID ApcContext
Definition: iofuncs.h:727
ApcRoutine
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE ApcRoutine
Definition: iofuncs.h:726
MaximumSize
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ PLARGE_INTEGER MaximumSize
Definition: mmfuncs.h:362
SectionPageProtection
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ PLARGE_INTEGER _In_ ULONG SectionPageProtection
Definition: mmfuncs.h:363
ProcessHandle
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
AllocationAttributes
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ PLARGE_INTEGER _In_ ULONG _In_ ULONG AllocationAttributes
Definition: mmfuncs.h:364
HandleAttributes
_In_ HANDLE _In_opt_ HANDLE _Out_opt_ PHANDLE _In_ ACCESS_MASK _In_ ULONG HandleAttributes
Definition: obfuncs.h:433
TokenHandle
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:726
ThreadInformationLength
_In_ THREADINFOCLASS _In_ ULONG ThreadInformationLength
Definition: psfuncs.h:843
ThreadInformationClass
_In_ THREADINFOCLASS ThreadInformationClass
Definition: psfuncs.h:840
SubAuthorityCount
_In_ PSID_IDENTIFIER_AUTHORITY _In_ UCHAR SubAuthorityCount
Definition: rtlfuncs.h:1539
Sacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL Sacl
Definition: rtlfuncs.h:1619
EffectiveOnly
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:410
NewTokenHandle
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE _Out_ PHANDLE NewTokenHandle
Definition: sefuncs.h:412
TokenType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:411
_In_reads_bytes_
#define _In_reads_bytes_(s)
Definition: no_sal2.h:170
_Out_opt_
#define _Out_opt_
Definition: no_sal2.h:214
_Inout_
#define _Inout_
Definition: no_sal2.h:162
_At_
#define _At_(t, a)
Definition: no_sal2.h:40
_Out_writes_bytes_opt_
#define _Out_writes_bytes_opt_(s)
Definition: no_sal2.h:228
_Inout_opt_
#define _Inout_opt_
Definition: no_sal2.h:216
_Must_inspect_result_
#define _Must_inspect_result_
Definition: no_sal2.h:62
_Out_writes_
#define _Out_writes_(s)
Definition: no_sal2.h:176
_Out_
#define _Out_
Definition: no_sal2.h:160
_In_reads_opt_
#define _In_reads_opt_(s)
Definition: no_sal2.h:222
_In_
#define _In_
Definition: no_sal2.h:158
_In_opt_
#define _In_opt_
Definition: no_sal2.h:212
_Out_writes_bytes_to_opt_
#define _Out_writes_bytes_to_opt_(s, c)
Definition: no_sal2.h:240
_In_range_
#define _In_range_(l, h)
Definition: no_sal2.h:368
_Out_writes_bytes_
#define _Out_writes_bytes_(s)
Definition: no_sal2.h:178
_When_
#define _When_(c, a)
Definition: no_sal2.h:38
_In_reads_bytes_opt_
#define _In_reads_bytes_opt_(s)
Definition: no_sal2.h:224
ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40
PACCESS_MASK
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3402
PIO_APC_ROUTINE
VOID(* PIO_APC_ROUTINE)(IN PVOID ApcContext, IN PIO_STATUS_BLOCK IoStatusBlock, IN ULONG Reserved)
Definition: nt_native.h:877
USN
LONGLONG USN
Definition: ntbasedef.h:400
NTSYSCALLAPI
#define NTSYSCALLAPI
Definition: ntbasedef.h:208
_ANONYMOUS_STRUCT
#define _ANONYMOUS_STRUCT
Definition: ntbasedef.h:56
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
PMSV1_0_SUBAUTH_LOGON
struct _MSV1_0_SUBAUTH_LOGON * PMSV1_0_SUBAUTH_LOGON
PMSV1_0_LOGON_SUBMIT_TYPE
enum _MSV1_0_LOGON_SUBMIT_TYPE * PMSV1_0_LOGON_SUBMIT_TYPE
PNETWORK_OPEN_ECP_CONTEXT_V0
struct _NETWORK_OPEN_ECP_CONTEXT_V0 * PNETWORK_OPEN_ECP_CONTEXT_V0
MSV1_0_OWF_PASSWORD_LENGTH
#define MSV1_0_OWF_PASSWORD_LENGTH
Definition: ntifs.template.h:804
MAPPING_PAIR
struct _MAPPING_PAIR MAPPING_PAIR
LogonType
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
Definition: ntifs.template.h:708
OBJECT_TYPE_INFO
struct _OBJECT_TYPE_INFO OBJECT_TYPE_INFO
ObjectInformationClass
_In_ OBJECT_INFORMATION_CLASS ObjectInformationClass
Definition: ntifs.template.h:80
PFILE_COPY_ON_WRITE_INFORMATION
struct _FILE_COPY_ON_WRITE_INFORMATION * PFILE_COPY_ON_WRITE_INFORMATION
PFILE_FULL_DIRECTORY_INFORMATION
struct _FILE_FULL_DIRECTORY_INFORMATION * PFILE_FULL_DIRECTORY_INFORMATION
PMSV1_0_INTERACTIVE_PROFILE
struct _MSV1_0_INTERACTIVE_PROFILE * PMSV1_0_INTERACTIVE_PROFILE
NtFsControlFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtFsControlFile(_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG FsControlCode, _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer, _In_ ULONG InputBufferLength, _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer, _In_ ULONG OutputBufferLength)
PLSA_OBJECT_ATTRIBUTES
OBJECT_ATTRIBUTES * PLSA_OBJECT_ATTRIBUTES
Definition: ntifs.template.h:66
LocalGroups
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS LocalGroups
Definition: ntifs.template.h:712
POBJECT_NAME_INFO
struct _OBJECT_NAME_INFO * POBJECT_NAME_INFO
PSRV_OPEN_ECP_CONTEXT
struct _SRV_OPEN_ECP_CONTEXT * PSRV_OPEN_ECP_CONTEXT
PFILE_SHARED_LOCK_ENTRY
struct _FILE_SHARED_LOCK_ENTRY * PFILE_SHARED_LOCK_ENTRY
PFILE_MAILSLOT_PEEK_BUFFER
struct _FILE_MAILSLOT_PEEK_BUFFER * PFILE_MAILSLOT_PEEK_BUFFER
PFILE_OLE_CLASSID_INFORMATION
struct _FILE_OLE_CLASSID_INFORMATION * PFILE_OLE_CLASSID_INFORMATION
LsaFreeReturnBuffer
_IRQL_requires_same_ NTSTATUS NTAPI LsaFreeReturnBuffer(_In_ PVOID Buffer)
Quotas
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS Quotas
Definition: ntifs.template.h:718
PNETWORK_OPEN_ECP_CONTEXT
struct _NETWORK_OPEN_ECP_CONTEXT * PNETWORK_OPEN_ECP_CONTEXT
CcGetLsnForFileObject
NTKERNELAPI LARGE_INTEGER NTAPI CcGetLsnForFileObject(_In_ PFILE_OBJECT FileObject, _Out_opt_ PLARGE_INTEGER OldestLsn)
TokenInformationClass
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass
Definition: ntifs.template.h:118
LPC_PVOID
#define LPC_PVOID
Definition: ntifs.template.h:1587
FsRtlAllocatePoolWithQuotaTag
NTKERNELAPI PVOID NTAPI FsRtlAllocatePoolWithQuotaTag(_In_ POOL_TYPE PoolType, _In_ ULONG NumberOfBytes, _In_ ULONG Tag)
OBJECT_NAME_INFO
struct _OBJECT_NAME_INFO OBJECT_NAME_INFO
MSV1_0_AV_PAIR
struct _MSV1_0_AV_PAIR MSV1_0_AV_PAIR
GET_RETRIEVAL_DESCRIPTOR
struct _GET_RETRIEVAL_DESCRIPTOR GET_RETRIEVAL_DESCRIPTOR
NtDeviceIoControlFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtDeviceIoControlFile(_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG IoControlCode, _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer, _In_ ULONG InputBufferLength, _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer, _In_ ULONG OutputBufferLength)
PLSA_OPERATIONAL_MODE
ULONG * PLSA_OPERATIONAL_MODE
Definition: ntifs.template.h:661
NtOpenObjectAuditAlarm
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK GrantedAccess, _In_opt_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN ObjectCreation, _In_ BOOLEAN AccessGranted, _Out_ PBOOLEAN GenerateOnClose)
Raises an alarm audit message when an object is about to be opened.
Definition: audit.c:1622
MSV1_0_GETUSERINFO_REQUEST
struct _MSV1_0_GETUSERINFO_REQUEST MSV1_0_GETUSERINFO_REQUEST
FsRtlAllocatePool
NTKERNELAPI PVOID NTAPI FsRtlAllocatePool(_In_ POOL_TYPE PoolType, _In_ ULONG NumberOfBytes)
SourceContext
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE SourceContext
Definition: ntifs.template.h:713
PORT_MESSAGE
struct _PORT_MESSAGE PORT_MESSAGE
PSECURITY_LOGON_TYPE
enum _SECURITY_LOGON_TYPE * PSECURITY_LOGON_TYPE
FsRtlMdlReadComplete
NTKERNELAPI BOOLEAN NTAPI FsRtlMdlReadComplete(_In_ PFILE_OBJECT FileObject, _In_ PMDL MdlChain)
AuthenticationPackage
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG AuthenticationPackage
Definition: ntifs.template.h:709
NtAccessCheckByTypeResultListAndAuditAlarmByHandle
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAccessCheckByTypeResultListAndAuditAlarmByHandle(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ HANDLE ClientToken, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ ACCESS_MASK DesiredAccess, _In_ AUDIT_EVENT_TYPE AuditType, _In_ ULONG Flags, _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess, _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose)
Raises an alarm audit message when a caller attempts to access an object and determine if the access ...
Definition: audit.c:2430
MsV1_0ChangeCachedPassword
@ MsV1_0ChangeCachedPassword
Definition: ntifs.template.h:989
MsV1_0GenericPassthrough
@ MsV1_0GenericPassthrough
Definition: ntifs.template.h:990
MsV1_0Lm20GetChallengeResponse
@ MsV1_0Lm20GetChallengeResponse
Definition: ntifs.template.h:984
MsV1_0CacheLookup
@ MsV1_0CacheLookup
Definition: ntifs.template.h:994
MsV1_0DeriveCredential
@ MsV1_0DeriveCredential
Definition: ntifs.template.h:993
MsV1_0ReLogonUsers
@ MsV1_0ReLogonUsers
Definition: ntifs.template.h:987
MsV1_0ChangePassword
@ MsV1_0ChangePassword
Definition: ntifs.template.h:988
MsV1_0Lm20ChallengeRequest
@ MsV1_0Lm20ChallengeRequest
Definition: ntifs.template.h:983
MsV1_0EnumerateUsers
@ MsV1_0EnumerateUsers
Definition: ntifs.template.h:985
MsV1_0CacheLogon
@ MsV1_0CacheLogon
Definition: ntifs.template.h:991
MsV1_0GetUserInfo
@ MsV1_0GetUserInfo
Definition: ntifs.template.h:986
MsV1_0SubAuth
@ MsV1_0SubAuth
Definition: ntifs.template.h:992
FsRtlNotifyChangeDirectory
NTKERNELAPI VOID NTAPI FsRtlNotifyChangeDirectory(_In_ PNOTIFY_SYNC NotifySync, _In_ PVOID FsContext, _In_ PSTRING FullDirectoryName, _In_ PLIST_ENTRY NotifyList, _In_ BOOLEAN WatchTree, _In_ ULONG CompletionFilter, _In_ PIRP NotifyIrp)
PUBLIC_OBJECT_BASIC_INFORMATION
PUBLIC_OBJECT_BASIC_INFORMATION
Definition: ntifs.template.h:1075
MSV1_0_USER_SESSION_KEY_LENGTH
#define MSV1_0_USER_SESSION_KEY_LENGTH
Definition: ntifs.template.h:739
MSV1_0_AVID
enum _MSV1_0_AVID MSV1_0_AVID
RtlSetSaclSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlSetSaclSecurityDescriptor(_Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ BOOLEAN SaclPresent, _In_ PACL Sacl, _In_ BOOLEAN SaclDefaulted)
PMOVEFILE_DESCRIPTOR
struct _MOVEFILE_DESCRIPTOR * PMOVEFILE_DESCRIPTOR
SubStatus
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
Definition: ntifs.template.h:719
PFILE_OLE_INFORMATION
struct _FILE_OLE_INFORMATION * PFILE_OLE_INFORMATION
MSV1_0_GETCHALLENRESP_REQUEST_V1
struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 MSV1_0_GETCHALLENRESP_REQUEST_V1
NtDuplicateToken
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
Definition: tokenlif.c:1869
UndefinedLogonType
@ UndefinedLogonType
Definition: ntifs.template.h:664
Unlock
@ Unlock
Definition: ntifs.template.h:670
Interactive
@ Interactive
Definition: ntifs.template.h:665
Proxy
@ Proxy
Definition: ntifs.template.h:669
Network
@ Network
Definition: ntifs.template.h:666
NetworkCleartext
@ NetworkCleartext
Definition: ntifs.template.h:671
Service
@ Service
Definition: ntifs.template.h:668
NewCredentials
@ NewCredentials
Definition: ntifs.template.h:672
Batch
@ Batch
Definition: ntifs.template.h:667
PPNFS_OPEN_ECP_CONTEXT
struct _NFS_OPEN_ECP_CONTEXT ** PPNFS_OPEN_ECP_CONTEXT
VAD_HEADER
struct _VAD_HEADER VAD_HEADER
MSV1_0_LM20_LOGON
struct _MSV1_0_LM20_LOGON MSV1_0_LM20_LOGON
PMSV1_0_LM20_LOGON
struct _MSV1_0_LM20_LOGON * PMSV1_0_LM20_LOGON
PMSV1_0_SUPPLEMENTAL_CREDENTIAL
struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL * PMSV1_0_SUPPLEMENTAL_CREDENTIAL
NtLockFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtLockFile(_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ PLARGE_INTEGER ByteOffset, _In_ PLARGE_INTEGER Length, _In_ ULONG Key, _In_ BOOLEAN FailImmediately, _In_ BOOLEAN ExclusiveLock)
PLSA_STRING
STRING * PLSA_STRING
Definition: ntifs.template.h:65
FsRtlMdlWriteComplete
NTKERNELAPI BOOLEAN NTAPI FsRtlMdlWriteComplete(_In_ PFILE_OBJECT FileObject, _In_ PLARGE_INTEGER FileOffset, _In_ PMDL MdlChain)
OBJECT_BASIC_INFORMATION
struct _OBJECT_BASIC_INFORMATION OBJECT_BASIC_INFORMATION
NETWORK_OPEN_INTEGRITY_QUALIFIER
enum _NETWORK_OPEN_INTEGRITY_QUALIFIER NETWORK_OPEN_INTEGRITY_QUALIFIER
PFILE_OLE_STATE_BITS_INFORMATION
struct _FILE_OLE_STATE_BITS_INFORMATION * PFILE_OLE_STATE_BITS_INFORMATION
MSV1_0_LM20_LOGON_PROFILE
struct _MSV1_0_LM20_LOGON_PROFILE MSV1_0_LM20_LOGON_PROFILE
FsRtlAllocatePoolWithTag
NTKERNELAPI PVOID NTAPI FsRtlAllocatePoolWithTag(_In_ POOL_TYPE PoolType, _In_ ULONG NumberOfBytes, _In_ ULONG Tag)
LPC_SIZE_T
#define LPC_SIZE_T
Definition: ntifs.template.h:1586
MSV1_0_INTERACTIVE_PROFILE
struct _MSV1_0_INTERACTIVE_PROFILE MSV1_0_INTERACTIVE_PROFILE
FILE_EXCLUSIVE_LOCK_ENTRY
struct _FILE_EXCLUSIVE_LOCK_ENTRY FILE_EXCLUSIVE_LOCK_ENTRY
PMSV1_0_ENUMUSERS_REQUEST
struct _MSV1_0_ENUMUSERS_REQUEST * PMSV1_0_ENUMUSERS_REQUEST
FILE_MAILSLOT_PEEK_BUFFER
struct _FILE_MAILSLOT_PEEK_BUFFER FILE_MAILSLOT_PEEK_BUFFER
PQUERY_PATH_REQUEST_EX
struct _QUERY_PATH_REQUEST_EX * PQUERY_PATH_REQUEST_EX
FILE_FULL_DIRECTORY_INFORMATION
struct _FILE_FULL_DIRECTORY_INFORMATION FILE_FULL_DIRECTORY_INFORMATION
NtOpenFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenFile(_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG ShareAccess, _In_ ULONG OpenOptions)
OBJECT_ALL_TYPES_INFO
struct _OBJECT_ALL_TYPES_INFO OBJECT_ALL_TYPES_INFO
PGET_RETRIEVAL_DESCRIPTOR
struct _GET_RETRIEVAL_DESCRIPTOR * PGET_RETRIEVAL_DESCRIPTOR
PREMOTE_PORT_VIEW
struct _REMOTE_PORT_VIEW * PREMOTE_PORT_VIEW
SECURITY_LOGON_TYPE
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
QUERY_PATH_REQUEST
struct _QUERY_PATH_REQUEST QUERY_PATH_REQUEST
AuthenticationInformationLength
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG AuthenticationInformationLength
Definition: ntifs.template.h:711
PSOCKADDR_STORAGE_NFS
struct sockaddr_storage * PSOCKADDR_STORAGE_NFS
Definition: ntifs.template.h:1231
NtWriteFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtWriteFile(_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_reads_bytes_(Length) PVOID Buffer, _In_ ULONG Length, _In_opt_ PLARGE_INTEGER ByteOffset, _In_opt_ PULONG Key)
MSV1_0_GETCHALLENRESP_RESPONSE
struct _MSV1_0_GETCHALLENRESP_RESPONSE MSV1_0_GETCHALLENRESP_RESPONSE
MSV1_0_LM20_CHALLENGE_RESPONSE
struct _MSV1_0_LM20_CHALLENGE_RESPONSE MSV1_0_LM20_CHALLENGE_RESPONSE
NtCreateFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtCreateFile(_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_opt_ PLARGE_INTEGER AllocationSize, _In_ ULONG FileAttributes, _In_ ULONG ShareAccess, _In_ ULONG CreateDisposition, _In_ ULONG CreateOptions, _In_reads_bytes_opt_(EaLength) PVOID EaBuffer, _In_ ULONG EaLength)
PMSV1_0_NTLM3_RESPONSE
struct _MSV1_0_NTLM3_RESPONSE * PMSV1_0_NTLM3_RESPONSE
NtOpenProcessTokenEx
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcessTokenEx(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle)
PMSV1_0_GETCHALLENRESP_REQUEST_V1
struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 * PMSV1_0_GETCHALLENRESP_REQUEST_V1
LSA_OPERATIONAL_MODE
ULONG LSA_OPERATIONAL_MODE
Definition: ntifs.template.h:661
PUBLIC_OBJECT_TYPE_INFORMATION
struct _PUBLIC_OBJECT_TYPE_INFORMATION PUBLIC_OBJECT_TYPE_INFORMATION
NtCreateSection
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtCreateSection(_Out_ PHANDLE SectionHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_opt_ PLARGE_INTEGER MaximumSize, _In_ ULONG SectionPageProtection, _In_ ULONG AllocationAttributes, _In_opt_ HANDLE FileHandle)
NtQueryQuotaInformationFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryQuotaInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID Buffer, _In_ ULONG Length, _In_ BOOLEAN ReturnSingleEntry, _In_reads_bytes_opt_(SidListLength) PVOID SidList, _In_ ULONG SidListLength, _In_reads_bytes_opt_((8+(4 *((SID *) StartSid) ->SubAuthorityCount))) PSID StartSid, _In_ BOOLEAN RestartScan)
PPUBLIC_OBJECT_BASIC_INFORMATION
* PPUBLIC_OBJECT_BASIC_INFORMATION
Definition: ntifs.template.h:1075
FILE_STORAGE_TYPE
enum _FILE_STORAGE_TYPE FILE_STORAGE_TYPE
NtOpenThreadToken
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenThreadToken(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
Definition: token.c:2474
PFILE_OLE_DIR_INFORMATION
struct _FILE_OLE_DIR_INFORMATION * PFILE_OLE_DIR_INFORMATION
PMSV1_0_GETCHALLENRESP_REQUEST
struct _MSV1_0_GETCHALLENRESP_REQUEST * PMSV1_0_GETCHALLENRESP_REQUEST
NtOpenJobObjectToken
_Must_inspect_result_ NTSYSAPI NTSTATUS NTAPI NtOpenJobObjectToken(_In_ HANDLE JobHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle)
PsLookupProcessThreadByCid
NTKERNELAPI NTSTATUS NTAPI PsLookupProcessThreadByCid(_In_ PCLIENT_ID Cid, _Out_opt_ PEPROCESS *Process, _Out_ PETHREAD *Thread)
NtSetInformationToken
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength)
Sets (modifies) some specific information in regard of an access token. The calling thread must have ...
Definition: tokencls.c:1125
NtCloseObjectAuditAlarm
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtCloseObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ BOOLEAN GenerateOnClose)
LsaHandle
_IRQL_requires_same_ _Out_ PHANDLE LsaHandle
Definition: ntifs.template.h:698
PPUBLIC_OBJECT_TYPE_INFORMATION
struct _PUBLIC_OBJECT_TYPE_INFORMATION * PPUBLIC_OBJECT_TYPE_INFORMATION
POBJECT_ALL_TYPES_INFO
struct _OBJECT_ALL_TYPES_INFO * POBJECT_ALL_TYPES_INFO
PORT_VIEW
struct _PORT_VIEW PORT_VIEW
LSA_STRING
STRING LSA_STRING
Definition: ntifs.template.h:65
FILE_COPY_ON_WRITE_INFORMATION
struct _FILE_COPY_ON_WRITE_INFORMATION FILE_COPY_ON_WRITE_INFORMATION
PQUERY_PATH_RESPONSE
struct _QUERY_PATH_RESPONSE * PQUERY_PATH_RESPONSE
FILE_OLE_INFORMATION
struct _FILE_OLE_INFORMATION FILE_OLE_INFORMATION
PPREFETCH_OPEN_ECP_CONTEXT
struct _PREFETCH_OPEN_ECP_CONTEXT * PPREFETCH_OPEN_ECP_CONTEXT
$include
$include(setypes.h) $include(obtypes.h) $include(rtltypes.h) $include(rtlfuncs.h) _IRQL_requires_max_(PASSIVE_LEVEL) __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryObject(_In_opt_ HANDLE Handle
MSV1_0_NTLM3_RESPONSE
struct _MSV1_0_NTLM3_RESPONSE MSV1_0_NTLM3_RESPONSE
FILE_OLE_ALL_INFORMATION
struct _FILE_OLE_ALL_INFORMATION FILE_OLE_ALL_INFORMATION
OBJECT_PROTECTION_INFO
struct _OBJECT_PROTECTION_INFO OBJECT_PROTECTION_INFO
NtAccessCheckByTypeAndAuditAlarm
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAccessCheckByTypeAndAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ ACCESS_MASK DesiredAccess, _In_ AUDIT_EVENT_TYPE AuditType, _In_ ULONG Flags, _In_reads_opt_(ObjectTypeLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeLength, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose)
Raises an alarm audit message when a caller attempts to access an object and determine if the access ...
Definition: audit.c:2222
PMSV1_0_AV_PAIR
struct _MSV1_0_AV_PAIR * PMSV1_0_AV_PAIR
PNFS_OPEN_ECP_CONTEXT
struct _NFS_OPEN_ECP_CONTEXT * PNFS_OPEN_ECP_CONTEXT
NtQueryInformationFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID FileInformation, _In_ ULONG Length, _In_ FILE_INFORMATION_CLASS FileInformationClass)
MSV1_0_GETCHALLENRESP_REQUEST
struct _MSV1_0_GETCHALLENRESP_REQUEST MSV1_0_GETCHALLENRESP_REQUEST
PPORT_VIEW
struct _PORT_VIEW * PPORT_VIEW
MSV1_0_ENUMUSERS_REQUEST
struct _MSV1_0_ENUMUSERS_REQUEST MSV1_0_ENUMUSERS_REQUEST
LPC_HANDLE
#define LPC_HANDLE
Definition: ntifs.template.h:1588
_FILE_STORAGE_TYPE
_FILE_STORAGE_TYPE
Definition: ntifs.template.h:1387
StorageTypeStructuredStorage
@ StorageTypeStructuredStorage
Definition: ntifs.template.h:1393
StorageTypeEmbedding
@ StorageTypeEmbedding
Definition: ntifs.template.h:1394
StorageTypeDefault
@ StorageTypeDefault
Definition: ntifs.template.h:1388
StorageTypeFile
@ StorageTypeFile
Definition: ntifs.template.h:1390
StorageTypeCatalog
@ StorageTypeCatalog
Definition: ntifs.template.h:1392
StorageTypeStream
@ StorageTypeStream
Definition: ntifs.template.h:1395
StorageTypeDirectory
@ StorageTypeDirectory
Definition: ntifs.template.h:1389
StorageTypeJunctionPoint
@ StorageTypeJunctionPoint
Definition: ntifs.template.h:1391
PMSV1_0_PROFILE_BUFFER_TYPE
enum _MSV1_0_PROFILE_BUFFER_TYPE * PMSV1_0_PROFILE_BUFFER_TYPE
PMSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE * PMSV1_0_PROTOCOL_MESSAGE_TYPE
PREFETCH_OPEN_ECP_CONTEXT
struct _PREFETCH_OPEN_ECP_CONTEXT PREFETCH_OPEN_ECP_CONTEXT
FILE_OLE_CLASSID_INFORMATION
struct _FILE_OLE_CLASSID_INFORMATION FILE_OLE_CLASSID_INFORMATION
PMSV1_0_ENUMUSERS_RESPONSE
struct _MSV1_0_ENUMUSERS_RESPONSE * PMSV1_0_ENUMUSERS_RESPONSE
PVAD_HEADER
struct _VAD_HEADER * PVAD_HEADER
OBJECT_HANDLE_ATTRIBUTE_INFO
struct _OBJECT_HANDLE_ATTRIBUTE_INFO OBJECT_HANDLE_ATTRIBUTE_INFO
NtSetVolumeInformationFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetVolumeInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_reads_bytes_(Length) PVOID FsInformation, _In_ ULONG Length, _In_ FS_INFORMATION_CLASS FsInformationClass)
_NETWORK_OPEN_INTEGRITY_QUALIFIER
_NETWORK_OPEN_INTEGRITY_QUALIFIER
Definition: ntifs.template.h:1148
NetworkOpenIntegrityNone
@ NetworkOpenIntegrityNone
Definition: ntifs.template.h:1150
NetworkOpenIntegrityEncrypted
@ NetworkOpenIntegrityEncrypted
Definition: ntifs.template.h:1152
NetworkOpenIntegrityMaximum
@ NetworkOpenIntegrityMaximum
Definition: ntifs.template.h:1153
NetworkOpenIntegritySigned
@ NetworkOpenIntegritySigned
Definition: ntifs.template.h:1151
NetworkOpenIntegrityAny
@ NetworkOpenIntegrityAny
Definition: ntifs.template.h:1149
PMSV1_0_GETCHALLENRESP_RESPONSE
struct _MSV1_0_GETCHALLENRESP_RESPONSE * PMSV1_0_GETCHALLENRESP_RESPONSE
NtImpersonateAnonymousToken
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtImpersonateAnonymousToken(_In_ HANDLE ThreadHandle)
Allows the calling thread to impersonate the system's anonymous logon token.
Definition: token.c:2612
QUERY_PATH_RESPONSE
struct _QUERY_PATH_RESPONSE QUERY_PATH_RESPONSE
NtFilterToken
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtFilterToken(_In_ HANDLE ExistingTokenHandle, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Out_ PHANDLE NewTokenHandle)
Creates an access token in a restricted form from the original existing token, that is,...
Definition: tokenlif.c:2075
NtReadFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtReadFile(_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID Buffer, _In_ ULONG Length, _In_opt_ PLARGE_INTEGER ByteOffset, _In_opt_ PULONG Key)
SecurityMode
_IRQL_requires_same_ _Out_ PHANDLE _Out_ PLSA_OPERATIONAL_MODE SecurityMode
Definition: ntifs.template.h:699
PFILE_EXCLUSIVE_LOCK_ENTRY
struct _FILE_EXCLUSIVE_LOCK_ENTRY * PFILE_EXCLUSIVE_LOCK_ENTRY
NFS_OPEN_ECP_CONTEXT
struct _NFS_OPEN_ECP_CONTEXT NFS_OPEN_ECP_CONTEXT
ObCreateObject
NTKERNELAPI NTSTATUS NTAPI ObCreateObject(_In_opt_ KPROCESSOR_MODE ObjectAttributesAccessMode, _In_ POBJECT_TYPE ObjectType, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ KPROCESSOR_MODE AccessMode, _Inout_opt_ PVOID ParseContext, _In_ ULONG ObjectSize, _In_opt_ ULONG PagedPoolCharge, _In_opt_ ULONG NonPagedPoolCharge, _Out_ PVOID *Object)
PPORT_MESSAGE
struct _PORT_MESSAGE * PPORT_MESSAGE
MsV1_0InteractiveProfile
@ MsV1_0InteractiveProfile
Definition: ntifs.template.h:861
MsV1_0SmartCardProfile
@ MsV1_0SmartCardProfile
Definition: ntifs.template.h:863
MsV1_0Lm20LogonProfile
@ MsV1_0Lm20LogonProfile
Definition: ntifs.template.h:862
NtAdjustPrivilegesToken
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAdjustPrivilegesToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState, _When_(PreviousState !=NULL, _Out_) PULONG ReturnLength)
OBJECT_BASIC_INFO
struct _OBJECT_BASIC_INFO OBJECT_BASIC_INFO
NtPrivilegeCheck
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtPrivilegeCheck(_In_ HANDLE ClientToken, _Inout_ PPRIVILEGE_SET RequiredPrivileges, _Out_ PBOOLEAN Result)
FILE_OLE_STATE_BITS_INFORMATION
struct _FILE_OLE_STATE_BITS_INFORMATION FILE_OLE_STATE_BITS_INFORMATION
REMOTE_PORT_VIEW
struct _REMOTE_PORT_VIEW REMOTE_PORT_VIEW
MSV1_0_PROFILE_BUFFER_TYPE
enum _MSV1_0_PROFILE_BUFFER_TYPE MSV1_0_PROFILE_BUFFER_TYPE
POBJECT_PROTECTION_INFO
struct _OBJECT_PROTECTION_INFO * POBJECT_PROTECTION_INFO
TokenInformationLength
_In_ TOKEN_INFORMATION_CLASS _In_ ULONG TokenInformationLength
Definition: ntifs.template.h:120
SecurityInformation
_In_ SECURITY_INFORMATION SecurityInformation
Definition: ntifs.template.h:347
MSV1_0_ENUMUSERS_RESPONSE
struct _MSV1_0_ENUMUSERS_RESPONSE MSV1_0_ENUMUSERS_RESPONSE
ObReferenceObjectByName
NTKERNELAPI NTSTATUS NTAPI ObReferenceObjectByName(_In_ PUNICODE_STRING ObjectName, _In_ ULONG Attributes, _In_opt_ PACCESS_STATE PassedAccessState, _In_opt_ ACCESS_MASK DesiredAccess, _In_ POBJECT_TYPE ObjectType, _In_ KPROCESSOR_MODE AccessMode, _Inout_opt_ PVOID ParseContext, _Out_ PVOID *Object)
POBJECT_HANDLE_ATTRIBUTE_INFO
struct _OBJECT_HANDLE_ATTRIBUTE_INFO * POBJECT_HANDLE_ATTRIBUTE_INFO
PMSV1_0_LM20_LOGON_PROFILE
struct _MSV1_0_LM20_LOGON_PROFILE * PMSV1_0_LM20_LOGON_PROFILE
MSV1_0_SUPPLEMENTAL_CREDENTIAL
struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL MSV1_0_SUPPLEMENTAL_CREDENTIAL
NtAccessCheckAndAuditAlarm
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAccessCheckAndAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose)
Raises an alarm audit message when a caller attempts to access an object and determine if the access ...
Definition: audit.c:2125
MSV1_0_SUBAUTH_LOGON
struct _MSV1_0_SUBAUTH_LOGON MSV1_0_SUBAUTH_LOGON
PMAPPING_PAIR
struct _MAPPING_PAIR * PMAPPING_PAIR
NETWORK_OPEN_ECP_CONTEXT_V0
struct _NETWORK_OPEN_ECP_CONTEXT_V0 NETWORK_OPEN_ECP_CONTEXT_V0
LSA_OBJECT_ATTRIBUTES
OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES
Definition: ntifs.template.h:66
MSV1_0_LANMAN_SESSION_KEY_LENGTH
#define MSV1_0_LANMAN_SESSION_KEY_LENGTH
Definition: ntifs.template.h:740
POBJECT_TYPE_INFO
struct _OBJECT_TYPE_INFO * POBJECT_TYPE_INFO
ProfileBuffer
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID * ProfileBuffer
Definition: ntifs.template.h:714
PMSV1_0_GETUSERINFO_RESPONSE
struct _MSV1_0_GETUSERINFO_RESPONSE * PMSV1_0_GETUSERINFO_RESPONSE
PMSV1_0_INTERACTIVE_LOGON
struct _MSV1_0_INTERACTIVE_LOGON * PMSV1_0_INTERACTIVE_LOGON
NtAccessCheckByTypeResultListAndAuditAlarm
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAccessCheckByTypeResultListAndAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ ACCESS_MASK DesiredAccess, _In_ AUDIT_EVENT_TYPE AuditType, _In_ ULONG Flags, _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess, _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose)
Raises an alarm audit message when a caller attempts to access an object and determine if the access ...
Definition: audit.c:2324
MSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE MSV1_0_PROTOCOL_MESSAGE_TYPE
POBJECT_BASIC_INFO
struct _OBJECT_BASIC_INFO * POBJECT_BASIC_INFO
MSV1_0_GETUSERINFO_RESPONSE
struct _MSV1_0_GETUSERINFO_RESPONSE MSV1_0_GETUSERINFO_RESPONSE
SRV_OPEN_ECP_CONTEXT
struct _SRV_OPEN_ECP_CONTEXT SRV_OPEN_ECP_CONTEXT
MSV1_0_LOGON_SUBMIT_TYPE
enum _MSV1_0_LOGON_SUBMIT_TYPE MSV1_0_LOGON_SUBMIT_TYPE
LPC_CLIENT_ID
#define LPC_CLIENT_ID
Definition: ntifs.template.h:1585
$define
$define(UCHAR=UCHAR) $define(ULONG
NtAdjustGroupsToken
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAdjustGroupsToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN ResetToDefault, _In_opt_ PTOKEN_GROUPS NewState, _In_opt_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState, _Out_ PULONG ReturnLength)
ProfileBufferLength
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG ProfileBufferLength
Definition: ntifs.template.h:715
PQUERY_PATH_REQUEST
struct _QUERY_PATH_REQUEST * PQUERY_PATH_REQUEST
NtQueryVolumeInformationFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryVolumeInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID FsInformation, _In_ ULONG Length, _In_ FS_INFORMATION_CLASS FsInformationClass)
NETWORK_OPEN_LOCATION_QUALIFIER
enum _NETWORK_OPEN_LOCATION_QUALIFIER NETWORK_OPEN_LOCATION_QUALIFIER
QUERY_PATH_REQUEST_EX
struct _QUERY_PATH_REQUEST_EX QUERY_PATH_REQUEST_EX
PFILE_OLE_ALL_INFORMATION
struct _FILE_OLE_ALL_INFORMATION * PFILE_OLE_ALL_INFORMATION
NtSetQuotaInformationFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetQuotaInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_reads_bytes_(Length) PVOID Buffer, _In_ ULONG Length)
POBJECT_BASIC_INFORMATION
struct _OBJECT_BASIC_INFORMATION * POBJECT_BASIC_INFORMATION
LogonId
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
Definition: ntifs.template.h:716
NtUnlockFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtUnlockFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ PLARGE_INTEGER ByteOffset, _In_ PLARGE_INTEGER Length, _In_ ULONG Key)
MSV1_0_CHALLENGE_LENGTH
#define MSV1_0_CHALLENGE_LENGTH
Definition: ntifs.template.h:738
MSV1_0_NTLM3_RESPONSE_LENGTH
#define MSV1_0_NTLM3_RESPONSE_LENGTH
Definition: ntifs.template.h:809
MSV1_0_LM20_CHALLENGE_REQUEST
struct _MSV1_0_LM20_CHALLENGE_REQUEST MSV1_0_LM20_CHALLENGE_REQUEST
FILE_OLE_DIR_INFORMATION
struct _FILE_OLE_DIR_INFORMATION FILE_OLE_DIR_INFORMATION
MOVEFILE_DESCRIPTOR
struct _MOVEFILE_DESCRIPTOR MOVEFILE_DESCRIPTOR
FILE_SHARED_LOCK_ENTRY
struct _FILE_SHARED_LOCK_ENTRY FILE_SHARED_LOCK_ENTRY
PMSV1_0_LM20_CHALLENGE_REQUEST
struct _MSV1_0_LM20_CHALLENGE_REQUEST * PMSV1_0_LM20_CHALLENGE_REQUEST
NtPrivilegedServiceAuditAlarm
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtPrivilegedServiceAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_ PUNICODE_STRING ServiceName, _In_ HANDLE ClientToken, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted)
LengthNeeded
_In_ SECURITY_INFORMATION _In_ ULONG _Out_ PULONG LengthNeeded
Definition: ntifs.template.h:360
NtPrivilegeObjectAuditAlarm
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtPrivilegeObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted)
FsRtlAllocatePoolWithQuota
NTKERNELAPI PVOID NTAPI FsRtlAllocatePoolWithQuota(_In_ POOL_TYPE PoolType, _In_ ULONG NumberOfBytes)
ReturnLength
_In_ OBJECT_INFORMATION_CLASS _In_ ULONG _Out_opt_ PULONG ReturnLength
Definition: ntifs.template.h:83
NtOpenProcessToken
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcessToken(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle)
NtSetInformationFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_reads_bytes_(Length) PVOID FileInformation, _In_ ULONG Length, _In_ FILE_INFORMATION_CLASS FileInformationClass)
NETWORK_OPEN_ECP_CONTEXT
struct _NETWORK_OPEN_ECP_CONTEXT NETWORK_OPEN_ECP_CONTEXT
NtOpenThreadTokenEx
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenThreadTokenEx(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
Definition: token.c:2331
ObjectInformationLength
_In_ OBJECT_INFORMATION_CLASS _In_ ULONG ObjectInformationLength
Definition: ntifs.template.h:82
MSV1_0_INTERACTIVE_LOGON
struct _MSV1_0_INTERACTIVE_LOGON MSV1_0_INTERACTIVE_LOGON
NtSetInformationThread
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationThread(_In_ HANDLE ThreadHandle, _In_ THREADINFOCLASS ThreadInformationClass, _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation, _In_ ULONG ThreadInformationLength)
OriginName
_IRQL_requires_same_ _In_ PLSA_STRING OriginName
Definition: ntifs.template.h:707
_NETWORK_OPEN_LOCATION_QUALIFIER
_NETWORK_OPEN_LOCATION_QUALIFIER
Definition: ntifs.template.h:1142
NetworkOpenLocationLoopback
@ NetworkOpenLocationLoopback
Definition: ntifs.template.h:1145
NetworkOpenLocationAny
@ NetworkOpenLocationAny
Definition: ntifs.template.h:1143
NetworkOpenLocationRemote
@ NetworkOpenLocationRemote
Definition: ntifs.template.h:1144
NtDeleteObjectAuditAlarm
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtDeleteObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ BOOLEAN GenerateOnClose)
PMSV1_0_LM20_CHALLENGE_RESPONSE
struct _MSV1_0_LM20_CHALLENGE_RESPONSE * PMSV1_0_LM20_CHALLENGE_RESPONSE
MsV1_0VirtualLogon
@ MsV1_0VirtualLogon
Definition: ntifs.template.h:857
MsV1_0NetworkLogon
@ MsV1_0NetworkLogon
Definition: ntifs.template.h:853
MsV1_0WorkstationUnlockLogon
@ MsV1_0WorkstationUnlockLogon
Definition: ntifs.template.h:855
MsV1_0SubAuthLogon
@ MsV1_0SubAuthLogon
Definition: ntifs.template.h:854
MsV1_0S4ULogon
@ MsV1_0S4ULogon
Definition: ntifs.template.h:856
MsV1_0Lm20Logon
@ MsV1_0Lm20Logon
Definition: ntifs.template.h:852
MsV1_0InteractiveLogon
@ MsV1_0InteractiveLogon
Definition: ntifs.template.h:851
_MSV1_0_AVID
_MSV1_0_AVID
Definition: ntifs.template.h:959
MsvAvNbDomainName
@ MsvAvNbDomainName
Definition: ntifs.template.h:962
MsvAvNbComputerName
@ MsvAvNbComputerName
Definition: ntifs.template.h:961
MsvAvDnsComputerName
@ MsvAvDnsComputerName
Definition: ntifs.template.h:963
MsvAvEOL
@ MsvAvEOL
Definition: ntifs.template.h:960
MsvAvDnsDomainName
@ MsvAvDnsDomainName
Definition: ntifs.template.h:964
NlsOemLeadByteInfo
PUSHORT * NlsOemLeadByteInfo
Definition: nlsboot.c:23
NtQueryDirectoryFile
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryDirectoryFile(_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID FileInformation, _In_ ULONG Length, _In_ FILE_INFORMATION_CLASS FileInformationClass, _In_ BOOLEAN ReturnSingleEntry, _In_opt_ PUNICODE_STRING FileName, _In_ BOOLEAN RestartScan)
PMSV1_0_GETUSERINFO_REQUEST
struct _MSV1_0_GETUSERINFO_REQUEST * PMSV1_0_GETUSERINFO_REQUEST
NTHALAPI
#define NTHALAPI
Definition: ntoskrnl.h:40
LsaLogonUser
NTSTATUS NTAPI LsaLogonUser(HANDLE, PLSA_STRING, SECURITY_LOGON_TYPE, ULONG, PVOID, ULONG, PTOKEN_GROUPS, PTOKEN_SOURCE, PVOID *, PULONG, PLUID, PHANDLE, PQUOTA_LIMITS, PNTSTATUS)
PLSA_OPERATIONAL_MODE
ULONG * PLSA_OPERATIONAL_MODE
Definition: ntsecapi.h:367
_MSV1_0_PROTOCOL_MESSAGE_TYPE
_MSV1_0_PROTOCOL_MESSAGE_TYPE
Definition: ntsecapi.h:217
MsV1_0SetProcessOption
@ MsV1_0SetProcessOption
Definition: ntsecapi.h:231
_SECURITY_LOGON_TYPE
_SECURITY_LOGON_TYPE
Definition: ntsecapi.h:288
PLSA_UNICODE_STRING
struct _LSA_UNICODE_STRING * PLSA_UNICODE_STRING
LSA_UNICODE_STRING
struct _LSA_UNICODE_STRING LSA_UNICODE_STRING
SECURITY_LOGON_TYPE
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
_MSV1_0_PROFILE_BUFFER_TYPE
_MSV1_0_PROFILE_BUFFER_TYPE
Definition: ntsecapi.h:205
MSV1_0_PROFILE_BUFFER_TYPE
enum _MSV1_0_PROFILE_BUFFER_TYPE MSV1_0_PROFILE_BUFFER_TYPE
MSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE MSV1_0_PROTOCOL_MESSAGE_TYPE
MSV1_0_LOGON_SUBMIT_TYPE
enum _MSV1_0_LOGON_SUBMIT_TYPE MSV1_0_LOGON_SUBMIT_TYPE
LsaRegisterLogonProcess
NTSTATUS NTAPI LsaRegisterLogonProcess(PLSA_STRING, PHANDLE, PLSA_OPERATIONAL_MODE)
_MSV1_0_LOGON_SUBMIT_TYPE
_MSV1_0_LOGON_SUBMIT_TYPE
Definition: ntsecapi.h:198
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
NtQuerySecurityObject
NTSTATUS NTAPI NtQuerySecurityObject(IN HANDLE Handle, IN SECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG Length, OUT PULONG ResultLength)
Definition: obsecure.c:803
USHORT
unsigned short USHORT
Definition: pedump.c:61
DEFINE_GUID
#define DEFINE_GUID(name, l, w1, w2, b1, b2, b3, b4, b5, b6, b7, b8)
Definition: guiddef.h:68
__GNU_EXTENSION
#define __GNU_EXTENSION
Definition: ddraw.h:56
NtSetSecurityObject
NTSTATUS WINAPI NtSetSecurityObject(HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor)
__kernel_entry
#define __kernel_entry
Definition: specstrings.h:355
Flag
Definition: xml2sdb.h:80
Response
Definition: ncftp.h:89
_ACCESS_STATE
Definition: setypes.h:224
_ACL
Definition: ms-dtyp.idl:293
_CLIENT_ID
Definition: compat.h:824
_EPROCESS
Definition: pstypes.h:1262
_ETHREAD
Definition: pstypes.h:1103
_FILE_ACCESS_INFORMATION
Definition: propsheet.cpp:47
_FILE_ALIGNMENT_INFORMATION
Definition: nt_native.h:958
_FILE_BASIC_INFORMATION
Definition: nt_native.h:938
_FILE_COPY_ON_WRITE_INFORMATION
Definition: ntifs.template.h:1413
_FILE_COPY_ON_WRITE_INFORMATION::RootDirectory
HANDLE RootDirectory
Definition: ntifs.template.h:1415
_FILE_COPY_ON_WRITE_INFORMATION::ReplaceIfExists
BOOLEAN ReplaceIfExists
Definition: ntifs.template.h:1414
_FILE_COPY_ON_WRITE_INFORMATION::FileNameLength
ULONG FileNameLength
Definition: ntifs.template.h:1416
_FILE_EA_INFORMATION
Definition: winternl.h:641
_FILE_EXCLUSIVE_LOCK_ENTRY
Definition: ntifs.template.h:1443
_FILE_EXCLUSIVE_LOCK_ENTRY::FileLock
FILE_LOCK_INFO FileLock
Definition: ntifs.template.h:1447
_FILE_EXCLUSIVE_LOCK_ENTRY::ListEntry
LIST_ENTRY ListEntry
Definition: ntifs.template.h:1444
_FILE_EXCLUSIVE_LOCK_ENTRY::Unknown2
PVOID Unknown2
Definition: ntifs.template.h:1446
_FILE_EXCLUSIVE_LOCK_ENTRY::Unknown1
PVOID Unknown1
Definition: ntifs.template.h:1445
_FILE_FULL_DIRECTORY_INFORMATION
Definition: winternl.h:527
_FILE_FULL_DIRECTORY_INFORMATION::ChangeTime
LARGE_INTEGER ChangeTime
Definition: winternl.h:533
_FILE_FULL_DIRECTORY_INFORMATION::EaSize
ULONG EaSize
Definition: winternl.h:538
_FILE_FULL_DIRECTORY_INFORMATION::LastAccessTime
LARGE_INTEGER LastAccessTime
Definition: winternl.h:531
_FILE_FULL_DIRECTORY_INFORMATION::FileAttributes
ULONG FileAttributes
Definition: winternl.h:536
_FILE_FULL_DIRECTORY_INFORMATION::LastWriteTime
LARGE_INTEGER LastWriteTime
Definition: winternl.h:532
_FILE_FULL_DIRECTORY_INFORMATION::AllocationSize
LARGE_INTEGER AllocationSize
Definition: winternl.h:535
_FILE_FULL_DIRECTORY_INFORMATION::FileIndex
ULONG FileIndex
Definition: winternl.h:529
_FILE_FULL_DIRECTORY_INFORMATION::FileNameLength
ULONG FileNameLength
Definition: winternl.h:537
_FILE_FULL_DIRECTORY_INFORMATION::EndOfFile
LARGE_INTEGER EndOfFile
Definition: winternl.h:534
_FILE_FULL_DIRECTORY_INFORMATION::CreationTime
LARGE_INTEGER CreationTime
Definition: winternl.h:530
_FILE_FULL_DIRECTORY_INFORMATION::NextEntryOffset
ULONG NextEntryOffset
Definition: winternl.h:528
_FILE_INTERNAL_INFORMATION
Definition: from_kernel.h:277
_FILE_LOCK_INFO
Definition: fsrtltypes.h:187
_FILE_MAILSLOT_PEEK_BUFFER
Definition: ntifs.template.h:1450
_FILE_MAILSLOT_PEEK_BUFFER::NumberOfMessages
ULONG NumberOfMessages
Definition: ntifs.template.h:1452
_FILE_MAILSLOT_PEEK_BUFFER::MessageLength
ULONG MessageLength
Definition: ntifs.template.h:1453
_FILE_MAILSLOT_PEEK_BUFFER::ReadDataAvailable
ULONG ReadDataAvailable
Definition: ntifs.template.h:1451
_FILE_MODE_INFORMATION
Definition: winternl.h:713
_FILE_NAME_INFORMATION
Definition: winternl.h:649
_FILE_OBJECTID_INFORMATION
Definition: winternl.h:762
_FILE_OLE_ALL_INFORMATION
Definition: ntifs.template.h:1460
_FILE_OLE_ALL_INFORMATION::OleId
ULONG OleId
Definition: ntifs.template.h:1476
_FILE_OLE_ALL_INFORMATION::NameInformation
FILE_NAME_INFORMATION NameInformation
Definition: ntifs.template.h:1482
_FILE_OLE_ALL_INFORMATION::ContentIndexDisable
BOOLEAN ContentIndexDisable
Definition: ntifs.template.h:1480
_FILE_OLE_ALL_INFORMATION::AccessInformation
FILE_ACCESS_INFORMATION AccessInformation
Definition: ntifs.template.h:1465
_FILE_OLE_ALL_INFORMATION::SecurityChangeTime
LARGE_INTEGER SecurityChangeTime
Definition: ntifs.template.h:1471
_FILE_OLE_ALL_INFORMATION::PositionInformation
FILE_POSITION_INFORMATION PositionInformation
Definition: ntifs.template.h:1466
_FILE_OLE_ALL_INFORMATION::OleStateBits
ULONG OleStateBits
Definition: ntifs.template.h:1475
_FILE_OLE_ALL_INFORMATION::NumberOfStreamReferences
ULONG NumberOfStreamReferences
Definition: ntifs.template.h:1477
_FILE_OLE_ALL_INFORMATION::ReplicationUsn
USN ReplicationUsn
Definition: ntifs.template.h:1470
_FILE_OLE_ALL_INFORMATION::EaInformation
FILE_EA_INFORMATION EaInformation
Definition: ntifs.template.h:1464
_FILE_OLE_ALL_INFORMATION::InheritContentIndexDisable
BOOLEAN InheritContentIndexDisable
Definition: ntifs.template.h:1481
_FILE_OLE_ALL_INFORMATION::AlignmentInformation
FILE_ALIGNMENT_INFORMATION AlignmentInformation
Definition: ntifs.template.h:1468
_FILE_OLE_ALL_INFORMATION::StandardInformation
FILE_STANDARD_INFORMATION StandardInformation
Definition: ntifs.template.h:1462
_FILE_OLE_ALL_INFORMATION::StorageType
FILE_STORAGE_TYPE StorageType
Definition: ntifs.template.h:1474
_FILE_OLE_ALL_INFORMATION::LastChangeUsn
USN LastChangeUsn
Definition: ntifs.template.h:1469
_FILE_OLE_ALL_INFORMATION::BasicInformation
FILE_BASIC_INFORMATION BasicInformation
Definition: ntifs.template.h:1461
_FILE_OLE_ALL_INFORMATION::InternalInformation
FILE_INTERNAL_INFORMATION InternalInformation
Definition: ntifs.template.h:1463
_FILE_OLE_ALL_INFORMATION::ObjectIdInformation
FILE_OBJECTID_INFORMATION ObjectIdInformation
Definition: ntifs.template.h:1473
_FILE_OLE_ALL_INFORMATION::StreamIndex
ULONG StreamIndex
Definition: ntifs.template.h:1478
_FILE_OLE_ALL_INFORMATION::SecurityId
ULONG SecurityId
Definition: ntifs.template.h:1479
_FILE_OLE_ALL_INFORMATION::OleClassIdInformation
FILE_OLE_CLASSID_INFORMATION OleClassIdInformation
Definition: ntifs.template.h:1472
_FILE_OLE_ALL_INFORMATION::ModeInformation
FILE_MODE_INFORMATION ModeInformation
Definition: ntifs.template.h:1467
_FILE_OLE_CLASSID_INFORMATION
Definition: ntifs.template.h:1456
_FILE_OLE_CLASSID_INFORMATION::ClassId
GUID ClassId
Definition: ntifs.template.h:1457
_FILE_OLE_DIR_INFORMATION
Definition: ntifs.template.h:1485
_FILE_OLE_DIR_INFORMATION::InheritContentIndexDisable
BOOLEAN InheritContentIndexDisable
Definition: ntifs.template.h:1500
_FILE_OLE_DIR_INFORMATION::AllocationSize
LARGE_INTEGER AllocationSize
Definition: ntifs.template.h:1493
_FILE_OLE_DIR_INFORMATION::ChangeTime
LARGE_INTEGER ChangeTime
Definition: ntifs.template.h:1491
_FILE_OLE_DIR_INFORMATION::LastAccessTime
LARGE_INTEGER LastAccessTime
Definition: ntifs.template.h:1489
_FILE_OLE_DIR_INFORMATION::CreationTime
LARGE_INTEGER CreationTime
Definition: ntifs.template.h:1488
_FILE_OLE_DIR_INFORMATION::StorageType
FILE_STORAGE_TYPE StorageType
Definition: ntifs.template.h:1496
_FILE_OLE_DIR_INFORMATION::OleStateBits
ULONG OleStateBits
Definition: ntifs.template.h:1498
_FILE_OLE_DIR_INFORMATION::FileIndex
ULONG FileIndex
Definition: ntifs.template.h:1487
_FILE_OLE_DIR_INFORMATION::EndOfFile
LARGE_INTEGER EndOfFile
Definition: ntifs.template.h:1492
_FILE_OLE_DIR_INFORMATION::FileAttributes
ULONG FileAttributes
Definition: ntifs.template.h:1494
_FILE_OLE_DIR_INFORMATION::OleClassId
GUID OleClassId
Definition: ntifs.template.h:1497
_FILE_OLE_DIR_INFORMATION::FileNameLength
ULONG FileNameLength
Definition: ntifs.template.h:1495
_FILE_OLE_DIR_INFORMATION::ContentIndexDisable
BOOLEAN ContentIndexDisable
Definition: ntifs.template.h:1499
_FILE_OLE_DIR_INFORMATION::NextEntryOffset
ULONG NextEntryOffset
Definition: ntifs.template.h:1486
_FILE_OLE_DIR_INFORMATION::LastWriteTime
LARGE_INTEGER LastWriteTime
Definition: ntifs.template.h:1490
_FILE_OLE_INFORMATION
Definition: ntifs.template.h:1504
_FILE_OLE_INFORMATION::StorageType
FILE_STORAGE_TYPE StorageType
Definition: ntifs.template.h:1508
_FILE_OLE_INFORMATION::ObjectIdInformation
FILE_OBJECTID_INFORMATION ObjectIdInformation
Definition: ntifs.template.h:1507
_FILE_OLE_INFORMATION::InheritContentIndexDisable
BOOLEAN InheritContentIndexDisable
Definition: ntifs.template.h:1511
_FILE_OLE_INFORMATION::SecurityChangeTime
LARGE_INTEGER SecurityChangeTime
Definition: ntifs.template.h:1505
_FILE_OLE_INFORMATION::ContentIndexDisable
BOOLEAN ContentIndexDisable
Definition: ntifs.template.h:1510
_FILE_OLE_INFORMATION::OleStateBits
ULONG OleStateBits
Definition: ntifs.template.h:1509
_FILE_OLE_INFORMATION::OleClassIdInformation
FILE_OLE_CLASSID_INFORMATION OleClassIdInformation
Definition: ntifs.template.h:1506
_FILE_OLE_STATE_BITS_INFORMATION
Definition: ntifs.template.h:1514
_FILE_OLE_STATE_BITS_INFORMATION::StateBitsMask
ULONG StateBitsMask
Definition: ntifs.template.h:1516
_FILE_OLE_STATE_BITS_INFORMATION::StateBits
ULONG StateBits
Definition: ntifs.template.h:1515
_FILE_POSITION_INFORMATION
Definition: nt_native.h:954
_FILE_SHARED_LOCK_ENTRY
Definition: ntifs.template.h:1436
_FILE_SHARED_LOCK_ENTRY::Unknown1
PVOID Unknown1
Definition: ntifs.template.h:1437
_FILE_SHARED_LOCK_ENTRY::FileLock
FILE_LOCK_INFO FileLock
Definition: ntifs.template.h:1439
_FILE_SHARED_LOCK_ENTRY::Unknown2
PVOID Unknown2
Definition: ntifs.template.h:1438
_FILE_STANDARD_INFORMATION
Definition: propsheet.cpp:53
_FileName
Definition: filecomp.c:348
_GENERIC_MAPPING
Definition: nt_native.h:564
_GET_RETRIEVAL_DESCRIPTOR
Definition: ntifs.template.h:1524
_GET_RETRIEVAL_DESCRIPTOR::NumberOfPairs
ULONG NumberOfPairs
Definition: ntifs.template.h:1525
_GET_RETRIEVAL_DESCRIPTOR::StartVcn
ULONGLONG StartVcn
Definition: ntifs.template.h:1526
_IO_SECURITY_CONTEXT
Definition: iotypes.h:2865
_IO_STATUS_BLOCK
Definition: env_spec_w32.h:870
_IRP
Definition: Bus_PDO_EvalMethod.c:105
_LIST_ENTRY
Definition: typedefs.h:120
_LSA_STRING
Definition: ntsecapi.h:171
_LUID
Definition: devicetopology.idl:137
_MAPPING_PAIR
Definition: ntifs.template.h:1519
_MAPPING_PAIR::Lcn
ULONGLONG Lcn
Definition: ntifs.template.h:1521
_MAPPING_PAIR::Vcn
ULONGLONG Vcn
Definition: ntifs.template.h:1520
_MOVEFILE_DESCRIPTOR
Definition: ntifs.template.h:1530
_MOVEFILE_DESCRIPTOR::Reserved1
ULONG Reserved1
Definition: ntifs.template.h:1536
_MOVEFILE_DESCRIPTOR::Reserved
ULONG Reserved
Definition: ntifs.template.h:1532
_MOVEFILE_DESCRIPTOR::StartVcn
LARGE_INTEGER StartVcn
Definition: ntifs.template.h:1533
_MOVEFILE_DESCRIPTOR::FileHandle
HANDLE FileHandle
Definition: ntifs.template.h:1531
_MOVEFILE_DESCRIPTOR::NumVcns
ULONG NumVcns
Definition: ntifs.template.h:1535
_MOVEFILE_DESCRIPTOR::TargetLcn
LARGE_INTEGER TargetLcn
Definition: ntifs.template.h:1534
_MSV1_0_AV_PAIR
Definition: ntsecapi.h:506
_MSV1_0_AV_PAIR::AvLen
USHORT AvLen
Definition: ntsecapi.h:508
_MSV1_0_AV_PAIR::AvId
USHORT AvId
Definition: ntsecapi.h:507
_MSV1_0_ENUMUSERS_REQUEST
Definition: ntmsv1_0.h:9
_MSV1_0_ENUMUSERS_REQUEST::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntmsv1_0.h:10
_MSV1_0_ENUMUSERS_RESPONSE
Definition: ntmsv1_0.h:14
_MSV1_0_ENUMUSERS_RESPONSE::NumberOfLoggedOnUsers
ULONG NumberOfLoggedOnUsers
Definition: ntmsv1_0.h:16
_MSV1_0_ENUMUSERS_RESPONSE::LogonIds
PLUID LogonIds
Definition: ntmsv1_0.h:17
_MSV1_0_ENUMUSERS_RESPONSE::EnumHandles
PULONG EnumHandles
Definition: ntmsv1_0.h:18
_MSV1_0_ENUMUSERS_RESPONSE::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntmsv1_0.h:15
_MSV1_0_GETCHALLENRESP_REQUEST_V1
Definition: ntifs.template.h:1013
_MSV1_0_GETCHALLENRESP_REQUEST_V1::ChallengeToClient
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH]
Definition: ntifs.template.h:1018
_MSV1_0_GETCHALLENRESP_REQUEST_V1::ParameterControl
ULONG ParameterControl
Definition: ntifs.template.h:1015
_MSV1_0_GETCHALLENRESP_REQUEST_V1::LogonId
LUID LogonId
Definition: ntifs.template.h:1016
_MSV1_0_GETCHALLENRESP_REQUEST_V1::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntifs.template.h:1014
_MSV1_0_GETCHALLENRESP_REQUEST_V1::Password
UNICODE_STRING Password
Definition: ntifs.template.h:1017
_MSV1_0_GETCHALLENRESP_REQUEST
Definition: ntifs.template.h:1021
_MSV1_0_GETCHALLENRESP_REQUEST::UserName
UNICODE_STRING UserName
Definition: ntifs.template.h:1027
_MSV1_0_GETCHALLENRESP_REQUEST::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntifs.template.h:1028
_MSV1_0_GETCHALLENRESP_REQUEST::ParameterControl
ULONG ParameterControl
Definition: ntifs.template.h:1023
_MSV1_0_GETCHALLENRESP_REQUEST::Password
UNICODE_STRING Password
Definition: ntifs.template.h:1025
_MSV1_0_GETCHALLENRESP_REQUEST::ChallengeToClient
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH]
Definition: ntifs.template.h:1026
_MSV1_0_GETCHALLENRESP_REQUEST::ServerName
UNICODE_STRING ServerName
Definition: ntifs.template.h:1029
_MSV1_0_GETCHALLENRESP_REQUEST::LogonId
LUID LogonId
Definition: ntifs.template.h:1024
_MSV1_0_GETCHALLENRESP_REQUEST::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntifs.template.h:1022
_MSV1_0_GETCHALLENRESP_RESPONSE
Definition: ntifs.template.h:1032
_MSV1_0_GETCHALLENRESP_RESPONSE::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntifs.template.h:1037
_MSV1_0_GETCHALLENRESP_RESPONSE::LanmanSessionKey
UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH]
Definition: ntifs.template.h:1039
_MSV1_0_GETCHALLENRESP_RESPONSE::CaseInsensitiveChallengeResponse
STRING CaseInsensitiveChallengeResponse
Definition: ntifs.template.h:1035
_MSV1_0_GETCHALLENRESP_RESPONSE::UserSessionKey
UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH]
Definition: ntifs.template.h:1038
_MSV1_0_GETCHALLENRESP_RESPONSE::CaseSensitiveChallengeResponse
STRING CaseSensitiveChallengeResponse
Definition: ntifs.template.h:1034
_MSV1_0_GETCHALLENRESP_RESPONSE::UserName
UNICODE_STRING UserName
Definition: ntifs.template.h:1036
_MSV1_0_GETCHALLENRESP_RESPONSE::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntifs.template.h:1033
_MSV1_0_GETUSERINFO_REQUEST
Definition: ntmsv1_0.h:22
_MSV1_0_GETUSERINFO_REQUEST::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntmsv1_0.h:23
_MSV1_0_GETUSERINFO_REQUEST::LogonId
LUID LogonId
Definition: ntmsv1_0.h:24
_MSV1_0_GETUSERINFO_RESPONSE
Definition: ntmsv1_0.h:28
_MSV1_0_GETUSERINFO_RESPONSE::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntmsv1_0.h:29
_MSV1_0_GETUSERINFO_RESPONSE::UserName
UNICODE_STRING UserName
Definition: ntmsv1_0.h:31
_MSV1_0_GETUSERINFO_RESPONSE::LogonServer
UNICODE_STRING LogonServer
Definition: ntmsv1_0.h:33
_MSV1_0_GETUSERINFO_RESPONSE::UserSid
PSID UserSid
Definition: ntmsv1_0.h:30
_MSV1_0_GETUSERINFO_RESPONSE::LogonType
SECURITY_LOGON_TYPE LogonType
Definition: ntmsv1_0.h:34
_MSV1_0_GETUSERINFO_RESPONSE::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntmsv1_0.h:32
_MSV1_0_INTERACTIVE_LOGON
Definition: ntsecapi.h:433
_MSV1_0_INTERACTIVE_LOGON::Password
UNICODE_STRING Password
Definition: ntsecapi.h:437
_MSV1_0_INTERACTIVE_LOGON::UserName
UNICODE_STRING UserName
Definition: ntsecapi.h:436
_MSV1_0_INTERACTIVE_LOGON::MessageType
MSV1_0_LOGON_SUBMIT_TYPE MessageType
Definition: ntsecapi.h:434
_MSV1_0_INTERACTIVE_LOGON::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:435
_MSV1_0_INTERACTIVE_PROFILE
Definition: ntsecapi.h:439
_MSV1_0_INTERACTIVE_PROFILE::LogonTime
LARGE_INTEGER LogonTime
Definition: ntsecapi.h:443
_MSV1_0_INTERACTIVE_PROFILE::MessageType
MSV1_0_PROFILE_BUFFER_TYPE MessageType
Definition: ntsecapi.h:440
_MSV1_0_INTERACTIVE_PROFILE::KickOffTime
LARGE_INTEGER KickOffTime
Definition: ntsecapi.h:445
_MSV1_0_INTERACTIVE_PROFILE::PasswordMustChange
LARGE_INTEGER PasswordMustChange
Definition: ntsecapi.h:448
_MSV1_0_INTERACTIVE_PROFILE::LogonScript
UNICODE_STRING LogonScript
Definition: ntsecapi.h:449
_MSV1_0_INTERACTIVE_PROFILE::PasswordCanChange
LARGE_INTEGER PasswordCanChange
Definition: ntsecapi.h:447
_MSV1_0_INTERACTIVE_PROFILE::LogoffTime
LARGE_INTEGER LogoffTime
Definition: ntsecapi.h:444
_MSV1_0_INTERACTIVE_PROFILE::FullName
UNICODE_STRING FullName
Definition: ntsecapi.h:451
_MSV1_0_INTERACTIVE_PROFILE::UserFlags
ULONG UserFlags
Definition: ntsecapi.h:455
_MSV1_0_INTERACTIVE_PROFILE::PasswordLastSet
LARGE_INTEGER PasswordLastSet
Definition: ntsecapi.h:446
_MSV1_0_INTERACTIVE_PROFILE::ProfilePath
UNICODE_STRING ProfilePath
Definition: ntsecapi.h:452
_MSV1_0_INTERACTIVE_PROFILE::LogonServer
UNICODE_STRING LogonServer
Definition: ntsecapi.h:454
_MSV1_0_INTERACTIVE_PROFILE::HomeDirectory
UNICODE_STRING HomeDirectory
Definition: ntsecapi.h:450
_MSV1_0_INTERACTIVE_PROFILE::HomeDirectoryDrive
UNICODE_STRING HomeDirectoryDrive
Definition: ntsecapi.h:453
_MSV1_0_INTERACTIVE_PROFILE::LogonCount
USHORT LogonCount
Definition: ntsecapi.h:441
_MSV1_0_INTERACTIVE_PROFILE::BadPasswordCount
USHORT BadPasswordCount
Definition: ntsecapi.h:442
_MSV1_0_LM20_CHALLENGE_REQUEST
Definition: ntifs.template.h:1004
_MSV1_0_LM20_CHALLENGE_REQUEST::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntifs.template.h:1005
_MSV1_0_LM20_CHALLENGE_RESPONSE
Definition: ntifs.template.h:1008
_MSV1_0_LM20_CHALLENGE_RESPONSE::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntifs.template.h:1009
_MSV1_0_LM20_CHALLENGE_RESPONSE::ChallengeToClient
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH]
Definition: ntifs.template.h:1010
_MSV1_0_LM20_LOGON_PROFILE
Definition: ntsecapi.h:478
_MSV1_0_LM20_LOGON_PROFILE::MessageType
MSV1_0_PROFILE_BUFFER_TYPE MessageType
Definition: ntsecapi.h:479
_MSV1_0_LM20_LOGON_PROFILE::UserSessionKey
UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH]
Definition: ntsecapi.h:483
_MSV1_0_LM20_LOGON_PROFILE::LogonServer
UNICODE_STRING LogonServer
Definition: ntsecapi.h:486
_MSV1_0_LM20_LOGON_PROFILE::LanmanSessionKey
UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH]
Definition: ntsecapi.h:485
_MSV1_0_LM20_LOGON_PROFILE::UserFlags
ULONG UserFlags
Definition: ntsecapi.h:482
_MSV1_0_LM20_LOGON_PROFILE::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:484
_MSV1_0_LM20_LOGON_PROFILE::LogoffTime
LARGE_INTEGER LogoffTime
Definition: ntsecapi.h:481
_MSV1_0_LM20_LOGON_PROFILE::UserParameters
UNICODE_STRING UserParameters
Definition: ntsecapi.h:487
_MSV1_0_LM20_LOGON_PROFILE::KickOffTime
LARGE_INTEGER KickOffTime
Definition: ntsecapi.h:480
_MSV1_0_LM20_LOGON
Definition: ntsecapi.h:457
_MSV1_0_LM20_LOGON::UserName
UNICODE_STRING UserName
Definition: ntsecapi.h:460
_MSV1_0_LM20_LOGON::ChallengeToClient
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH]
Definition: ntsecapi.h:462
_MSV1_0_LM20_LOGON::CaseInsensitiveChallengeResponse
STRING CaseInsensitiveChallengeResponse
Definition: ntsecapi.h:464
_MSV1_0_LM20_LOGON::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:459
_MSV1_0_LM20_LOGON::Workstation
UNICODE_STRING Workstation
Definition: ntsecapi.h:461
_MSV1_0_LM20_LOGON::ParameterControl
ULONG ParameterControl
Definition: ntsecapi.h:465
_MSV1_0_LM20_LOGON::CaseSensitiveChallengeResponse
STRING CaseSensitiveChallengeResponse
Definition: ntsecapi.h:463
_MSV1_0_LM20_LOGON::MessageType
MSV1_0_LOGON_SUBMIT_TYPE MessageType
Definition: ntsecapi.h:458
_MSV1_0_NTLM3_RESPONSE
Definition: ntsecapi.h:495
_MSV1_0_NTLM3_RESPONSE::MsgWord
ULONG MsgWord
Definition: ntsecapi.h:500
_MSV1_0_NTLM3_RESPONSE::TimeStamp
ULONGLONG TimeStamp
Definition: ntsecapi.h:501
_MSV1_0_NTLM3_RESPONSE::Flags
USHORT Flags
Definition: ntsecapi.h:499
_MSV1_0_NTLM3_RESPONSE::HiRespType
UCHAR HiRespType
Definition: ntsecapi.h:498
_MSV1_0_NTLM3_RESPONSE::ChallengeFromClient
UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH]
Definition: ntsecapi.h:502
_MSV1_0_NTLM3_RESPONSE::RespType
UCHAR RespType
Definition: ntsecapi.h:497
_MSV1_0_NTLM3_RESPONSE::AvPairsOff
ULONG AvPairsOff
Definition: ntsecapi.h:503
_MSV1_0_SUBAUTH_LOGON
Definition: ntsecapi.h:467
_MSV1_0_SUBAUTH_LOGON::UserName
UNICODE_STRING UserName
Definition: ntsecapi.h:470
_MSV1_0_SUBAUTH_LOGON::AuthenticationInfo2
STRING AuthenticationInfo2
Definition: ntsecapi.h:474
_MSV1_0_SUBAUTH_LOGON::ChallengeToClient
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH]
Definition: ntsecapi.h:472
_MSV1_0_SUBAUTH_LOGON::Workstation
UNICODE_STRING Workstation
Definition: ntsecapi.h:471
_MSV1_0_SUBAUTH_LOGON::ParameterControl
ULONG ParameterControl
Definition: ntsecapi.h:475
_MSV1_0_SUBAUTH_LOGON::SubAuthPackageId
ULONG SubAuthPackageId
Definition: ntsecapi.h:476
_MSV1_0_SUBAUTH_LOGON::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:469
_MSV1_0_SUBAUTH_LOGON::MessageType
MSV1_0_LOGON_SUBMIT_TYPE MessageType
Definition: ntsecapi.h:468
_MSV1_0_SUBAUTH_LOGON::AuthenticationInfo1
STRING AuthenticationInfo1
Definition: ntsecapi.h:473
_MSV1_0_SUPPLEMENTAL_CREDENTIAL
Definition: ntsecapi.h:489
_MSV1_0_SUPPLEMENTAL_CREDENTIAL::LmPassword
UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH]
Definition: ntsecapi.h:492
_MSV1_0_SUPPLEMENTAL_CREDENTIAL::Flags
ULONG Flags
Definition: ntsecapi.h:491
_MSV1_0_SUPPLEMENTAL_CREDENTIAL::NtPassword
UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH]
Definition: ntsecapi.h:493
_MSV1_0_SUPPLEMENTAL_CREDENTIAL::Version
ULONG Version
Definition: ntsecapi.h:490
_NETWORK_OPEN_ECP_CONTEXT_V0
Definition: ntifs.template.h:1179
_NETWORK_OPEN_ECP_CONTEXT_V0::Size
USHORT Size
Definition: ntifs.template.h:1180
_NETWORK_OPEN_ECP_CONTEXT_V0::Integrity
NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
Definition: ntifs.template.h:1185
_NETWORK_OPEN_ECP_CONTEXT_V0::DUMMYSTRUCTNAME
_ANONYMOUS_STRUCT struct _NETWORK_OPEN_ECP_CONTEXT_V0::@4316 DUMMYSTRUCTNAME
_NETWORK_OPEN_ECP_CONTEXT_V0::Location
NETWORK_OPEN_LOCATION_QUALIFIER Location
Definition: ntifs.template.h:1184
_NETWORK_OPEN_ECP_CONTEXT_V0::Reserved
USHORT Reserved
Definition: ntifs.template.h:1181
_NETWORK_OPEN_ECP_CONTEXT_V0::in
struct _NETWORK_OPEN_ECP_CONTEXT_V0::@4316::@4317 in
_NETWORK_OPEN_ECP_CONTEXT_V0::out
struct _NETWORK_OPEN_ECP_CONTEXT_V0::@4316::@4318 out
_NETWORK_OPEN_ECP_CONTEXT
Definition: ntifs.template.h:1162
_NETWORK_OPEN_ECP_CONTEXT::in
struct _NETWORK_OPEN_ECP_CONTEXT::@4313::@4314 in
_NETWORK_OPEN_ECP_CONTEXT::Reserved
USHORT Reserved
Definition: ntifs.template.h:1164
_NETWORK_OPEN_ECP_CONTEXT::out
struct _NETWORK_OPEN_ECP_CONTEXT::@4313::@4315 out
_NETWORK_OPEN_ECP_CONTEXT::Flags
ULONG Flags
Definition: ntifs.template.h:1169
_NETWORK_OPEN_ECP_CONTEXT::DUMMYSTRUCTNAME
_ANONYMOUS_STRUCT struct _NETWORK_OPEN_ECP_CONTEXT::@4313 DUMMYSTRUCTNAME
_NETWORK_OPEN_ECP_CONTEXT::Location
NETWORK_OPEN_LOCATION_QUALIFIER Location
Definition: ntifs.template.h:1167
_NETWORK_OPEN_ECP_CONTEXT::Integrity
NETWORK_OPEN_INTEGRITY_QUALIFIER Integrity
Definition: ntifs.template.h:1168
_NETWORK_OPEN_ECP_CONTEXT::Size
USHORT Size
Definition: ntifs.template.h:1163
_NFS_OPEN_ECP_CONTEXT
Definition: ntifs.template.h:1233
_NFS_OPEN_ECP_CONTEXT::ClientSocketAddress
PSOCKADDR_STORAGE_NFS ClientSocketAddress
Definition: ntifs.template.h:1235
_NFS_OPEN_ECP_CONTEXT::ExportAlias
PUNICODE_STRING ExportAlias
Definition: ntifs.template.h:1234
_OBJECT_ALL_TYPES_INFO
Definition: ntifs.template.h:1574
_OBJECT_ALL_TYPES_INFO::NumberOfObjectTypes
ULONG NumberOfObjectTypes
Definition: ntifs.template.h:1575
_OBJECT_ALL_TYPES_INFO::ObjectsTypeInfo
OBJECT_TYPE_INFO ObjectsTypeInfo[1]
Definition: ntifs.template.h:1576
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_OBJECT_BASIC_INFORMATION
Definition: winternl.h:1249
_OBJECT_BASIC_INFORMATION::CreationTime
LARGE_INTEGER CreationTime
Definition: ntifs.template.h:1410
_OBJECT_BASIC_INFORMATION::NameInfoSize
ULONG NameInfoSize
Definition: ntifs.template.h:1407
_OBJECT_BASIC_INFORMATION::Attributes
ULONG Attributes
Definition: winternl.h:1250
_OBJECT_BASIC_INFORMATION::PagedPoolCharge
ULONG PagedPoolCharge
Definition: ntifs.template.h:1404
_OBJECT_BASIC_INFORMATION::NonPagedPoolCharge
ULONG NonPagedPoolCharge
Definition: ntifs.template.h:1405
_OBJECT_BASIC_INFORMATION::GrantedAccess
ACCESS_MASK GrantedAccess
Definition: winternl.h:1251
_OBJECT_BASIC_INFORMATION::HandleCount
ULONG HandleCount
Definition: winternl.h:1252
_OBJECT_BASIC_INFORMATION::PointerCount
ULONG PointerCount
Definition: winternl.h:1253
_OBJECT_BASIC_INFORMATION::TypeInfoSize
ULONG TypeInfoSize
Definition: ntifs.template.h:1408
_OBJECT_BASIC_INFORMATION::SecurityDescriptorSize
ULONG SecurityDescriptorSize
Definition: ntifs.template.h:1409
_OBJECT_BASIC_INFO
Definition: ntifs.template.h:1539
_OBJECT_BASIC_INFO::TypeInformationLength
ULONG TypeInformationLength
Definition: ntifs.template.h:1548
_OBJECT_BASIC_INFO::GrantedAccess
ACCESS_MASK GrantedAccess
Definition: ntifs.template.h:1541
_OBJECT_BASIC_INFO::HandleCount
ULONG HandleCount
Definition: ntifs.template.h:1542
_OBJECT_BASIC_INFO::Attributes
ULONG Attributes
Definition: ntifs.template.h:1540
_OBJECT_BASIC_INFO::ReferenceCount
ULONG ReferenceCount
Definition: ntifs.template.h:1543
_OBJECT_BASIC_INFO::PagedPoolUsage
ULONG PagedPoolUsage
Definition: ntifs.template.h:1544
_OBJECT_BASIC_INFO::NameInformationLength
ULONG NameInformationLength
Definition: ntifs.template.h:1547
_OBJECT_BASIC_INFO::SecurityDescriptorLength
ULONG SecurityDescriptorLength
Definition: ntifs.template.h:1549
_OBJECT_BASIC_INFO::CreateTime
LARGE_INTEGER CreateTime
Definition: ntifs.template.h:1550
_OBJECT_BASIC_INFO::NonPagedPoolUsage
ULONG NonPagedPoolUsage
Definition: ntifs.template.h:1545
_OBJECT_HANDLE_ATTRIBUTE_INFO
Definition: ntifs.template.h:1553
_OBJECT_HANDLE_ATTRIBUTE_INFO::ProtectFromClose
BOOLEAN ProtectFromClose
Definition: ntifs.template.h:1555
_OBJECT_HANDLE_ATTRIBUTE_INFO::Inherit
BOOLEAN Inherit
Definition: ntifs.template.h:1554
_OBJECT_NAME_INFO
Definition: ntifs.template.h:1558
_OBJECT_NAME_INFO::ObjectName
UNICODE_STRING ObjectName
Definition: ntifs.template.h:1559
_OBJECT_NAME_INFO::ObjectNameBuffer
WCHAR ObjectNameBuffer[1]
Definition: ntifs.template.h:1560
_OBJECT_PROTECTION_INFO
Definition: ntifs.template.h:1563
_OBJECT_PROTECTION_INFO::Inherit
BOOLEAN Inherit
Definition: ntifs.template.h:1564
_OBJECT_PROTECTION_INFO::ProtectHandle
BOOLEAN ProtectHandle
Definition: ntifs.template.h:1565
_OBJECT_TYPE_INFO
Definition: ntifs.template.h:1568
_OBJECT_TYPE_INFO::ObjectTypeNameBuffer
WCHAR ObjectTypeNameBuffer[1]
Definition: ntifs.template.h:1571
_OBJECT_TYPE_INFO::ObjectTypeName
UNICODE_STRING ObjectTypeName
Definition: ntifs.template.h:1569
_OBJECT_TYPE_INFO::Unknown
UCHAR Unknown[0x58]
Definition: ntifs.template.h:1570
_OBJECT_TYPE_LIST
Definition: setypes.h:868
_OBJECT_TYPE
Definition: obtypes.h:380
_PORT_MESSAGE
Definition: ntifs.template.h:1592
_PORT_MESSAGE::CallbackId
ULONG CallbackId
Definition: ntifs.template.h:1620
_PORT_MESSAGE::s2
struct _PORT_MESSAGE::@4320::@4326 s2
_PORT_MESSAGE::DoNotUseThisField
double DoNotUseThisField
Definition: ntifs.template.h:1614
_PORT_MESSAGE::MessageId
ULONG MessageId
Definition: ntifs.template.h:1616
_PORT_MESSAGE::u1
union _PORT_MESSAGE::@4319 u1
_PORT_MESSAGE::Length
ULONG Length
Definition: ntifs.template.h:1600
_PORT_MESSAGE::TotalLength
CSHORT TotalLength
Definition: ntifs.template.h:1598
_PORT_MESSAGE::ClientViewSize
LPC_SIZE_T ClientViewSize
Definition: ntifs.template.h:1619
_PORT_MESSAGE::ClientId
LPC_CLIENT_ID ClientId
Definition: ntifs.template.h:1613
_PORT_MESSAGE::Type
CSHORT Type
Definition: ntifs.template.h:1606
_PORT_MESSAGE::DataLength
CSHORT DataLength
Definition: ntifs.template.h:1597
_PORT_MESSAGE::u2
union _PORT_MESSAGE::@4320 u2
_PORT_MESSAGE::ZeroInit
ULONG ZeroInit
Definition: ntifs.template.h:1609
_PORT_MESSAGE::s1
struct _PORT_MESSAGE::@4319::@4325 s1
_PORT_MESSAGE::DataInfoOffset
CSHORT DataInfoOffset
Definition: ntifs.template.h:1607
_PORT_VIEW
Definition: ntifs.template.h:1627
_PORT_VIEW::ViewBase
LPC_PVOID ViewBase
Definition: ntifs.template.h:1632
_PORT_VIEW::Length
ULONG Length
Definition: ntifs.template.h:1628
_PORT_VIEW::SectionHandle
LPC_HANDLE SectionHandle
Definition: ntifs.template.h:1629
_PORT_VIEW::ViewRemoteBase
LPC_PVOID ViewRemoteBase
Definition: ntifs.template.h:1633
_PORT_VIEW::SectionOffset
ULONG SectionOffset
Definition: ntifs.template.h:1630
_PORT_VIEW::ViewSize
LPC_SIZE_T ViewSize
Definition: ntifs.template.h:1631
_PREFETCH_OPEN_ECP_CONTEXT
Definition: ntifs.template.h:1218
_PREFETCH_OPEN_ECP_CONTEXT::Context
PVOID Context
Definition: ntifs.template.h:1219
_PRIVILEGE_SET
Definition: setypes.h:85
_PUBLIC_OBJECT_BASIC_INFORMATION
Definition: winternl.h:444
_PUBLIC_OBJECT_TYPE_INFORMATION
Definition: ntifs.template.h:1077
_PUBLIC_OBJECT_TYPE_INFORMATION::TypeName
UNICODE_STRING TypeName
Definition: ntifs.template.h:1078
_QUERY_PATH_REQUEST_EX
Definition: ntifs.template.h:1268
_QUERY_PATH_REQUEST_EX::EaLength
ULONG EaLength
Definition: ntifs.template.h:1270
_QUERY_PATH_REQUEST_EX::pEaBuffer
PVOID pEaBuffer
Definition: ntifs.template.h:1271
_QUERY_PATH_REQUEST_EX::pSecurityContext
PIO_SECURITY_CONTEXT pSecurityContext
Definition: ntifs.template.h:1269
_QUERY_PATH_REQUEST_EX::PathName
UNICODE_STRING PathName
Definition: ntifs.template.h:1272
_QUERY_PATH_REQUEST_EX::DomainServiceName
UNICODE_STRING DomainServiceName
Definition: ntifs.template.h:1273
_QUERY_PATH_REQUEST
Definition: ntifs.template.h:1262
_QUERY_PATH_REQUEST::SecurityContext
PIO_SECURITY_CONTEXT SecurityContext
Definition: ntifs.template.h:1264
_QUERY_PATH_REQUEST::PathNameLength
ULONG PathNameLength
Definition: ntifs.template.h:1263
_QUERY_PATH_REQUEST::FilePathName
WCHAR FilePathName[1]
Definition: ntifs.template.h:1265
_QUERY_PATH_RESPONSE
Definition: ntifs.template.h:1277
_QUERY_PATH_RESPONSE::LengthAccepted
ULONG LengthAccepted
Definition: ntifs.template.h:1278
_QUOTA_LIMITS
Definition: lsa.idl:286
_REMOTE_PORT_VIEW
Definition: ntifs.template.h:1637
_REMOTE_PORT_VIEW::ViewSize
LPC_SIZE_T ViewSize
Definition: ntifs.template.h:1639
_REMOTE_PORT_VIEW::ViewBase
LPC_PVOID ViewBase
Definition: ntifs.template.h:1640
_REMOTE_PORT_VIEW::Length
ULONG Length
Definition: ntifs.template.h:1638
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
_SID
Definition: ms-dtyp.idl:198
_SRV_OPEN_ECP_CONTEXT
Definition: ntifs.template.h:1238
_SRV_OPEN_ECP_CONTEXT::OplockAppState
BOOLEAN OplockAppState
Definition: ntifs.template.h:1242
_SRV_OPEN_ECP_CONTEXT::ShareName
PUNICODE_STRING ShareName
Definition: ntifs.template.h:1239
_SRV_OPEN_ECP_CONTEXT::SocketAddress
PSOCKADDR_STORAGE_NFS SocketAddress
Definition: ntifs.template.h:1240
_SRV_OPEN_ECP_CONTEXT::OplockBlockState
BOOLEAN OplockBlockState
Definition: ntifs.template.h:1241
_SRV_OPEN_ECP_CONTEXT::OplockFinalState
BOOLEAN OplockFinalState
Definition: ntifs.template.h:1243
_STRING
Definition: sprintf.c:450
_TOKEN_ACCESS_INFORMATION
Definition: setypes.h:1179
_TOKEN_GROUPS
Definition: setypes.h:1025
_TOKEN_PRIVILEGES
Definition: setypes.h:1034
_TOKEN_SOURCE
Definition: imports.h:277
_UNICODE_STRING
Definition: env_spec_w32.h:368
_VAD_HEADER
Definition: ntifs.template.h:1643
_VAD_HEADER::ControlArea
PVOID ControlArea
Definition: ntifs.template.h:1650
_VAD_HEADER::Unknown
ULONG Unknown
Definition: ntifs.template.h:1653
_VAD_HEADER::RightLink
struct _VAD_HEADER * RightLink
Definition: ntifs.template.h:1648
_VAD_HEADER::LastPTE
PVOID LastPTE
Definition: ntifs.template.h:1652
_VAD_HEADER::LeftLink
struct _VAD_HEADER * LeftLink
Definition: ntifs.template.h:1647
_VAD_HEADER::ParentLink
struct _VAD_HEADER * ParentLink
Definition: ntifs.template.h:1646
_VAD_HEADER::EndVPN
PVOID EndVPN
Definition: ntifs.template.h:1645
_VAD_HEADER::Secured
LIST_ENTRY Secured
Definition: ntifs.template.h:1654
_VAD_HEADER::StartVPN
PVOID StartVPN
Definition: ntifs.template.h:1644
_VAD_HEADER::FirstProtoPte
PVOID FirstProtoPte
Definition: ntifs.template.h:1651
_VAD_HEADER::Flags
ULONG Flags
Definition: ntifs.template.h:1649
pair
Definition: _pair.h:47
sockaddr_storage
Definition: ws2def.h:399
NtQueryInformationToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
Definition: tokencls.c:473
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
PBOOLEAN
unsigned char * PBOOLEAN
Definition: typedefs.h:53
ANYSIZE_ARRAY
#define ANYSIZE_ARRAY
Definition: typedefs.h:46
POOL_TYPE
INT POOL_TYPE
Definition: typedefs.h:78
NTAPI
#define NTAPI
Definition: typedefs.h:36
PUSHORT
uint16_t * PUSHORT
Definition: typedefs.h:56
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
ULONG
uint32_t ULONG
Definition: typedefs.h:59
ULONGLONG
uint64_t ULONGLONG
Definition: typedefs.h:67
CSHORT
short CSHORT
Definition: umtypes.h:127
_LARGE_INTEGER
Definition: typedefs.h:103
Object
_Must_inspect_result_ _In_ WDFCOLLECTION _In_ WDFOBJECT Object
Definition: wdfcollection.h:123
Attributes
_Must_inspect_result_ _In_ WDFDMAENABLER _In_ _In_opt_ PWDF_OBJECT_ATTRIBUTES Attributes
Definition: wdfcommonbuffer.h:97
PreviousState
_In_ WDF_POWER_DEVICE_STATE PreviousState
Definition: wdfdevice.h:829
Tag
_Must_inspect_result_ _In_ WDFDEVICE _In_ BOOLEAN _In_opt_ PVOID Tag
Definition: wdfdevice.h:4065
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
PoolType
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3815
FileObject
_In_ WDFREQUEST _In_ WDFFILEOBJECT FileObject
Definition: wdfdevice.h:550
BufferLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3771
IoControlCode
_In_ WDFREQUEST _In_ size_t _In_ size_t _In_ ULONG IoControlCode
Definition: wdfio.h:325
OutputBufferLength
_In_ WDFREQUEST _In_ size_t OutputBufferLength
Definition: wdfio.h:320
InputBufferLength
_In_ WDFREQUEST _In_ size_t _In_ size_t InputBufferLength
Definition: wdfio.h:322
OutputBuffer
_Must_inspect_result_ _In_ WDFIOTARGET _In_opt_ WDFREQUEST _In_opt_ PWDF_MEMORY_DESCRIPTOR OutputBuffer
Definition: wdfiotarget.h:863
InputBuffer
_Must_inspect_result_ _In_ WDFIOTARGET _In_opt_ WDFREQUEST _In_opt_ PWDF_MEMORY_DESCRIPTOR InputBuffer
Definition: wdfiotarget.h:953
CreateDisposition
_Must_inspect_result_ _In_opt_ WDFKEY _In_ PCUNICODE_STRING _In_ ACCESS_MASK _In_ ULONG _Out_opt_ PULONG CreateDisposition
Definition: wdfregistry.h:120
CreateOptions
_Must_inspect_result_ _In_opt_ WDFKEY _In_ PCUNICODE_STRING _In_ ACCESS_MASK _In_ ULONG CreateOptions
Definition: wdfregistry.h:118
__CREATE_NTOS_DATA_IMPORT_ALIAS
#define __CREATE_NTOS_DATA_IMPORT_ALIAS(_Name)
NTKERNELAPI
#define NTKERNELAPI
Reserved
_Reserved_ PVOID Reserved
Definition: winddi.h:3974
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
ObjectName
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:64
EaBuffer
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Out_ PIO_STATUS_BLOCK _In_opt_ PLARGE_INTEGER _In_ ULONG _In_ ULONG _In_ ULONG _In_ ULONG _In_opt_ PVOID EaBuffer
Definition: iofuncs.h:845
PFILE_OBJECT
* PFILE_OBJECT
Definition: iotypes.h:1998
NumberOfBytes
_Must_inspect_result_ typedef _In_ PHYSICAL_ADDRESS _Inout_ PLARGE_INTEGER NumberOfBytes
Definition: iotypes.h:1036
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
PassedAccessState
_Inout_opt_ PACCESS_STATE PassedAccessState
Definition: obfuncs.h:71
SaclPresent
_Out_ PBOOLEAN SaclPresent
Definition: rtlfuncs.h:2430
SaclDefaulted
_Out_ PBOOLEAN _Out_ PACL _Out_ PBOOLEAN SaclDefaulted
Definition: rtlfuncs.h:2432
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:17
GenerateOnClose
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:422
AccessGranted
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
Definition: sefuncs.h:419
AccessStatus
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:21
GrantedAccess
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:20
TokenAccessInformation
@ TokenAccessInformation
Definition: setypes.h:999
TOKEN_INFORMATION_CLASS
enum _TOKEN_INFORMATION_CLASS TOKEN_INFORMATION_CLASS
AUDIT_EVENT_TYPE
enum _AUDIT_EVENT_TYPE AUDIT_EVENT_TYPE
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
StartSid
_Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ BOOLEAN _In_ ULONG _In_opt_ PSID StartSid
Definition: zwfuncs.h:1121
OpenAsSelf
_In_ ACCESS_MASK _In_ BOOLEAN OpenAsSelf
Definition: zwfuncs.h:700
SidListLength
_Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ BOOLEAN _In_ ULONG SidListLength
Definition: zwfuncs.h:1120