ReactOS 0.4.15-dev-7196-g0fe0b40
zwfuncs.h
Go to the documentation of this file.
1/******************************************************************************
2 * ZwXxx Functions *
3 ******************************************************************************/
4
5$if (_WDMDDK_)
6
7/* Constants */
8#define NtCurrentProcess() ( (HANDLE)(LONG_PTR) -1 )
9#define ZwCurrentProcess() NtCurrentProcess()
10#define NtCurrentThread() ( (HANDLE)(LONG_PTR) -2 )
11#define ZwCurrentThread() NtCurrentThread()
12$endif (_WDMDDK_)
13
14$if (_NTDDK_)
15_IRQL_requires_max_(PASSIVE_LEVEL)
16NTSYSAPI
17NTSTATUS
18NTAPI
19ZwAllocateLocallyUniqueId(
20 _Out_ PLUID Luid);
21
22_IRQL_requires_max_(PASSIVE_LEVEL)
23NTSYSAPI
24NTSTATUS
25NTAPI
26ZwTerminateProcess(
27 _In_opt_ HANDLE ProcessHandle,
28 _In_ NTSTATUS ExitStatus);
29
30_IRQL_requires_max_(PASSIVE_LEVEL)
31NTSYSAPI
32NTSTATUS
33NTAPI
34ZwOpenProcess(
35 _Out_ PHANDLE ProcessHandle,
36 _In_ ACCESS_MASK DesiredAccess,
37 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
38 _In_opt_ PCLIENT_ID ClientId);
39$endif (_NTDDK_)
40$if (_NTIFS_)
41
42_IRQL_requires_max_(PASSIVE_LEVEL)
43NTSYSAPI
44NTSTATUS
45NTAPI
46ZwQueryEaFile(
47 _In_ HANDLE FileHandle,
48 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
49 _Out_writes_bytes_(Length) PVOID Buffer,
50 _In_ ULONG Length,
51 _In_ BOOLEAN ReturnSingleEntry,
52 _In_reads_bytes_opt_(EaListLength) PVOID EaList,
53 _In_ ULONG EaListLength,
54 _In_opt_ PULONG EaIndex,
55 _In_ BOOLEAN RestartScan);
56
57_IRQL_requires_max_(PASSIVE_LEVEL)
58NTSYSAPI
59NTSTATUS
60NTAPI
61ZwSetEaFile(
62 _In_ HANDLE FileHandle,
63 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
64 _In_reads_bytes_(Length) PVOID Buffer,
65 _In_ ULONG Length);
66
67_IRQL_requires_max_(PASSIVE_LEVEL)
68NTSYSAPI
69NTSTATUS
70NTAPI
71ZwDuplicateToken(
72 _In_ HANDLE ExistingTokenHandle,
73 _In_ ACCESS_MASK DesiredAccess,
74 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
75 _In_ BOOLEAN EffectiveOnly,
76 _In_ TOKEN_TYPE TokenType,
77 _Out_ PHANDLE NewTokenHandle);
78$endif (_NTIFS_)
79
80#if (NTDDI_VERSION >= NTDDI_WIN2K)
81$if (_WDMDDK_)
82
83_IRQL_requires_max_(PASSIVE_LEVEL)
84NTSYSAPI
85NTSTATUS
86NTAPI
87ZwClose(
88 _In_ HANDLE Handle);
89
90_IRQL_requires_max_(PASSIVE_LEVEL)
91NTSYSAPI
92NTSTATUS
93NTAPI
94ZwCreateDirectoryObject(
95 _Out_ PHANDLE DirectoryHandle,
96 _In_ ACCESS_MASK DesiredAccess,
97 _In_ POBJECT_ATTRIBUTES ObjectAttributes);
98
99_IRQL_requires_max_(PASSIVE_LEVEL)
100NTSYSAPI
101NTSTATUS
102NTAPI
103ZwCreateFile(
104 _Out_ PHANDLE FileHandle,
105 _In_ ACCESS_MASK DesiredAccess,
106 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
107 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
108 _In_opt_ PLARGE_INTEGER AllocationSize,
109 _In_ ULONG FileAttributes,
110 _In_ ULONG ShareAccess,
111 _In_ ULONG CreateDisposition,
112 _In_ ULONG CreateOptions,
113 _In_reads_bytes_opt_(EaLength) PVOID EaBuffer,
114 _In_ ULONG EaLength
115);
116
117_IRQL_requires_max_(PASSIVE_LEVEL)
118NTSYSAPI
119NTSTATUS
120NTAPI
121ZwCreateKey(
122 _Out_ PHANDLE KeyHandle,
123 _In_ ACCESS_MASK DesiredAccess,
124 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
125 _Reserved_ ULONG TitleIndex,
126 _In_opt_ PUNICODE_STRING Class,
127 _In_ ULONG CreateOptions,
128 _Out_opt_ PULONG Disposition);
129
130_IRQL_requires_max_(APC_LEVEL)
131NTSYSAPI
132NTSTATUS
133NTAPI
134ZwCreateSection(
135 _Out_ PHANDLE SectionHandle,
136 _In_ ACCESS_MASK DesiredAccess,
137 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
138 _In_opt_ PLARGE_INTEGER MaximumSize,
139 _In_ ULONG SectionPageProtection,
140 _In_ ULONG AllocationAttributes,
141 _In_opt_ HANDLE FileHandle);
142
143_IRQL_requires_max_(PASSIVE_LEVEL)
144NTSYSAPI
145NTSTATUS
146NTAPI
147ZwDeleteKey(
148 _In_ HANDLE KeyHandle);
149
150_IRQL_requires_max_(PASSIVE_LEVEL)
151NTSYSAPI
152NTSTATUS
153NTAPI
154ZwDeleteValueKey(
155 _In_ HANDLE KeyHandle,
156 _In_ PUNICODE_STRING ValueName);
157
158_IRQL_requires_max_(PASSIVE_LEVEL)
159_When_(Length == 0, _Post_satisfies_(return < 0))
160_When_(Length > 0, _Post_satisfies_(return <= 0))
161NTSYSAPI
162NTSTATUS
163NTAPI
164ZwEnumerateKey(
165 _In_ HANDLE KeyHandle,
166 _In_ ULONG Index,
167 _In_ KEY_INFORMATION_CLASS KeyInformationClass,
168 _Out_writes_bytes_opt_(Length) PVOID KeyInformation,
169 _In_ ULONG Length,
170 _Out_ PULONG ResultLength);
171
172_IRQL_requires_max_(PASSIVE_LEVEL)
173_When_(Length == 0, _Post_satisfies_(return < 0))
174_When_(Length > 0, _Post_satisfies_(return <= 0))
175NTSYSAPI
176NTSTATUS
177NTAPI
178ZwEnumerateValueKey(
179 _In_ HANDLE KeyHandle,
180 _In_ ULONG Index,
181 _In_ KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass,
182 _Out_writes_bytes_opt_(Length) PVOID KeyValueInformation,
183 _In_ ULONG Length,
184 _Out_ PULONG ResultLength);
185
186_IRQL_requires_max_(PASSIVE_LEVEL)
187NTSYSAPI
188NTSTATUS
189NTAPI
190ZwFlushKey(
191 _In_ HANDLE KeyHandle);
192
193_IRQL_requires_max_(PASSIVE_LEVEL)
194NTSYSAPI
195NTSTATUS
196NTAPI
197ZwLoadDriver(
198 _In_ PUNICODE_STRING DriverServiceName);
199
200_IRQL_requires_max_(PASSIVE_LEVEL)
201NTSYSAPI
202NTSTATUS
203NTAPI
204ZwMakeTemporaryObject(
205 _In_ HANDLE Handle);
206
207_IRQL_requires_max_(PASSIVE_LEVEL)
208NTSYSAPI
209NTSTATUS
210NTAPI
211ZwMapViewOfSection(
212 _In_ HANDLE SectionHandle,
213 _In_ HANDLE ProcessHandle,
214 _Outptr_result_bytebuffer_(*ViewSize) PVOID *BaseAddress,
215 _In_ ULONG_PTR ZeroBits,
216 _In_ SIZE_T CommitSize,
217 _Inout_opt_ PLARGE_INTEGER SectionOffset,
218 _Inout_ PSIZE_T ViewSize,
219 _In_ SECTION_INHERIT InheritDisposition,
220 _In_ ULONG AllocationType,
221 _In_ ULONG Protect);
222
223_IRQL_requires_max_(PASSIVE_LEVEL)
224NTSYSAPI
225NTSTATUS
226NTAPI
227ZwOpenFile(
228 _Out_ PHANDLE FileHandle,
229 _In_ ACCESS_MASK DesiredAccess,
230 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
231 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
232 _In_ ULONG ShareAccess,
233 _In_ ULONG OpenOptions);
234
235_IRQL_requires_max_(PASSIVE_LEVEL)
236NTSYSAPI
237NTSTATUS
238NTAPI
239ZwOpenKey(
240 _Out_ PHANDLE KeyHandle,
241 _In_ ACCESS_MASK DesiredAccess,
242 _In_ POBJECT_ATTRIBUTES ObjectAttributes);
243
244_IRQL_requires_max_(PASSIVE_LEVEL)
245NTSYSAPI
246NTSTATUS
247NTAPI
248ZwOpenSection(
249 _Out_ PHANDLE SectionHandle,
250 _In_ ACCESS_MASK DesiredAccess,
251 _In_ POBJECT_ATTRIBUTES ObjectAttributes);
252
253_IRQL_requires_max_(PASSIVE_LEVEL)
254NTSYSAPI
255NTSTATUS
256NTAPI
257ZwOpenSymbolicLinkObject(
258 _Out_ PHANDLE LinkHandle,
259 _In_ ACCESS_MASK DesiredAccess,
260 _In_ POBJECT_ATTRIBUTES ObjectAttributes);
261
262_IRQL_requires_max_(PASSIVE_LEVEL)
263NTSYSAPI
264NTSTATUS
265NTAPI
266ZwQueryInformationFile(
267 _In_ HANDLE FileHandle,
268 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
269 _Out_writes_bytes_(Length) PVOID FileInformation,
270 _In_ ULONG Length,
271 _In_ FILE_INFORMATION_CLASS FileInformationClass);
272
273_IRQL_requires_max_(PASSIVE_LEVEL)
274_When_(Length == 0, _Post_satisfies_(return < 0))
275_When_(Length > 0, _Post_satisfies_(return <= 0))
276NTSYSAPI
277NTSTATUS
278NTAPI
279ZwQueryKey(
280 _In_ HANDLE KeyHandle,
281 _In_ KEY_INFORMATION_CLASS KeyInformationClass,
282 _Out_writes_bytes_opt_(Length) PVOID KeyInformation,
283 _In_ ULONG Length,
284 _Out_ PULONG ResultLength);
285
286_IRQL_requires_max_(PASSIVE_LEVEL)
287NTSYSAPI
288NTSTATUS
289NTAPI
290ZwQuerySymbolicLinkObject(
291 _In_ HANDLE LinkHandle,
292 _Inout_ PUNICODE_STRING LinkTarget,
293 _Out_opt_ PULONG ReturnedLength);
294
295_IRQL_requires_max_(PASSIVE_LEVEL)
296_When_(Length == 0, _Post_satisfies_(return < 0))
297_When_(Length > 0, _Post_satisfies_(return <= 0))
298NTSYSAPI
299NTSTATUS
300NTAPI
301ZwQueryValueKey(
302 _In_ HANDLE KeyHandle,
303 _In_ PUNICODE_STRING ValueName,
304 _In_ KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass,
305 _Out_writes_bytes_opt_(Length) PVOID KeyValueInformation,
306 _In_ ULONG Length,
307 _Out_ PULONG ResultLength);
308
309_IRQL_requires_max_(PASSIVE_LEVEL)
310NTSYSAPI
311NTSTATUS
312NTAPI
313ZwReadFile(
314 _In_ HANDLE FileHandle,
315 _In_opt_ HANDLE Event,
316 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
317 _In_opt_ PVOID ApcContext,
318 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
319 _Out_writes_bytes_(Length) PVOID Buffer,
320 _In_ ULONG Length,
321 _In_opt_ PLARGE_INTEGER ByteOffset,
322 _In_opt_ PULONG Key);
323
324_IRQL_requires_max_(PASSIVE_LEVEL)
325NTSYSAPI
326NTSTATUS
327NTAPI
328ZwSetInformationFile(
329 _In_ HANDLE FileHandle,
330 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
331 _In_reads_bytes_(Length) PVOID FileInformation,
332 _In_ ULONG Length,
333 _In_ FILE_INFORMATION_CLASS FileInformationClass);
334
335_IRQL_requires_max_(PASSIVE_LEVEL)
336NTSYSAPI
337NTSTATUS
338NTAPI
339ZwSetValueKey(
340 _In_ HANDLE KeyHandle,
341 _In_ PUNICODE_STRING ValueName,
342 _In_opt_ ULONG TitleIndex,
343 _In_ ULONG Type,
344 _In_reads_bytes_opt_(DataSize) PVOID Data,
345 _In_ ULONG DataSize);
346
347_IRQL_requires_max_(PASSIVE_LEVEL)
348NTSYSAPI
349NTSTATUS
350NTAPI
351ZwUnloadDriver(
352 _In_ PUNICODE_STRING DriverServiceName);
353
354_IRQL_requires_max_(PASSIVE_LEVEL)
355NTSYSAPI
356NTSTATUS
357NTAPI
358ZwUnmapViewOfSection(
359 _In_ HANDLE ProcessHandle,
360 _In_opt_ PVOID BaseAddress);
361
362_IRQL_requires_max_(PASSIVE_LEVEL)
363NTSYSAPI
364NTSTATUS
365NTAPI
366ZwWriteFile(
367 _In_ HANDLE FileHandle,
368 _In_opt_ HANDLE Event,
369 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
370 _In_opt_ PVOID ApcContext,
371 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
372 _In_reads_bytes_(Length) PVOID Buffer,
373 _In_ ULONG Length,
374 _In_opt_ PLARGE_INTEGER ByteOffset,
375 _In_opt_ PULONG Key);
376
377_IRQL_requires_max_(PASSIVE_LEVEL)
378NTSYSAPI
379NTSTATUS
380NTAPI
381ZwQueryFullAttributesFile(
382 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
383 _Out_ PFILE_NETWORK_OPEN_INFORMATION FileInformation);
384
385$endif (_WDMDDK_)
386$if (_NTDDK_)
387
388_IRQL_requires_max_(PASSIVE_LEVEL)
389NTSTATUS
390NTAPI
391ZwCancelTimer(
392 _In_ HANDLE TimerHandle,
393 _Out_opt_ PBOOLEAN CurrentState);
394
395_IRQL_requires_max_(PASSIVE_LEVEL)
396_When_(return == 0, __drv_allocatesMem(TimerObject))
397NTSTATUS
398NTAPI
399ZwCreateTimer(
400 _Out_ PHANDLE TimerHandle,
401 _In_ ACCESS_MASK DesiredAccess,
402 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
403 _In_ TIMER_TYPE TimerType);
404
405_IRQL_requires_max_(PASSIVE_LEVEL)
406NTSTATUS
407NTAPI
408ZwOpenTimer(
409 _Out_ PHANDLE TimerHandle,
410 _In_ ACCESS_MASK DesiredAccess,
411 _In_ POBJECT_ATTRIBUTES ObjectAttributes);
412
413_IRQL_requires_max_(PASSIVE_LEVEL)
414NTSYSAPI
415NTSTATUS
416NTAPI
417ZwSetInformationThread(
418 _In_ HANDLE ThreadHandle,
419 _In_ THREADINFOCLASS ThreadInformationClass,
420 _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation,
421 _In_ ULONG ThreadInformationLength);
422
423_IRQL_requires_max_(PASSIVE_LEVEL)
424NTSTATUS
425NTAPI
426ZwSetTimer(
427 _In_ HANDLE TimerHandle,
428 _In_ PLARGE_INTEGER DueTime,
429 _In_opt_ PTIMER_APC_ROUTINE TimerApcRoutine,
430 _In_opt_ PVOID TimerContext,
431 _In_ BOOLEAN ResumeTimer,
432 _In_opt_ LONG Period,
433 _Out_opt_ PBOOLEAN PreviousState);
434
435_IRQL_requires_max_(PASSIVE_LEVEL)
436NTSYSAPI
437NTSTATUS
438NTAPI
439ZwDisplayString(
440 _In_ PUNICODE_STRING String);
441
442_IRQL_requires_max_(PASSIVE_LEVEL)
443NTSYSAPI
444NTSTATUS
445NTAPI
446ZwPowerInformation(
447 _In_ POWER_INFORMATION_LEVEL PowerInformationLevel,
448 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
449 _In_ ULONG InputBufferLength,
450 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
451 _In_ ULONG OutputBufferLength);
452
453_IRQL_requires_max_(PASSIVE_LEVEL)
454NTSYSAPI
455NTSTATUS
456NTAPI
457ZwQueryVolumeInformationFile(
458 _In_ HANDLE FileHandle,
459 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
460 _Out_writes_bytes_(Length) PVOID FsInformation,
461 _In_ ULONG Length,
462 _In_ FS_INFORMATION_CLASS FsInformationClass);
463
464_IRQL_requires_max_(PASSIVE_LEVEL)
465NTSYSAPI
466NTSTATUS
467NTAPI
468ZwDeviceIoControlFile(
469 _In_ HANDLE FileHandle,
470 _In_opt_ HANDLE Event,
471 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
472 _In_opt_ PVOID ApcContext,
473 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
474 _In_ ULONG IoControlCode,
475 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
476 _In_ ULONG InputBufferLength,
477 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
478 _In_ ULONG OutputBufferLength);
479
480$endif (_NTDDK_)
481$if (_NTIFS_)
482
483_IRQL_requires_max_(PASSIVE_LEVEL)
484NTSYSAPI
485NTSTATUS
486NTAPI
487ZwQueryObject(
488 _In_opt_ HANDLE Handle,
489 _In_ OBJECT_INFORMATION_CLASS ObjectInformationClass,
490 _Out_writes_bytes_opt_(ObjectInformationLength) PVOID ObjectInformation,
491 _In_ ULONG ObjectInformationLength,
492 _Out_opt_ PULONG ReturnLength);
493
494_IRQL_requires_max_(PASSIVE_LEVEL)
495NTSYSAPI
496NTSTATUS
497NTAPI
498ZwNotifyChangeKey(
499 _In_ HANDLE KeyHandle,
500 _In_opt_ HANDLE EventHandle,
501 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
502 _In_opt_ PVOID ApcContext,
503 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
504 _In_ ULONG NotifyFilter,
505 _In_ BOOLEAN WatchSubtree,
506 _Out_writes_bytes_opt_(BufferLength) PVOID Buffer,
507 _In_ ULONG BufferLength,
508 _In_ BOOLEAN Asynchronous);
509
510_IRQL_requires_max_(PASSIVE_LEVEL)
511NTSYSAPI
512NTSTATUS
513NTAPI
514ZwCreateEvent(
515 _Out_ PHANDLE EventHandle,
516 _In_ ACCESS_MASK DesiredAccess,
517 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
518 _In_ EVENT_TYPE EventType,
519 _In_ BOOLEAN InitialState);
520
521_IRQL_requires_max_(PASSIVE_LEVEL)
522NTSYSAPI
523NTSTATUS
524NTAPI
525ZwDeleteFile(
526 _In_ POBJECT_ATTRIBUTES ObjectAttributes);
527
528_IRQL_requires_max_(PASSIVE_LEVEL)
529NTSYSAPI
530NTSTATUS
531NTAPI
532ZwQueryDirectoryFile(
533 _In_ HANDLE FileHandle,
534 _In_opt_ HANDLE Event,
535 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
536 _In_opt_ PVOID ApcContext,
537 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
538 _Out_writes_bytes_(Length) PVOID FileInformation,
539 _In_ ULONG Length,
540 _In_ FILE_INFORMATION_CLASS FileInformationClass,
541 _In_ BOOLEAN ReturnSingleEntry,
542 _In_opt_ PUNICODE_STRING FileName,
543 _In_ BOOLEAN RestartScan);
544
545_IRQL_requires_max_(PASSIVE_LEVEL)
546NTSYSAPI
547NTSTATUS
548NTAPI
549ZwSetVolumeInformationFile(
550 _In_ HANDLE FileHandle,
551 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
552 _In_reads_bytes_(Length) PVOID FsInformation,
553 _In_ ULONG Length,
554 _In_ FS_INFORMATION_CLASS FsInformationClass);
555
556_IRQL_requires_max_(PASSIVE_LEVEL)
557NTSYSAPI
558NTSTATUS
559NTAPI
560ZwFsControlFile(
561 _In_ HANDLE FileHandle,
562 _In_opt_ HANDLE Event,
563 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
564 _In_opt_ PVOID ApcContext,
565 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
566 _In_ ULONG FsControlCode,
567 _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer,
568 _In_ ULONG InputBufferLength,
569 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
570 _In_ ULONG OutputBufferLength);
571
572_IRQL_requires_max_(PASSIVE_LEVEL)
573NTSYSAPI
574NTSTATUS
575NTAPI
576ZwDuplicateObject(
577 _In_ HANDLE SourceProcessHandle,
578 _In_ HANDLE SourceHandle,
579 _In_opt_ HANDLE TargetProcessHandle,
580 _Out_opt_ PHANDLE TargetHandle,
581 _In_ ACCESS_MASK DesiredAccess,
582 _In_ ULONG HandleAttributes,
583 _In_ ULONG Options);
584
585_IRQL_requires_max_(PASSIVE_LEVEL)
586NTSYSAPI
587NTSTATUS
588NTAPI
589ZwOpenDirectoryObject(
590 _Out_ PHANDLE DirectoryHandle,
591 _In_ ACCESS_MASK DesiredAccess,
592 _In_ POBJECT_ATTRIBUTES ObjectAttributes);
593
594_Must_inspect_result_
595_At_(*BaseAddress, __drv_allocatesMem(Mem))
596__kernel_entry
597NTSYSAPI
598NTSTATUS
599NTAPI
600ZwAllocateVirtualMemory(
601 _In_ HANDLE ProcessHandle,
602 _Inout_ _Outptr_result_buffer_(*RegionSize) PVOID *BaseAddress,
603 _In_ ULONG_PTR ZeroBits,
604 _Inout_ PSIZE_T RegionSize,
605 _In_ ULONG AllocationType,
606 _In_ ULONG Protect);
607
608_IRQL_requires_max_(PASSIVE_LEVEL)
609NTSYSAPI
610NTSTATUS
611NTAPI
612ZwFreeVirtualMemory(
613 _In_ HANDLE ProcessHandle,
614 _Inout_ __drv_freesMem(Mem) PVOID *BaseAddress,
615 _Inout_ PSIZE_T RegionSize,
616 _In_ ULONG FreeType);
617
618_When_(Timeout == NULL, _IRQL_requires_max_(APC_LEVEL))
619_When_(Timeout->QuadPart != 0, _IRQL_requires_max_(APC_LEVEL))
620_When_(Timeout->QuadPart == 0, _IRQL_requires_max_(DISPATCH_LEVEL))
621NTSYSAPI
622NTSTATUS
623NTAPI
624ZwWaitForSingleObject(
625 _In_ HANDLE Handle,
626 _In_ BOOLEAN Alertable,
627 _In_opt_ PLARGE_INTEGER Timeout);
628
629_IRQL_requires_max_(DISPATCH_LEVEL)
630NTSYSAPI
631NTSTATUS
632NTAPI
633ZwSetEvent(
634 _In_ HANDLE EventHandle,
635 _Out_opt_ PLONG PreviousState);
636
637_IRQL_requires_max_(APC_LEVEL)
638NTSYSAPI
639NTSTATUS
640NTAPI
641ZwFlushVirtualMemory(
642 _In_ HANDLE ProcessHandle,
643 _Inout_ PVOID *BaseAddress,
644 _Inout_ PSIZE_T RegionSize,
645 _Out_ PIO_STATUS_BLOCK IoStatusBlock);
646
647_IRQL_requires_max_(PASSIVE_LEVEL)
648NTSYSAPI
649NTSTATUS
650NTAPI
651ZwQueryInformationToken(
652 _In_ HANDLE TokenHandle,
653 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
654 _Out_writes_bytes_to_opt_(Length,*ResultLength) PVOID TokenInformation,
655 _In_ ULONG Length,
656 _Out_ PULONG ResultLength);
657
658_IRQL_requires_max_(PASSIVE_LEVEL)
659NTSYSAPI
660NTSTATUS
661NTAPI
662ZwSetSecurityObject(
663 _In_ HANDLE Handle,
664 _In_ SECURITY_INFORMATION SecurityInformation,
665 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor);
666
667_IRQL_requires_max_(PASSIVE_LEVEL)
668NTSYSAPI
669NTSTATUS
670NTAPI
671ZwQuerySecurityObject(
672 _In_ HANDLE FileHandle,
673 _In_ SECURITY_INFORMATION SecurityInformation,
674 _Out_writes_bytes_to_(Length,*ResultLength) PSECURITY_DESCRIPTOR SecurityDescriptor,
675 _In_ ULONG Length,
676 _Out_ PULONG ResultLength);
677$endif (_NTIFS_)
678#endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
679
680$if (_NTIFS_)
681#if (NTDDI_VERSION >= NTDDI_WINXP)
682
683_IRQL_requires_max_(PASSIVE_LEVEL)
684NTSYSAPI
685NTSTATUS
686NTAPI
687ZwOpenProcessTokenEx(
688 _In_ HANDLE ProcessHandle,
689 _In_ ACCESS_MASK DesiredAccess,
690 _In_ ULONG HandleAttributes,
691 _Out_ PHANDLE TokenHandle);
692
693_IRQL_requires_max_(PASSIVE_LEVEL)
694NTSYSAPI
695NTSTATUS
696NTAPI
697ZwOpenThreadTokenEx(
698 _In_ HANDLE ThreadHandle,
699 _In_ ACCESS_MASK DesiredAccess,
700 _In_ BOOLEAN OpenAsSelf,
701 _In_ ULONG HandleAttributes,
702 _Out_ PHANDLE TokenHandle);
703
704#endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
705$endif (_NTIFS_)
706$if (_WDMDDK_)
707
708#if (NTDDI_VERSION >= NTDDI_WS03)
709_IRQL_requires_max_(PASSIVE_LEVEL)
710NTSYSCALLAPI
711NTSTATUS
712NTAPI
713ZwOpenEvent(
714 _Out_ PHANDLE EventHandle,
715 _In_ ACCESS_MASK DesiredAccess,
716 _In_ POBJECT_ATTRIBUTES ObjectAttributes);
717#endif
718$endif (_WDMDDK_)
719
720$if (_WDMDDK_ || _NTIFS_)
721#if (NTDDI_VERSION >= NTDDI_VISTA)
722$endif (_WDMDDK_ || _NTIFS_)
723$if (_WDMDDK_)
724
725_IRQL_requires_max_(PASSIVE_LEVEL)
726NTSYSAPI
727NTSTATUS
728ZwCreateKeyTransacted(
729 _Out_ PHANDLE KeyHandle,
730 _In_ ACCESS_MASK DesiredAccess,
731 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
732 _Reserved_ ULONG TitleIndex,
733 _In_opt_ PUNICODE_STRING Class,
734 _In_ ULONG CreateOptions,
735 _In_ HANDLE TransactionHandle,
736 _Out_opt_ PULONG Disposition);
737
738_IRQL_requires_max_(PASSIVE_LEVEL)
739NTSYSAPI
740NTSTATUS
741NTAPI
742ZwOpenKeyTransacted(
743 _Out_ PHANDLE KeyHandle,
744 _In_ ACCESS_MASK DesiredAccess,
745 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
746 _In_ HANDLE TransactionHandle);
747
748_IRQL_requires_max_(PASSIVE_LEVEL)
749NTSYSCALLAPI
750NTSTATUS
751NTAPI
752ZwCreateTransactionManager(
753 _Out_ PHANDLE TmHandle,
754 _In_ ACCESS_MASK DesiredAccess,
755 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
756 _In_opt_ PUNICODE_STRING LogFileName,
757 _In_opt_ ULONG CreateOptions,
758 _In_opt_ ULONG CommitStrength);
759
760_IRQL_requires_max_(PASSIVE_LEVEL)
761NTSYSCALLAPI
762NTSTATUS
763NTAPI
764ZwOpenTransactionManager(
765 _Out_ PHANDLE TmHandle,
766 _In_ ACCESS_MASK DesiredAccess,
767 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
768 _In_opt_ PUNICODE_STRING LogFileName,
769 _In_opt_ LPGUID TmIdentity,
770 _In_opt_ ULONG OpenOptions);
771
772_IRQL_requires_max_(PASSIVE_LEVEL)
773NTSYSCALLAPI
774NTSTATUS
775NTAPI
776ZwRollforwardTransactionManager(
777 _In_ HANDLE TransactionManagerHandle,
778 _In_opt_ PLARGE_INTEGER TmVirtualClock);
779
780_IRQL_requires_max_(PASSIVE_LEVEL)
781NTSYSCALLAPI
782NTSTATUS
783NTAPI
784ZwRecoverTransactionManager(
785 _In_ HANDLE TransactionManagerHandle);
786
787_IRQL_requires_max_(PASSIVE_LEVEL)
788NTSYSCALLAPI
789NTSTATUS
790NTAPI
791ZwQueryInformationTransactionManager(
792 _In_ HANDLE TransactionManagerHandle,
793 _In_ TRANSACTIONMANAGER_INFORMATION_CLASS TransactionManagerInformationClass,
794 _Out_writes_bytes_(TransactionManagerInformationLength) PVOID TransactionManagerInformation,
795 _In_ ULONG TransactionManagerInformationLength,
796 _Out_opt_ PULONG ReturnLength);
797
798_IRQL_requires_max_(PASSIVE_LEVEL)
799NTSYSCALLAPI
800NTSTATUS
801NTAPI
802ZwSetInformationTransactionManager(
803 _In_ HANDLE TmHandle,
804 _In_ TRANSACTIONMANAGER_INFORMATION_CLASS TransactionManagerInformationClass,
805 _In_ PVOID TransactionManagerInformation,
806 _In_ ULONG TransactionManagerInformationLength);
807
808_IRQL_requires_max_(PASSIVE_LEVEL)
809NTSYSCALLAPI
810NTSTATUS
811NTAPI
812ZwEnumerateTransactionObject(
813 _In_opt_ HANDLE RootObjectHandle,
814 _In_ KTMOBJECT_TYPE QueryType,
815 _Inout_updates_bytes_(ObjectCursorLength) PKTMOBJECT_CURSOR ObjectCursor,
816 _In_ ULONG ObjectCursorLength,
817 _Out_ PULONG ReturnLength);
818
819_IRQL_requires_max_(PASSIVE_LEVEL)
820NTSYSCALLAPI
821NTSTATUS
822NTAPI
823ZwCreateTransaction(
824 _Out_ PHANDLE TransactionHandle,
825 _In_ ACCESS_MASK DesiredAccess,
826 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
827 _In_opt_ LPGUID Uow,
828 _In_opt_ HANDLE TmHandle,
829 _In_opt_ ULONG CreateOptions,
830 _In_opt_ ULONG IsolationLevel,
831 _In_opt_ ULONG IsolationFlags,
832 _In_opt_ PLARGE_INTEGER Timeout,
833 _In_opt_ PUNICODE_STRING Description);
834
835_IRQL_requires_max_(PASSIVE_LEVEL)
836NTSYSCALLAPI
837NTSTATUS
838NTAPI
839ZwOpenTransaction(
840 _Out_ PHANDLE TransactionHandle,
841 _In_ ACCESS_MASK DesiredAccess,
842 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
843 _In_ LPGUID Uow,
844 _In_opt_ HANDLE TmHandle);
845
846_IRQL_requires_max_(PASSIVE_LEVEL)
847NTSYSCALLAPI
848NTSTATUS
849NTAPI
850ZwQueryInformationTransaction(
851 _In_ HANDLE TransactionHandle,
852 _In_ TRANSACTION_INFORMATION_CLASS TransactionInformationClass,
853 _Out_writes_bytes_(TransactionInformationLength) PVOID TransactionInformation,
854 _In_ ULONG TransactionInformationLength,
855 _Out_opt_ PULONG ReturnLength);
856
857_IRQL_requires_max_(PASSIVE_LEVEL)
858NTSYSCALLAPI
859NTSTATUS
860NTAPI
861ZwSetInformationTransaction(
862 _In_ HANDLE TransactionHandle,
863 _In_ TRANSACTION_INFORMATION_CLASS TransactionInformationClass,
864 _In_ PVOID TransactionInformation,
865 _In_ ULONG TransactionInformationLength);
866
867_IRQL_requires_max_(PASSIVE_LEVEL)
868NTSYSCALLAPI
869NTSTATUS
870NTAPI
871ZwCommitTransaction(
872 _In_ HANDLE TransactionHandle,
873 _In_ BOOLEAN Wait);
874
875_IRQL_requires_max_(PASSIVE_LEVEL)
876NTSYSCALLAPI
877NTSTATUS
878NTAPI
879ZwRollbackTransaction(
880 _In_ HANDLE TransactionHandle,
881 _In_ BOOLEAN Wait);
882
883_IRQL_requires_max_(PASSIVE_LEVEL)
884NTSYSCALLAPI
885NTSTATUS
886NTAPI
887ZwCreateResourceManager(
888 _Out_ PHANDLE ResourceManagerHandle,
889 _In_ ACCESS_MASK DesiredAccess,
890 _In_ HANDLE TmHandle,
891 _In_opt_ LPGUID ResourceManagerGuid,
892 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
893 _In_opt_ ULONG CreateOptions,
894 _In_opt_ PUNICODE_STRING Description);
895
896_IRQL_requires_max_(PASSIVE_LEVEL)
897NTSYSCALLAPI
898NTSTATUS
899NTAPI
900ZwOpenResourceManager(
901 _Out_ PHANDLE ResourceManagerHandle,
902 _In_ ACCESS_MASK DesiredAccess,
903 _In_ HANDLE TmHandle,
904 _In_ LPGUID ResourceManagerGuid,
905 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes);
906
907_IRQL_requires_max_(PASSIVE_LEVEL)
908NTSYSCALLAPI
909NTSTATUS
910NTAPI
911ZwRecoverResourceManager(
912 _In_ HANDLE ResourceManagerHandle);
913
914_IRQL_requires_max_(PASSIVE_LEVEL)
915NTSYSCALLAPI
916NTSTATUS
917NTAPI
918ZwGetNotificationResourceManager(
919 _In_ HANDLE ResourceManagerHandle,
920 _Out_ PTRANSACTION_NOTIFICATION TransactionNotification,
921 _In_ ULONG NotificationLength,
922 _In_ PLARGE_INTEGER Timeout,
923 _Out_opt_ PULONG ReturnLength,
924 _In_ ULONG Asynchronous,
925 _In_opt_ ULONG_PTR AsynchronousContext);
926
927_IRQL_requires_max_(PASSIVE_LEVEL)
928NTSYSCALLAPI
929NTSTATUS
930NTAPI
931ZwQueryInformationResourceManager(
932 _In_ HANDLE ResourceManagerHandle,
933 _In_ RESOURCEMANAGER_INFORMATION_CLASS ResourceManagerInformationClass,
934 _Out_writes_bytes_(ResourceManagerInformationLength) PVOID ResourceManagerInformation,
935 _In_ ULONG ResourceManagerInformationLength,
936 _Out_opt_ PULONG ReturnLength);
937
938_IRQL_requires_max_(PASSIVE_LEVEL)
939NTSYSCALLAPI
940NTSTATUS
941NTAPI
942ZwSetInformationResourceManager(
943 _In_ HANDLE ResourceManagerHandle,
944 _In_ RESOURCEMANAGER_INFORMATION_CLASS ResourceManagerInformationClass,
945 _In_reads_bytes_(ResourceManagerInformationLength) PVOID ResourceManagerInformation,
946 _In_ ULONG ResourceManagerInformationLength);
947
948_IRQL_requires_max_(PASSIVE_LEVEL)
949NTSYSCALLAPI
950NTSTATUS
951NTAPI
952ZwCreateEnlistment(
953 _Out_ PHANDLE EnlistmentHandle,
954 _In_ ACCESS_MASK DesiredAccess,
955 _In_ HANDLE ResourceManagerHandle,
956 _In_ HANDLE TransactionHandle,
957 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
958 _In_opt_ ULONG CreateOptions,
959 _In_ NOTIFICATION_MASK NotificationMask,
960 _In_opt_ PVOID EnlistmentKey);
961
962_IRQL_requires_max_(PASSIVE_LEVEL)
963NTSYSCALLAPI
964NTSTATUS
965NTAPI
966ZwOpenEnlistment(
967 _Out_ PHANDLE EnlistmentHandle,
968 _In_ ACCESS_MASK DesiredAccess,
969 _In_ HANDLE RmHandle,
970 _In_ LPGUID EnlistmentGuid,
971 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes);
972
973_IRQL_requires_max_(PASSIVE_LEVEL)
974NTSYSCALLAPI
975NTSTATUS
976NTAPI
977ZwQueryInformationEnlistment(
978 _In_ HANDLE EnlistmentHandle,
979 _In_ ENLISTMENT_INFORMATION_CLASS EnlistmentInformationClass,
980 _Out_writes_bytes_(EnlistmentInformationLength) PVOID EnlistmentInformation,
981 _In_ ULONG EnlistmentInformationLength,
982 _Out_opt_ PULONG ReturnLength);
983
984_IRQL_requires_max_(PASSIVE_LEVEL)
985NTSYSCALLAPI
986NTSTATUS
987NTAPI
988ZwSetInformationEnlistment(
989 _In_ HANDLE EnlistmentHandle,
990 _In_ ENLISTMENT_INFORMATION_CLASS EnlistmentInformationClass,
991 _In_reads_bytes_(EnlistmentInformationLength) PVOID EnlistmentInformation,
992 _In_ ULONG EnlistmentInformationLength);
993
994_IRQL_requires_max_(PASSIVE_LEVEL)
995NTSYSCALLAPI
996NTSTATUS
997NTAPI
998ZwRecoverEnlistment(
999 _In_ HANDLE EnlistmentHandle,
1000 _In_opt_ PVOID EnlistmentKey);
1001
1002_IRQL_requires_max_(PASSIVE_LEVEL)
1003NTSYSCALLAPI
1004NTSTATUS
1005NTAPI
1006ZwPrePrepareEnlistment(
1007 _In_ HANDLE EnlistmentHandle,
1008 _In_opt_ PLARGE_INTEGER TmVirtualClock);
1009
1010_IRQL_requires_max_(PASSIVE_LEVEL)
1011NTSYSCALLAPI
1012NTSTATUS
1013NTAPI
1014ZwPrepareEnlistment(
1015 _In_ HANDLE EnlistmentHandle,
1016 _In_opt_ PLARGE_INTEGER TmVirtualClock);
1017
1018_IRQL_requires_max_(PASSIVE_LEVEL)
1019NTSYSCALLAPI
1020NTSTATUS
1021NTAPI
1022ZwCommitEnlistment(
1023 _In_ HANDLE EnlistmentHandle,
1024 _In_opt_ PLARGE_INTEGER TmVirtualClock);
1025
1026_IRQL_requires_max_(PASSIVE_LEVEL)
1027NTSYSCALLAPI
1028NTSTATUS
1029NTAPI
1030ZwRollbackEnlistment(
1031 _In_ HANDLE EnlistmentHandle,
1032 _In_opt_ PLARGE_INTEGER TmVirtualClock);
1033
1034_IRQL_requires_max_(PASSIVE_LEVEL)
1035NTSYSCALLAPI
1036NTSTATUS
1037NTAPI
1038ZwPrePrepareComplete(
1039 _In_ HANDLE EnlistmentHandle,
1040 _In_opt_ PLARGE_INTEGER TmVirtualClock);
1041
1042_IRQL_requires_max_(PASSIVE_LEVEL)
1043NTSYSCALLAPI
1044NTSTATUS
1045NTAPI
1046ZwPrepareComplete(
1047 _In_ HANDLE EnlistmentHandle,
1048 _In_opt_ PLARGE_INTEGER TmVirtualClock);
1049
1050_IRQL_requires_max_(PASSIVE_LEVEL)
1051NTSYSCALLAPI
1052NTSTATUS
1053NTAPI
1054ZwCommitComplete(
1055 _In_ HANDLE EnlistmentHandle,
1056 _In_opt_ PLARGE_INTEGER TmVirtualClock);
1057
1058_IRQL_requires_max_(PASSIVE_LEVEL)
1059NTSYSCALLAPI
1060NTSTATUS
1061NTAPI
1062ZwReadOnlyEnlistment(
1063 _In_ HANDLE EnlistmentHandle,
1064 _In_opt_ PLARGE_INTEGER TmVirtualClock);
1065
1066NTSYSCALLAPI
1067NTSTATUS
1068NTAPI
1069ZwRollbackComplete(
1070 _In_ HANDLE EnlistmentHandle,
1071 _In_opt_ PLARGE_INTEGER TmVirtualClock);
1072
1073NTSYSCALLAPI
1074NTSTATUS
1075NTAPI
1076ZwSinglePhaseReject(
1077 _In_ HANDLE EnlistmentHandle,
1078 _In_opt_ PLARGE_INTEGER TmVirtualClock);
1079$endif (_WDMDDK_)
1080$if (_NTIFS_)
1081
1082_IRQL_requires_max_(PASSIVE_LEVEL)
1083NTSYSAPI
1084NTSTATUS
1085NTAPI
1086ZwLockFile(
1087 _In_ HANDLE FileHandle,
1088 _In_opt_ HANDLE Event,
1089 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
1090 _In_opt_ PVOID ApcContext,
1091 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
1092 _In_ PLARGE_INTEGER ByteOffset,
1093 _In_ PLARGE_INTEGER Length,
1094 _In_ ULONG Key,
1095 _In_ BOOLEAN FailImmediately,
1096 _In_ BOOLEAN ExclusiveLock);
1097
1098_IRQL_requires_max_(PASSIVE_LEVEL)
1099NTSYSAPI
1100NTSTATUS
1101NTAPI
1102ZwUnlockFile(
1103 _In_ HANDLE FileHandle,
1104 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
1105 _In_ PLARGE_INTEGER ByteOffset,
1106 _In_ PLARGE_INTEGER Length,
1107 _In_ ULONG Key);
1108
1109_IRQL_requires_max_(PASSIVE_LEVEL)
1110NTSYSAPI
1111NTSTATUS
1112NTAPI
1113ZwQueryQuotaInformationFile(
1114 _In_ HANDLE FileHandle,
1115 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
1116 _Out_writes_bytes_(Length) PVOID Buffer,
1117 _In_ ULONG Length,
1118 _In_ BOOLEAN ReturnSingleEntry,
1119 _In_reads_bytes_opt_(SidListLength) PVOID SidList,
1120 _In_ ULONG SidListLength,
1121 _In_opt_ PSID StartSid,
1122 _In_ BOOLEAN RestartScan);
1123
1124_IRQL_requires_max_(PASSIVE_LEVEL)
1125NTSYSAPI
1126NTSTATUS
1127NTAPI
1128ZwSetQuotaInformationFile(
1129 _In_ HANDLE FileHandle,
1130 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
1131 _In_reads_bytes_(Length) PVOID Buffer,
1132 _In_ ULONG Length);
1133
1134_IRQL_requires_max_(PASSIVE_LEVEL)
1135NTSYSAPI
1136NTSTATUS
1137NTAPI
1138ZwFlushBuffersFile(
1139 _In_ HANDLE FileHandle,
1140 _Out_ PIO_STATUS_BLOCK IoStatusBlock);
1141$endif (_NTIFS_)
1142$if (_WDMDDK_ || _NTIFS_)
1143#endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
1144$endif (_WDMDDK_ || _NTIFS_)
1145#if (NTDDI_VERSION >= NTDDI_WIN7)
1146$if (_WDMDDK_)
1147
1148_IRQL_requires_max_(PASSIVE_LEVEL)
1149NTSYSAPI
1150NTSTATUS
1151NTAPI
1152ZwOpenKeyEx(
1153 _Out_ PHANDLE KeyHandle,
1154 _In_ ACCESS_MASK DesiredAccess,
1155 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
1156 _In_ ULONG OpenOptions);
1157
1158_IRQL_requires_max_(PASSIVE_LEVEL)
1159NTSYSAPI
1160NTSTATUS
1161NTAPI
1162ZwOpenKeyTransactedEx(
1163 _Out_ PHANDLE KeyHandle,
1164 _In_ ACCESS_MASK DesiredAccess,
1165 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
1166 _In_ ULONG OpenOptions,
1167 _In_ HANDLE TransactionHandle);
1168
1169NTSYSAPI
1170NTSTATUS
1171NTAPI
1172ZwNotifyChangeMultipleKeys(
1173 _In_ HANDLE MasterKeyHandle,
1174 _In_opt_ ULONG Count,
1175 _In_opt_ OBJECT_ATTRIBUTES SubordinateObjects[],
1176 _In_opt_ HANDLE Event,
1177 _In_opt_ PIO_APC_ROUTINE ApcRoutine,
1178 _In_opt_ PVOID ApcContext,
1179 _Out_ PIO_STATUS_BLOCK IoStatusBlock,
1180 _In_ ULONG CompletionFilter,
1181 _In_ BOOLEAN WatchTree,
1182 _Out_opt_ PVOID Buffer,
1183 _In_ ULONG BufferSize,
1184 _In_ BOOLEAN Asynchronous);
1185
1186NTSYSAPI
1187NTSTATUS
1188NTAPI
1189ZwQueryMultipleValueKey(
1190 _In_ HANDLE KeyHandle,
1191 _Inout_ PKEY_VALUE_ENTRY ValueEntries,
1192 _In_ ULONG EntryCount,
1193 _Out_ PVOID ValueBuffer,
1194 _Inout_ PULONG BufferLength,
1195 _Out_opt_ PULONG RequiredBufferLength);
1196
1197_IRQL_requires_max_(PASSIVE_LEVEL)
1198NTSYSAPI
1199NTSTATUS
1200NTAPI
1201ZwRenameKey(
1202 _In_ HANDLE KeyHandle,
1203 _In_ PUNICODE_STRING NewName);
1204
1205_IRQL_requires_max_(PASSIVE_LEVEL)
1206NTSYSAPI
1207NTSTATUS
1208NTAPI
1209ZwSetInformationKey(
1210 _In_ HANDLE KeyHandle,
1211 _In_ __drv_strictTypeMatch(__drv_typeConst) KEY_SET_INFORMATION_CLASS KeySetInformationClass,
1212 _In_reads_bytes_(KeySetInformationLength) PVOID KeySetInformation,
1213 _In_ ULONG KeySetInformationLength);
1214
1215$endif (_WDMDDK_)
1216$if (_NTDDK_)
1217
1218_IRQL_requires_max_(PASSIVE_LEVEL)
1219NTSTATUS
1220NTAPI
1221ZwSetTimerEx(
1222 _In_ HANDLE TimerHandle,
1223 _In_ TIMER_SET_INFORMATION_CLASS TimerSetInformationClass,
1224 _Inout_updates_bytes_opt_(TimerSetInformationLength) PVOID TimerSetInformation,
1225 _In_ ULONG TimerSetInformationLength);
1226$endif (_NTDDK_)
1227$if (_NTIFS_)
1228
1229_IRQL_requires_max_(PASSIVE_LEVEL)
1230NTSYSAPI
1231NTSTATUS
1232NTAPI
1233ZwSetInformationToken(
1234 _In_ HANDLE TokenHandle,
1235 _In_ TOKEN_INFORMATION_CLASS TokenInformationClass,
1236 _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation,
1237 _In_ ULONG TokenInformationLength);
1238
1239#if (VER_PRODUCTBUILD >= 2195)
1240NTSYSAPI
1241NTSTATUS
1242NTAPI
1243ZwAdjustPrivilegesToken (
1244 _In_ HANDLE TokenHandle,
1245 _In_ BOOLEAN DisableAllPrivileges,
1246 _In_ PTOKEN_PRIVILEGES NewState,
1247 _In_ ULONG BufferLength,
1248 _Out_opt_ PTOKEN_PRIVILEGES PreviousState,
1249 _Out_ PULONG ReturnLength
1250);
1251#endif /* (VER_PRODUCTBUILD >= 2195) */
1252
1253NTSYSAPI
1254NTSTATUS
1255NTAPI
1256ZwAlertThread (
1257 _In_ HANDLE ThreadHandle
1258);
1259
1260NTSYSAPI
1261NTSTATUS
1262NTAPI
1263ZwAccessCheckAndAuditAlarm (
1264 _In_ PUNICODE_STRING SubsystemName,
1265 _In_ PVOID HandleId,
1266 _In_ PUNICODE_STRING ObjectTypeName,
1267 _In_ PUNICODE_STRING ObjectName,
1268 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
1269 _In_ ACCESS_MASK DesiredAccess,
1270 _In_ PGENERIC_MAPPING GenericMapping,
1271 _In_ BOOLEAN ObjectCreation,
1272 _Out_ PACCESS_MASK GrantedAccess,
1273 _Out_ PBOOLEAN AccessStatus,
1274 _Out_ PBOOLEAN GenerateOnClose
1275);
1276
1277#if (VER_PRODUCTBUILD >= 2195)
1278NTSYSAPI
1279NTSTATUS
1280NTAPI
1281ZwCancelIoFile (
1282 _In_ HANDLE FileHandle,
1283 _Out_ PIO_STATUS_BLOCK IoStatusBlock
1284);
1285#endif /* (VER_PRODUCTBUILD >= 2195) */
1286
1287NTSYSAPI
1288NTSTATUS
1289NTAPI
1290ZwClearEvent (
1291 _In_ HANDLE EventHandle
1292);
1293
1294NTSYSAPI
1295NTSTATUS
1296NTAPI
1297ZwCloseObjectAuditAlarm (
1298 _In_ PUNICODE_STRING SubsystemName,
1299 _In_ PVOID HandleId,
1300 _In_ BOOLEAN GenerateOnClose
1301);
1302
1303NTSYSAPI
1304NTSTATUS
1305NTAPI
1306ZwCreateSymbolicLinkObject (
1307 _Out_ PHANDLE SymbolicLinkHandle,
1308 _In_ ACCESS_MASK DesiredAccess,
1309 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
1310 _In_ PUNICODE_STRING TargetName
1311);
1312
1313NTSYSAPI
1314NTSTATUS
1315NTAPI
1316ZwFlushInstructionCache (
1317 _In_ HANDLE ProcessHandle,
1318 _In_opt_ PVOID BaseAddress,
1319 _In_ ULONG FlushSize
1320);
1321
1322NTSYSAPI
1323NTSTATUS
1324NTAPI
1325ZwFlushBuffersFile(
1326 _In_ HANDLE FileHandle,
1327 _Out_ PIO_STATUS_BLOCK IoStatusBlock
1328);
1329
1330#if (VER_PRODUCTBUILD >= 2195)
1331NTSYSAPI
1332NTSTATUS
1333NTAPI
1334ZwInitiatePowerAction (
1335 _In_ POWER_ACTION SystemAction,
1336 _In_ SYSTEM_POWER_STATE MinSystemState,
1337 _In_ ULONG Flags,
1338 _In_ BOOLEAN Asynchronous
1339);
1340#endif /* (VER_PRODUCTBUILD >= 2195) */
1341
1342NTSYSAPI
1343NTSTATUS
1344NTAPI
1345ZwLoadKey (
1346 _In_ POBJECT_ATTRIBUTES KeyObjectAttributes,
1347 _In_ POBJECT_ATTRIBUTES FileObjectAttributes
1348);
1349
1350NTSYSAPI
1351NTSTATUS
1352NTAPI
1353ZwOpenProcessToken (
1354 _In_ HANDLE ProcessHandle,
1355 _In_ ACCESS_MASK DesiredAccess,
1356 _Out_ PHANDLE TokenHandle
1357);
1358
1359NTSYSAPI
1360NTSTATUS
1361NTAPI
1362ZwOpenThread (
1363 _Out_ PHANDLE ThreadHandle,
1364 _In_ ACCESS_MASK DesiredAccess,
1365 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
1366 _In_ PCLIENT_ID ClientId
1367);
1368
1369NTSYSAPI
1370NTSTATUS
1371NTAPI
1372ZwOpenThreadToken (
1373 _In_ HANDLE ThreadHandle,
1374 _In_ ACCESS_MASK DesiredAccess,
1375 _In_ BOOLEAN OpenAsSelf,
1376 _Out_ PHANDLE TokenHandle
1377);
1378
1379NTSYSAPI
1380NTSTATUS
1381NTAPI
1382ZwPulseEvent (
1383 _In_ HANDLE EventHandle,
1384 _In_opt_ PLONG PulseCount
1385);
1386
1387NTSYSAPI
1388NTSTATUS
1389NTAPI
1390ZwQueryDefaultLocale (
1391 _In_ BOOLEAN UserProfile,
1392 _Out_ PLCID DefaultLocaleId
1393);
1394
1395#if (VER_PRODUCTBUILD >= 2195)
1396_IRQL_requires_max_(PASSIVE_LEVEL)
1397NTSYSAPI
1398NTSTATUS
1399NTAPI
1400ZwQueryDirectoryObject(
1401 _In_ HANDLE DirectoryHandle,
1402 _Out_ PVOID Buffer,
1403 _In_ ULONG BufferLength,
1404 _In_ BOOLEAN ReturnSingleEntry,
1405 _In_ BOOLEAN RestartScan,
1406 _Inout_ PULONG Context,
1407 _Out_opt_ PULONG ReturnLength
1408);
1409#endif /* (VER_PRODUCTBUILD >= 2195) */
1410
1411NTSYSAPI
1412NTSTATUS
1413NTAPI
1414ZwReplaceKey (
1415 _In_ POBJECT_ATTRIBUTES NewFileObjectAttributes,
1416 _In_ HANDLE KeyHandle,
1417 _In_ POBJECT_ATTRIBUTES OldFileObjectAttributes
1418);
1419
1420NTSYSAPI
1421NTSTATUS
1422NTAPI
1423ZwResetEvent (
1424 _In_ HANDLE EventHandle,
1425 _Out_opt_ PLONG NumberOfWaitingThreads
1426);
1427
1428#if (VER_PRODUCTBUILD >= 2195)
1429NTSYSAPI
1430NTSTATUS
1431NTAPI
1432ZwRestoreKey (
1433 _In_ HANDLE KeyHandle,
1434 _In_ HANDLE FileHandle,
1435 _In_ ULONG Flags
1436);
1437#endif /* (VER_PRODUCTBUILD >= 2195) */
1438
1439NTSYSAPI
1440NTSTATUS
1441NTAPI
1442ZwSaveKey (
1443 _In_ HANDLE KeyHandle,
1444 _In_ HANDLE FileHandle
1445);
1446
1447NTSYSAPI
1448NTSTATUS
1449NTAPI
1450ZwSetDefaultLocale (
1451 _In_ BOOLEAN UserProfile,
1452 _In_ LCID DefaultLocaleId
1453);
1454
1455#if (VER_PRODUCTBUILD >= 2195)
1456NTSYSAPI
1457NTSTATUS
1458NTAPI
1459ZwSetDefaultUILanguage (
1460 _In_ LANGID LanguageId
1461);
1462#endif /* (VER_PRODUCTBUILD >= 2195) */
1463
1464NTSYSAPI
1465NTSTATUS
1466NTAPI
1467ZwSetInformationProcess (
1468 _In_ HANDLE ProcessHandle,
1469 _In_ PROCESSINFOCLASS ProcessInformationClass,
1470 _In_ PVOID ProcessInformation,
1471 _In_ ULONG ProcessInformationLength
1472);
1473
1474NTSYSAPI
1475NTSTATUS
1476NTAPI
1477ZwSetSystemTime (
1478 _In_ PLARGE_INTEGER NewTime,
1479 _Out_opt_ PLARGE_INTEGER OldTime
1480);
1481
1482NTSYSAPI
1483NTSTATUS
1484NTAPI
1485ZwUnloadKey (
1486 _In_ POBJECT_ATTRIBUTES KeyObjectAttributes
1487);
1488
1489NTSYSAPI
1490NTSTATUS
1491NTAPI
1492ZwWaitForMultipleObjects (
1493 _In_ ULONG HandleCount,
1494 _In_ PHANDLE Handles,
1495 _In_ WAIT_TYPE WaitType,
1496 _In_ BOOLEAN Alertable,
1497 _In_opt_ PLARGE_INTEGER Timeout
1498);
1499
1500NTSYSAPI
1501NTSTATUS
1502NTAPI
1503ZwYieldExecution (
1504 VOID
1505);
1506
1507$endif (_NTIFS_)
1508#endif /* (NTDDI_VERSION >= NTDDI_WIN7) */
1509
DirectoryHandle
static HANDLE DirectoryHandle
Definition: ObType.c:48
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
GenericMapping
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
Type
Type
Definition: Type.h:7
TOKEN_TYPE
TOKEN_TYPE
Definition: asmpp.cpp:29
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI
#define NTSYSAPI
Definition: ntoskrnl.h:12
return
return
Definition: dirsup.c:529
Buffer
Definition: bufpool.h:45
ObjectInformation
IN CINT OUT PVOID ObjectInformation
Definition: conport.c:48
NULL
#define NULL
Definition: types.h:112
THREADINFOCLASS
enum _THREADINFOCLASS THREADINFOCLASS
Definition: thread.c:101
__drv_freesMem
#define __drv_freesMem(kind)
Definition: driverspecs.h:272
_IRQL_requires_max_
#define _IRQL_requires_max_(irql)
Definition: driverspecs.h:230
__drv_allocatesMem
#define __drv_allocatesMem(kind)
Definition: driverspecs.h:257
__drv_strictTypeMatch
#define __drv_strictTypeMatch(mode)
Definition: driverspecs.h:330
PASSIVE_LEVEL
#define PASSIVE_LEVEL
Definition: env_spec_w32.h:693
APC_LEVEL
#define APC_LEVEL
Definition: env_spec_w32.h:695
DISPATCH_LEVEL
#define DISPATCH_LEVEL
Definition: env_spec_w32.h:696
CompletionFilter
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG CompletionFilter
Definition: fltkernel.h:2243
WatchTree
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN WatchTree
Definition: fltkernel.h:2241
FILE_INFORMATION_CLASS
enum _FILE_INFORMATION_CLASS FILE_INFORMATION_CLASS
Definition: directory.c:44
FS_INFORMATION_CLASS
enum _FSINFOCLASS FS_INFORMATION_CLASS
ZwDeleteValueKey
NTSYSAPI NTSTATUS NTAPI ZwDeleteValueKey(__in IN HANDLE Key, __in IN PUNICODE_STRING ValueName)
Handle
ULONG Handle
Definition: gdb_input.c:15
_NTIFS_
#define _NTIFS_
Definition: ifssupp.h:20
OBJECT_INFORMATION_CLASS
enum _OBJECT_INFORMATION_CLASS OBJECT_INFORMATION_CLASS
PROCESSINFOCLASS
enum _PROCESSINFOCLASS PROCESSINFOCLASS
Definition: loader.c:63
PTIMER_APC_ROUTINE
VOID(CALLBACK * PTIMER_APC_ROUTINE)(PVOID, ULONG, LONG)
Definition: winternl.h:2018
NOTIFICATION_MASK
ULONG NOTIFICATION_MASK
Definition: ktmtypes.h:99
ObjectTypeName
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:79
SECURITY_INFORMATION
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311
_Outptr_result_bytebuffer_
#define _Outptr_result_bytebuffer_(size)
Definition: ms_sal.h:472
_Out_opt_
#define _Out_opt_
Definition: ms_sal.h:346
_In_reads_bytes_
#define _In_reads_bytes_(size)
Definition: ms_sal.h:321
_Inout_
#define _Inout_
Definition: ms_sal.h:378
_Out_writes_bytes_
#define _Out_writes_bytes_(size)
Definition: ms_sal.h:350
_Out_writes_bytes_to_
#define _Out_writes_bytes_to_(size, count)
Definition: ms_sal.h:360
_Inout_updates_bytes_opt_
#define _Inout_updates_bytes_opt_(size)
Definition: ms_sal.h:400
_At_
#define _At_(target, annos)
Definition: ms_sal.h:244
_Inout_opt_
#define _Inout_opt_
Definition: ms_sal.h:379
_Must_inspect_result_
#define _Must_inspect_result_
Definition: ms_sal.h:558
_Inout_updates_bytes_
#define _Inout_updates_bytes_(size)
Definition: ms_sal.h:399
_Out_
#define _Out_
Definition: ms_sal.h:345
_When_
#define _When_(expr, annos)
Definition: ms_sal.h:254
_Out_writes_bytes_to_opt_
#define _Out_writes_bytes_to_opt_(size, count)
Definition: ms_sal.h:361
_In_
#define _In_
Definition: ms_sal.h:308
_In_reads_bytes_opt_
#define _In_reads_bytes_opt_(size)
Definition: ms_sal.h:322
_In_opt_
#define _In_opt_
Definition: ms_sal.h:309
_Outptr_result_buffer_
#define _Outptr_result_buffer_(size)
Definition: ms_sal.h:456
_Reserved_
#define _Reserved_
Definition: ms_sal.h:295
_Out_writes_bytes_opt_
#define _Out_writes_bytes_opt_(size)
Definition: ms_sal.h:351
KeyHandle
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4715
ZwSetEvent
NTSYSAPI NTSTATUS NTAPI ZwSetEvent(_In_ HANDLE EventHandle, _Out_opt_ PLONG PreviousState)
ZwOpenEvent
NTSYSCALLAPI NTSTATUS NTAPI ZwOpenEvent(_Out_ PHANDLE EventHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
ZwDisplayString
NTSYSAPI NTSTATUS NTAPI ZwDisplayString(_In_ PUNICODE_STRING DisplayString)
ZwSetDefaultUILanguage
NTSYSAPI NTSTATUS NTAPI ZwSetDefaultUILanguage(LANGID LanguageId)
ZwLockFile
NTSYSAPI NTSTATUS NTAPI ZwLockFile(_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ PLARGE_INTEGER ByteOffset, _In_ PLARGE_INTEGER Length, _In_ ULONG Key, _In_ BOOLEAN FailImmediatedly, _In_ BOOLEAN ExclusiveLock)
ZwUnloadDriver
NTSYSAPI NTSTATUS NTAPI ZwUnloadDriver(_In_ PUNICODE_STRING DriverServiceName)
ZwQueryFullAttributesFile
NTSYSAPI NTSTATUS NTAPI ZwQueryFullAttributesFile(_In_ POBJECT_ATTRIBUTES ObjectAttributes, _Out_ PFILE_NETWORK_OPEN_INFORMATION FileInformation)
ZwSetQuotaInformationFile
NTSYSAPI NTSTATUS NTAPI ZwSetQuotaInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ PVOID Buffer, _In_ ULONG BufferLength)
ZwCancelIoFile
NTSYSAPI NTSTATUS NTAPI ZwCancelIoFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock)
ZwOpenFile
NTSYSAPI NTSTATUS NTAPI ZwOpenFile(_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG ShareAccess, _In_ ULONG OpenOptions)
ZwDeleteFile
NTSYSAPI NTSTATUS NTAPI ZwDeleteFile(_In_ POBJECT_ATTRIBUTES ObjectAttributes)
ZwUnlockFile
NTSYSAPI NTSTATUS NTAPI ZwUnlockFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ PLARGE_INTEGER ByteOffset, _In_ PLARGE_INTEGER Length, _In_opt_ ULONG Key)
ZwQueryQuotaInformationFile
NTSYSAPI NTSTATUS NTAPI ZwQueryQuotaInformationFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_ PVOID Buffer, _In_ ULONG Length, _In_ BOOLEAN ReturnSingleEntry, _In_opt_ PVOID SidList, _In_ ULONG SidListLength, _In_opt_ PSID StartSid, _In_ BOOLEAN RestartScan)
ZwOpenSection
NTSYSAPI NTSTATUS NTAPI ZwOpenSection(_Out_ PHANDLE SectionHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
ZwOpenSymbolicLinkObject
NTSYSAPI NTSTATUS NTAPI ZwOpenSymbolicLinkObject(_Out_ PHANDLE SymbolicLinkHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
ZwOpenDirectoryObject
NTSYSAPI NTSTATUS NTAPI ZwOpenDirectoryObject(_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
ZwClose
NTSYSAPI NTSTATUS NTAPI ZwClose(_In_ HANDLE Handle)
ZwMakeTemporaryObject
NTSYSAPI NTSTATUS NTAPI ZwMakeTemporaryObject(_In_ HANDLE Handle)
ZwCreateDirectoryObject
NTSYSAPI NTSTATUS NTAPI ZwCreateDirectoryObject(_Out_ PHANDLE DirectoryHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
ZwInitiatePowerAction
NTSYSAPI NTSTATUS NTAPI ZwInitiatePowerAction(_In_ POWER_ACTION SystemAction, _In_ SYSTEM_POWER_STATE MinSystemState, _In_ ULONG Flags, _In_ BOOLEAN Asynchronous)
ZwOpenThreadTokenEx
NTSYSAPI NTSTATUS NTAPI ZwOpenThreadTokenEx(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle)
ZwAdjustPrivilegesToken
_Must_inspect_result_ NTSYSAPI NTSTATUS NTAPI ZwAdjustPrivilegesToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState, _When_(PreviousState !=NULL, _Out_) PULONG ReturnLength)
ZwOpenProcessTokenEx
NTSYSAPI NTSTATUS NTAPI ZwOpenProcessTokenEx(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle)
ZwSetInformationToken
NTSYSAPI NTSTATUS NTAPI ZwSetInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_ PVOID TokenInformation, _In_ ULONG TokenInformationLength)
ZwAllocateLocallyUniqueId
NTSYSAPI NTSTATUS NTAPI ZwAllocateLocallyUniqueId(_Out_ LUID *LocallyUniqueId)
Count
int Count
Definition: noreturn.cpp:7
KEY_SET_INFORMATION_CLASS
enum _KEY_SET_INFORMATION_CLASS KEY_SET_INFORMATION_CLASS
ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40
PACCESS_MASK
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
SECTION_INHERIT
enum _SECTION_INHERIT SECTION_INHERIT
KEY_VALUE_INFORMATION_CLASS
enum _KEY_VALUE_INFORMATION_CLASS KEY_VALUE_INFORMATION_CLASS
Definition: reg.c:135
KEY_INFORMATION_CLASS
enum _KEY_INFORMATION_CLASS KEY_INFORMATION_CLASS
PIO_APC_ROUTINE
VOID(* PIO_APC_ROUTINE)(IN PVOID ApcContext, IN PIO_STATUS_BLOCK IoStatusBlock, IN ULONG Reserved)
Definition: nt_native.h:877
PLCID
* PLCID
Definition: ntbasedef.h:509
NTSYSCALLAPI
#define NTSYSCALLAPI
Definition: ntbasedef.h:204
_NTDDK_
#define _NTDDK_
Definition: ntddk.template.h:26
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
TIMER_TYPE
enum _TIMER_TYPE TIMER_TYPE
EVENT_TYPE
enum _EVENT_TYPE EVENT_TYPE
WAIT_TYPE
enum _WAIT_TYPE WAIT_TYPE
ZwDeviceIoControlFile
NTSYSAPI NTSTATUS NTAPI ZwDeviceIoControlFile(IN HANDLE DeviceHandle, IN HANDLE Event OPTIONAL, IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL, IN PVOID UserApcContext OPTIONAL, OUT PIO_STATUS_BLOCK IoStatusBlock, IN ULONG IoControlCode, IN PVOID InputBuffer, IN ULONG InputBufferSize, OUT PVOID OutputBuffer, IN ULONG OutputBufferSize)
ZwFsControlFile
NTSYSAPI NTSTATUS NTAPI ZwFsControlFile(IN HANDLE DeviceHandle, IN HANDLE Event OPTIONAL, IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, IN PVOID ApcContext OPTIONAL, OUT PIO_STATUS_BLOCK IoStatusBlock, IN ULONG IoControlCode, IN PVOID InputBuffer, IN ULONG InputBufferSize, OUT PVOID OutputBuffer, IN ULONG OutputBufferSize)
ZwQueryVolumeInformationFile
NTSYSAPI NTSTATUS NTAPI ZwQueryVolumeInformationFile(IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock, OUT PVOID FsInformation, IN ULONG Length, IN FS_INFORMATION_CLASS FsInformationClass)
MinSystemState
_In_ SYSTEM_POWER_STATE MinSystemState
Definition: ntpoapi.h:303
POWER_ACTION
POWER_ACTION
Definition: ntpoapi.h:122
POWER_INFORMATION_LEVEL
enum _POWER_INFORMATION_LEVEL POWER_INFORMATION_LEVEL
SYSTEM_POWER_STATE
enum _SYSTEM_POWER_STATE SYSTEM_POWER_STATE
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
RESOURCEMANAGER_INFORMATION_CLASS
enum _RESOURCEMANAGER_INFORMATION_CLASS RESOURCEMANAGER_INFORMATION_CLASS
KTMOBJECT_TYPE
enum _KTMOBJECT_TYPE KTMOBJECT_TYPE
TRANSACTIONMANAGER_INFORMATION_CLASS
enum _TRANSACTIONMANAGER_INFORMATION_CLASS TRANSACTIONMANAGER_INFORMATION_CLASS
ENLISTMENT_INFORMATION_CLASS
enum _ENLISTMENT_INFORMATION_CLASS ENLISTMENT_INFORMATION_CLASS
TRANSACTION_INFORMATION_CLASS
enum _TRANSACTION_INFORMATION_CLASS TRANSACTION_INFORMATION_CLASS
LONG
long LONG
Definition: pedump.c:60
TargetName
static PCWSTR TargetName
Definition: ping.c:67
LCID
DWORD LCID
Definition: nls.h:13
WaitType
WaitType
Definition: shlextdbg.cpp:18
__kernel_entry
#define __kernel_entry
Definition: specstrings.h:355
_CLIENT_ID
Definition: compat.h:824
_FILE_NETWORK_OPEN_INFORMATION
Definition: from_kernel.h:207
_FileName
Definition: filecomp.c:348
_GENERIC_MAPPING
Definition: nt_native.h:564
_IO_STATUS_BLOCK
Definition: env_spec_w32.h:870
_KEY_VALUE_ENTRY
Definition: nt_native.h:1172
_KTMOBJECT_CURSOR
Definition: nttmapi.h:210
_LUID
Definition: devicetopology.idl:137
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
_SID
Definition: ms-dtyp.idl:198
_TOKEN_PRIVILEGES
Definition: setypes.h:1022
_TRANSACTION_NOTIFICATION
Definition: ktmtypes.h:102
_UNICODE_STRING
Definition: env_spec_w32.h:368
PSIZE_T
ULONG_PTR * PSIZE_T
Definition: typedefs.h:80
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
LANGID
WORD LANGID
Definition: typedefs.h:81
PBOOLEAN
unsigned char * PBOOLEAN
Definition: typedefs.h:53
NTAPI
#define NTAPI
Definition: typedefs.h:36
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
PLONG
int32_t * PLONG
Definition: typedefs.h:58
ULONG
uint32_t ULONG
Definition: typedefs.h:59
_LARGE_INTEGER
Definition: typedefs.h:103
Index
_In_ WDFCOLLECTION _In_ ULONG Index
Definition: wdfcollection.h:182
FileObjectAttributes
_In_ PWDFDEVICE_INIT _In_ PWDF_FILEOBJECT_CONFIG _In_opt_ PWDF_OBJECT_ATTRIBUTES FileObjectAttributes
Definition: wdfdevice.h:3400
PreviousState
_In_ WDF_POWER_DEVICE_STATE PreviousState
Definition: wdfdevice.h:829
ResultLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG _Out_ PULONG ResultLength
Definition: wdfdevice.h:3776
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
Options
_In_ PWDFDEVICE_INIT _In_ PWDF_REMOVE_LOCK_OPTIONS Options
Definition: wdfdevice.h:3534
BufferLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3771
String
_Must_inspect_result_ _In_ WDFDEVICE _In_ WDFSTRING String
Definition: wdfdevice.h:2433
Wait
_In_ WDFDPC _In_ BOOLEAN Wait
Definition: wdfdpc.h:170
IoControlCode
_In_ WDFREQUEST _In_ size_t _In_ size_t _In_ ULONG IoControlCode
Definition: wdfio.h:325
OutputBufferLength
_In_ WDFREQUEST _In_ size_t OutputBufferLength
Definition: wdfio.h:320
InputBufferLength
_In_ WDFREQUEST _In_ size_t _In_ size_t InputBufferLength
Definition: wdfio.h:322
OutputBuffer
_Must_inspect_result_ _In_ WDFIOTARGET _In_opt_ WDFREQUEST _In_opt_ PWDF_MEMORY_DESCRIPTOR OutputBuffer
Definition: wdfiotarget.h:863
InputBuffer
_Must_inspect_result_ _In_ WDFIOTARGET _In_opt_ WDFREQUEST _In_opt_ PWDF_MEMORY_DESCRIPTOR InputBuffer
Definition: wdfiotarget.h:953
BufferSize
_In_ WDFMEMORY _Out_opt_ size_t * BufferSize
Definition: wdfmemory.h:254
CreateDisposition
_Must_inspect_result_ _In_opt_ WDFKEY _In_ PCUNICODE_STRING _In_ ACCESS_MASK _In_ ULONG _Out_opt_ PULONG CreateDisposition
Definition: wdfregistry.h:120
CreateOptions
_Must_inspect_result_ _In_opt_ WDFKEY _In_ PCUNICODE_STRING _In_ ACCESS_MASK _In_ ULONG CreateOptions
Definition: wdfregistry.h:118
ValueName
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING ValueName
Definition: wdfregistry.h:243
DueTime
_In_ WDFTIMER _In_ LONGLONG DueTime
Definition: wdftimer.h:190
_WDMDDK_
#define _WDMDDK_
Definition: wdm.template.h:26
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
ObjectName
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:64
EaBuffer
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Out_ PIO_STATUS_BLOCK _In_opt_ PLARGE_INTEGER _In_ ULONG _In_ ULONG _In_ ULONG _In_ ULONG _In_opt_ PVOID EaBuffer
Definition: iofuncs.h:845
TIMER_SET_INFORMATION_CLASS
enum _TIMER_SET_INFORMATION_CLASS TIMER_SET_INFORMATION_CLASS
QuadPart
ret QuadPart
Definition: rtlfuncs.h:3089
GenerateOnClose
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN _In_ KPROCESSOR_MODE _In_opt_ GUID _Out_ PBOOLEAN GenerateOnClose
Definition: sefuncs.h:422
AccessStatus
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:21
GrantedAccess
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:20
TOKEN_INFORMATION_CLASS
enum _TOKEN_INFORMATION_CLASS TOKEN_INFORMATION_CLASS
ZwSetSystemTime
NTSYSAPI NTSTATUS NTAPI ZwSetSystemTime(_In_ PLARGE_INTEGER NewTime, _Out_opt_ PLARGE_INTEGER OldTime)
TransactionManagerInformation
_In_ TRANSACTIONMANAGER_INFORMATION_CLASS _In_ PVOID TransactionManagerInformation
Definition: zwfuncs.h:805
ZwSaveKey
NTSYSAPI NTSTATUS NTAPI ZwSaveKey(_In_ HANDLE KeyHandle, _In_ HANDLE FileHandle)
ObjectInformationClass
_In_ OBJECT_INFORMATION_CLASS ObjectInformationClass
Definition: zwfuncs.h:489
ZwResetEvent
NTSYSAPI NTSTATUS NTAPI ZwResetEvent(_In_ HANDLE EventHandle, _Out_opt_ PLONG NumberOfWaitingThreads)
InheritDisposition
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T _In_ SECTION_INHERIT InheritDisposition
Definition: zwfuncs.h:219
RestartScan
_Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ BOOLEAN _In_ ULONG _In_opt_ PULONG _In_ BOOLEAN RestartScan
Definition: zwfuncs.h:55
ReturnLength
_In_ OBJECT_INFORMATION_CLASS _In_ ULONG _Out_opt_ PULONG ReturnLength
Definition: zwfuncs.h:492
TokenInformationClass
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass
Definition: zwfuncs.h:653
TransactionManagerInformationClass
_In_ TRANSACTIONMANAGER_INFORMATION_CLASS TransactionManagerInformationClass
Definition: zwfuncs.h:793
ResumeTimer
_In_ PLARGE_INTEGER _In_opt_ PTIMER_APC_ROUTINE _In_opt_ PVOID _In_ BOOLEAN ResumeTimer
Definition: zwfuncs.h:431
ExitStatus
_In_ NTSTATUS ExitStatus
Definition: zwfuncs.h:28
ZwPulseEvent
NTSYSAPI NTSTATUS NTAPI ZwPulseEvent(_In_ HANDLE EventHandle, _In_opt_ PLONG PulseCount)
ZwOpenProcessToken
NTSYSAPI NTSTATUS NTAPI ZwOpenProcessToken(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle)
IoStatusBlock
_Out_ PIO_STATUS_BLOCK IoStatusBlock
Definition: zwfuncs.h:48
EventType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ EVENT_TYPE EventType
Definition: zwfuncs.h:518
ZwRollbackComplete
NTSYSCALLAPI NTSTATUS NTAPI ZwRollbackComplete(_In_ HANDLE EnlistmentHandle, _In_opt_ PLARGE_INTEGER TmVirtualClock)
Timeout
_In_ BOOLEAN _In_opt_ PLARGE_INTEGER Timeout
Definition: zwfuncs.h:627
FsInformationClass
_Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ FS_INFORMATION_CLASS FsInformationClass
Definition: zwfuncs.h:462
RmHandle
_In_ ACCESS_MASK _In_ HANDLE RmHandle
Definition: zwfuncs.h:969
Asynchronous
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE _In_opt_ PVOID _Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ BOOLEAN _In_ ULONG _In_ BOOLEAN Asynchronous
Definition: zwfuncs.h:508
FileInformation
_Out_ PFILE_NETWORK_OPEN_INFORMATION FileInformation
Definition: zwfuncs.h:383
TransactionInformation
_In_ TRANSACTION_INFORMATION_CLASS _In_ PVOID TransactionInformation
Definition: zwfuncs.h:864
LinkTarget
_Inout_ PUNICODE_STRING LinkTarget
Definition: zwfuncs.h:292
TmHandle
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ LPGUID _In_opt_ HANDLE TmHandle
Definition: zwfuncs.h:828
NewTokenHandle
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE _Out_ PHANDLE NewTokenHandle
Definition: zwfuncs.h:77
Alertable
_In_ BOOLEAN Alertable
Definition: zwfuncs.h:626
TransactionManagerInformationLength
_In_ TRANSACTIONMANAGER_INFORMATION_CLASS _In_ ULONG TransactionManagerInformationLength
Definition: zwfuncs.h:795
ZwFlushBuffersFile
NTSYSAPI NTSTATUS NTAPI ZwFlushBuffersFile(_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock)
ClientId
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _In_opt_ PCLIENT_ID ClientId
Definition: zwfuncs.h:38
SourceHandle
_In_ HANDLE SourceHandle
Definition: zwfuncs.h:578
TokenHandle
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: zwfuncs.h:691
IsolationFlags
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ LPGUID _In_opt_ HANDLE _In_opt_ ULONG _In_opt_ ULONG _In_opt_ ULONG IsolationFlags
Definition: zwfuncs.h:831
$if
$if(_WDMDDK_) $endif(_WDMDDK_) $if(_NTDDK_) _IRQL_requires_max_(PASSIVE_LEVEL) NTSYSAPI NTSTATUS NTAPI ZwAllocateLocallyUniqueId(_Out_ PLUID Luid)
Definition: ke.h:1
NotifyFilter
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE _In_opt_ PVOID _Out_ PIO_STATUS_BLOCK _In_ ULONG NotifyFilter
Definition: zwfuncs.h:504
ZwYieldExecution
NTSYSAPI NTSTATUS NTAPI ZwYieldExecution(VOID)
TimerType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ TIMER_TYPE TimerType
Definition: zwfuncs.h:403
AllocationSize
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Out_ PIO_STATUS_BLOCK _In_opt_ PLARGE_INTEGER AllocationSize
Definition: zwfuncs.h:108
TimerContext
_In_ PLARGE_INTEGER _In_opt_ PTIMER_APC_ROUTINE _In_opt_ PVOID TimerContext
Definition: zwfuncs.h:430
EaIndex
_Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ BOOLEAN _In_ ULONG _In_opt_ PULONG EaIndex
Definition: zwfuncs.h:54
ZwQueryMultipleValueKey
NTSYSAPI NTSTATUS NTAPI ZwQueryMultipleValueKey(_In_ HANDLE KeyHandle, _Inout_ PKEY_VALUE_ENTRY ValueEntries, _In_ ULONG EntryCount, _Out_ PVOID ValueBuffer, _Inout_ PULONG BufferLength, _Out_opt_ PULONG RequiredBufferLength)
ThreadInformationLength
_In_ THREADINFOCLASS _In_ ULONG ThreadInformationLength
Definition: zwfuncs.h:421
ZwWaitForMultipleObjects
NTSYSAPI NTSTATUS NTAPI ZwWaitForMultipleObjects(_In_ ULONG HandleCount, _In_ PHANDLE Handles, _In_ WAIT_TYPE WaitType, _In_ BOOLEAN Alertable, _In_opt_ PLARGE_INTEGER Timeout)
ResourceManagerHandle
_In_ ACCESS_MASK _In_ HANDLE ResourceManagerHandle
Definition: zwfuncs.h:955
ZwOpenThread
NTSYSAPI NTSTATUS NTAPI ZwOpenThread(_Out_ PHANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ PCLIENT_ID ClientId)
MaximumSize
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ PLARGE_INTEGER MaximumSize
Definition: zwfuncs.h:138
ReturnSingleEntry
_Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ BOOLEAN ReturnSingleEntry
Definition: zwfuncs.h:51
FsControlCode
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE _In_opt_ PVOID _Out_ PIO_STATUS_BLOCK _In_ ULONG FsControlCode
Definition: zwfuncs.h:566
$endif
$endif(_NTDDK_) $if(_NTIFS_) _IRQL_requires_max_(PASSIVE_LEVEL) NTSYSAPI NTSTATUS NTAPI ZwQueryEaFile(_In_ HANDLE FileHandle
Definition: iofuncs.h:2494
TargetHandle
_In_ HANDLE _In_opt_ HANDLE _Out_opt_ PHANDLE TargetHandle
Definition: zwfuncs.h:580
FileHandle
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ PLARGE_INTEGER _In_ ULONG _In_ ULONG _In_opt_ HANDLE FileHandle
Definition: zwfuncs.h:141
ZwSetInformationProcess
NTSYSAPI NTSTATUS NTAPI ZwSetInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _In_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength)
KeyValueInformationClass
_In_ ULONG _In_ KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass
Definition: zwfuncs.h:181
ZwReplaceKey
NTSYSAPI NTSTATUS NTAPI ZwReplaceKey(_In_ POBJECT_ATTRIBUTES NewFileObjectAttributes, _In_ HANDLE KeyHandle, _In_ POBJECT_ATTRIBUTES OldFileObjectAttributes)
SectionPageProtection
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ PLARGE_INTEGER _In_ ULONG SectionPageProtection
Definition: zwfuncs.h:139
ViewSize
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: zwfuncs.h:218
ApcContext
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE _In_opt_ PVOID ApcContext
Definition: zwfuncs.h:317
ZwCreateSymbolicLinkObject
NTSYSAPI NTSTATUS NTAPI ZwCreateSymbolicLinkObject(_Out_ PHANDLE SymbolicLinkHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ PUNICODE_STRING TargetName)
ProcessHandle
_In_ HANDLE ProcessHandle
Definition: zwfuncs.h:213
Disposition
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Reserved_ ULONG _In_opt_ PUNICODE_STRING _In_ ULONG _Out_opt_ PULONG Disposition
Definition: zwfuncs.h:128
InitialState
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ EVENT_TYPE _In_ BOOLEAN InitialState
Definition: zwfuncs.h:519
TransactionInformationClass
_In_ TRANSACTION_INFORMATION_CLASS TransactionInformationClass
Definition: zwfuncs.h:852
EnlistmentInformationLength
_In_ ENLISTMENT_INFORMATION_CLASS _In_ ULONG EnlistmentInformationLength
Definition: zwfuncs.h:981
ZeroBits
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR ZeroBits
Definition: zwfuncs.h:215
TimerApcRoutine
_In_ PLARGE_INTEGER _In_opt_ PTIMER_APC_ROUTINE TimerApcRoutine
Definition: zwfuncs.h:429
EffectiveOnly
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: zwfuncs.h:75
ZwNotifyChangeMultipleKeys
NTSYSAPI NTSTATUS NTAPI ZwNotifyChangeMultipleKeys(_In_ HANDLE MasterKeyHandle, _In_opt_ ULONG Count, _In_opt_ OBJECT_ATTRIBUTES SubordinateObjects[], _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG CompletionFilter, _In_ BOOLEAN WatchTree, _Out_opt_ PVOID Buffer, _In_ ULONG BufferSize, _In_ BOOLEAN Asynchronous)
TimerSetInformationLength
_In_ TIMER_SET_INFORMATION_CLASS _In_ ULONG TimerSetInformationLength
Definition: zwfuncs.h:1225
TitleIndex
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Reserved_ ULONG TitleIndex
Definition: zwfuncs.h:125
AllocationAttributes
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ PLARGE_INTEGER _In_ ULONG _In_ ULONG AllocationAttributes
Definition: zwfuncs.h:140
ResourceManagerInformationClass
_In_ RESOURCEMANAGER_INFORMATION_CLASS ResourceManagerInformationClass
Definition: zwfuncs.h:933
OpenOptions
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ ULONG OpenOptions
Definition: zwfuncs.h:233
StartSid
_Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ BOOLEAN _In_ ULONG _In_opt_ PSID StartSid
Definition: zwfuncs.h:1121
FailImmediately
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE _In_opt_ PVOID _Out_ PIO_STATUS_BLOCK _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ BOOLEAN FailImmediately
Definition: zwfuncs.h:1095
DataSize
_In_ PUNICODE_STRING _In_opt_ ULONG _In_ ULONG _In_ ULONG DataSize
Definition: zwfuncs.h:345
Description
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ LPGUID _In_opt_ HANDLE _In_opt_ ULONG _In_opt_ ULONG _In_opt_ ULONG _In_opt_ PLARGE_INTEGER _In_opt_ PUNICODE_STRING Description
Definition: zwfuncs.h:833
AllocationType
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T _In_ SECTION_INHERIT _In_ ULONG AllocationType
Definition: zwfuncs.h:220
TransactionHandle
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Reserved_ ULONG _In_opt_ PUNICODE_STRING _In_ ULONG _In_ HANDLE TransactionHandle
Definition: zwfuncs.h:735
ApcRoutine
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE ApcRoutine
Definition: zwfuncs.h:316
Period
_In_ PLARGE_INTEGER _In_opt_ PTIMER_APC_ROUTINE _In_opt_ PVOID _In_ BOOLEAN _In_opt_ LONG Period
Definition: zwfuncs.h:432
KeySetInformationLength
_In_ _In_ ULONG KeySetInformationLength
Definition: zwfuncs.h:1213
EnlistmentKey
_In_ ACCESS_MASK _In_ HANDLE _In_ HANDLE _In_opt_ POBJECT_ATTRIBUTES _In_opt_ ULONG _In_ NOTIFICATION_MASK _In_opt_ PVOID EnlistmentKey
Definition: zwfuncs.h:960
ZwUnloadKey
NTSYSAPI NTSTATUS NTAPI ZwUnloadKey(_In_ POBJECT_ATTRIBUTES KeyObjectAttributes)
ResourceManagerInformationLength
_In_ RESOURCEMANAGER_INFORMATION_CLASS _In_ ULONG ResourceManagerInformationLength
Definition: zwfuncs.h:935
KeyInformationClass
_In_ ULONG _In_ KEY_INFORMATION_CLASS KeyInformationClass
Definition: zwfuncs.h:167
NotificationLength
_Out_ PTRANSACTION_NOTIFICATION _In_ ULONG NotificationLength
Definition: zwfuncs.h:921
OpenAsSelf
_In_ ACCESS_MASK _In_ BOOLEAN OpenAsSelf
Definition: zwfuncs.h:700
QueryType
_In_ KTMOBJECT_TYPE QueryType
Definition: zwfuncs.h:814
SectionOffset
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER SectionOffset
Definition: zwfuncs.h:217
_Post_satisfies_
_Post_satisfies_(return< 0)) _When_(Length > 0
ThreadInformationClass
_In_ THREADINFOCLASS ThreadInformationClass
Definition: zwfuncs.h:419
HandleAttributes
_In_ HANDLE _In_opt_ HANDLE _Out_opt_ PHANDLE _In_ ACCESS_MASK _In_ ULONG HandleAttributes
Definition: zwfuncs.h:582
ZwAlertThread
NTSYSAPI NTSTATUS NTAPI ZwAlertThread(_In_ HANDLE ThreadHandle)
TimerSetInformationClass
_In_ TIMER_SET_INFORMATION_CLASS TimerSetInformationClass
Definition: zwfuncs.h:1223
TokenInformationLength
_In_ TOKEN_INFORMATION_CLASS _In_ ULONG TokenInformationLength
Definition: zwfuncs.h:1237
ExclusiveLock
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE _In_opt_ PVOID _Out_ PIO_STATUS_BLOCK _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ BOOLEAN _In_ BOOLEAN ExclusiveLock
Definition: zwfuncs.h:1096
SecurityInformation
_In_ SECURITY_INFORMATION SecurityInformation
Definition: zwfuncs.h:664
TmVirtualClock
_In_opt_ PLARGE_INTEGER TmVirtualClock
Definition: zwfuncs.h:778
NotificationMask
_In_ ACCESS_MASK _In_ HANDLE _In_ HANDLE _In_opt_ POBJECT_ATTRIBUTES _In_opt_ ULONG _In_ NOTIFICATION_MASK NotificationMask
Definition: zwfuncs.h:959
ZwAccessCheckAndAuditAlarm
NTSYSAPI NTSTATUS NTAPI ZwAccessCheckAndAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_ PACCESS_MASK GrantedAccess, _Out_ PBOOLEAN AccessStatus, _Out_ PBOOLEAN GenerateOnClose)
ZwSinglePhaseReject
NTSYSCALLAPI NTSTATUS NTAPI ZwSinglePhaseReject(_In_ HANDLE EnlistmentHandle, _In_opt_ PLARGE_INTEGER TmVirtualClock)
LogFileName
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ PUNICODE_STRING LogFileName
Definition: zwfuncs.h:756
FileAttributes
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Out_ PIO_STATUS_BLOCK _In_opt_ PLARGE_INTEGER _In_ ULONG FileAttributes
Definition: zwfuncs.h:109
ReturnedLength
_Inout_ PUNICODE_STRING _Out_opt_ PULONG ReturnedLength
Definition: zwfuncs.h:293
CommitSize
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T CommitSize
Definition: zwfuncs.h:216
ZwFlushInstructionCache
NTSYSAPI NTSTATUS NTAPI ZwFlushInstructionCache(_In_ HANDLE ProcessHandle, _In_opt_ PVOID BaseAddress, _In_ ULONG FlushSize)
SidListLength
_Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ BOOLEAN _In_ ULONG SidListLength
Definition: zwfuncs.h:1120
EnlistmentGuid
_In_ ACCESS_MASK _In_ HANDLE _In_ LPGUID EnlistmentGuid
Definition: zwfuncs.h:970
ByteOffset
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE _In_opt_ PVOID _Out_ PIO_STATUS_BLOCK _In_ ULONG _In_opt_ PLARGE_INTEGER ByteOffset
Definition: zwfuncs.h:321
NewName
_In_ PUNICODE_STRING NewName
Definition: zwfuncs.h:1203
EnlistmentInformationClass
_In_ ENLISTMENT_INFORMATION_CLASS EnlistmentInformationClass
Definition: zwfuncs.h:979
EaLength
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Out_ PIO_STATUS_BLOCK _In_opt_ PLARGE_INTEGER _In_ ULONG _In_ ULONG _In_ ULONG _In_ ULONG _In_ ULONG EaLength
Definition: zwfuncs.h:115
ResourceManagerGuid
_In_ ACCESS_MASK _In_ HANDLE _In_opt_ LPGUID ResourceManagerGuid
Definition: zwfuncs.h:891
TransactionInformationLength
_In_ TRANSACTION_INFORMATION_CLASS _In_ ULONG TransactionInformationLength
Definition: zwfuncs.h:854
FileInformationClass
_Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ FILE_INFORMATION_CLASS FileInformationClass
Definition: zwfuncs.h:271
ZwCloseObjectAuditAlarm
NTSYSAPI NTSTATUS NTAPI ZwCloseObjectAuditAlarm(_In_ PUNICODE_STRING SubsystemName, _In_ PVOID HandleId, _In_ BOOLEAN GenerateOnClose)
AsynchronousContext
_Out_ PTRANSACTION_NOTIFICATION _In_ ULONG _In_ PLARGE_INTEGER _Out_opt_ PULONG _In_ ULONG _In_opt_ ULONG_PTR AsynchronousContext
Definition: zwfuncs.h:925
RegionSize
_Inout_ _Inout_ PSIZE_T RegionSize
Definition: zwfuncs.h:615
WatchSubtree
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE _In_opt_ PVOID _Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ BOOLEAN WatchSubtree
Definition: zwfuncs.h:505
TmIdentity
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ PUNICODE_STRING _In_opt_ LPGUID TmIdentity
Definition: zwfuncs.h:769
EaListLength
_Out_ PIO_STATUS_BLOCK _In_ ULONG _In_ BOOLEAN _In_ ULONG EaListLength
Definition: zwfuncs.h:53
ObjectCursorLength
_In_ KTMOBJECT_TYPE _In_ ULONG ObjectCursorLength
Definition: zwfuncs.h:816
ZwClearEvent
NTSYSAPI NTSTATUS NTAPI ZwClearEvent(_In_ HANDLE EventHandle)
CurrentState
_Out_opt_ PBOOLEAN CurrentState
Definition: zwfuncs.h:393
ZwQueryDefaultLocale
NTSYSAPI NTSTATUS NTAPI ZwQueryDefaultLocale(_In_ BOOLEAN UserProfile, _Out_ PLCID DefaultLocaleId)
ZwSetDefaultLocale
NTSYSAPI NTSTATUS NTAPI ZwSetDefaultLocale(_In_ BOOLEAN UserProfile, _In_ LCID DefaultLocaleId)
ZwOpenThreadToken
NTSYSAPI NTSTATUS NTAPI ZwOpenThreadToken(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle)
TokenType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: zwfuncs.h:76
EventHandle
_In_opt_ HANDLE EventHandle
Definition: zwfuncs.h:500
CommitStrength
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ PUNICODE_STRING _In_opt_ ULONG _In_opt_ ULONG CommitStrength
Definition: zwfuncs.h:758
Protect
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T _In_ SECTION_INHERIT _In_ ULONG _In_ ULONG Protect
Definition: zwfuncs.h:221
TargetProcessHandle
_In_ HANDLE _In_opt_ HANDLE TargetProcessHandle
Definition: zwfuncs.h:579
ObjectAttributes
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES ObjectAttributes
Definition: zwfuncs.h:37
ObjectInformationLength
_In_ OBJECT_INFORMATION_CLASS _In_ ULONG ObjectInformationLength
Definition: zwfuncs.h:491
ZwLoadKey
NTSYSAPI NTSTATUS NTAPI ZwLoadKey(_In_ POBJECT_ATTRIBUTES KeyObjectAttributes, _In_ POBJECT_ATTRIBUTES FileObjectAttributes)
ShareAccess
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Out_ PIO_STATUS_BLOCK _In_opt_ PLARGE_INTEGER _In_ ULONG _In_ ULONG ShareAccess
Definition: zwfuncs.h:110
BaseAddress
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: zwfuncs.h:214
IsolationLevel
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ LPGUID _In_opt_ HANDLE _In_opt_ ULONG _In_opt_ ULONG IsolationLevel
Definition: zwfuncs.h:830
TransactionNotification
_Out_ PTRANSACTION_NOTIFICATION TransactionNotification
Definition: zwfuncs.h:920
FreeType
_Inout_ _Inout_ PSIZE_T _In_ ULONG FreeType
Definition: zwfuncs.h:616
Uow
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_opt_ LPGUID Uow
Definition: zwfuncs.h:827