This graph shows which files directly or indirectly include this file:

Functions
HANDLE	GetRootKeyByPredefKey (IN HANDLE KeyHandle, OUT PCWSTR *RootKeyMountPoint OPTIONAL)

HANDLE	GetRootKeyByName (IN PCWSTR RootKeyName, OUT PCWSTR *RootKeyMountPoint OPTIONAL)

BOOLEAN	ImportRegistryFile (IN PCWSTR SourcePath, IN PCWSTR FileName, IN PCWSTR Section, IN LCID LocaleId, IN BOOLEAN Delete)

NTSTATUS	VerifyRegistryHives (IN PUNICODE_STRING NtSystemRoot, OUT PBOOLEAN ShouldRepairRegistry)

NTSTATUS	RegInitializeRegistry (IN PUNICODE_STRING NtSystemRoot)

VOID	RegCleanupRegistry (IN PUNICODE_STRING NtSystemRoot)

Function Documentation

◆ GetRootKeyByName()

HANDLE GetRootKeyByName	(	IN PCWSTR	RootKeyName,
		OUT PCWSTR *RootKeyMountPoint	OPTIONAL
	)

Definition at line 107 of file registry.c.

 {
     UCHAR i;
 
     for (i = 0; i < ARRAYSIZE(RootKeys); ++i)
     {
         if (!_wcsicmp(RootKeyName, RootKeys[i].Name))
         {
             if (RootKeyMountPoint)
                 *RootKeyMountPoint = RootKeys[i].MountPoint;
             return RootKeys[i].Handle;
         }
     }
 
     return NULL;
 }

Referenced by registry_callback().

◆ GetRootKeyByPredefKey()

HANDLE GetRootKeyByPredefKey	(	IN HANDLE	KeyHandle,
		OUT PCWSTR *RootKeyMountPoint	OPTIONAL
	)

Definition at line 90 of file registry.c.

 {
     ULONG_PTR Index = GetPredefKeyIndex(KeyHandle);
 
     if (!IsPredefKey(KeyHandle))
         return NULL;
     if (Index >= ARRAYSIZE(RootKeys))
         return NULL;
 
     if (RootKeyMountPoint)
         *RootKeyMountPoint = RootKeys[Index].MountPoint;
     return RootKeys[Index].Handle;
 }

Referenced by AddCodepageToRegistry(), AddFontsSettingsToRegistry(), AddHotkeySettings(), AddKbLayoutsToRegistry(), ProcessDisplayRegistry(), ProcessLocaleRegistry(), SetDefaultPagefile(), and SetGeoID().

◆ ImportRegistryFile()

BOOLEAN ImportRegistryFile	(	IN PCWSTR	SourcePath,
		IN PCWSTR	FileName,
		IN PCWSTR	Section,
		IN LCID	LocaleId,
		IN BOOLEAN	Delete
	)

Definition at line 507 of file registry.c.

 {
     HINF hInf;
     UINT ErrorLine;
     WCHAR FileNameBuffer[MAX_PATH];
 
     /* Load the INF file from the installation media */
     CombinePaths(FileNameBuffer, ARRAYSIZE(FileNameBuffer), 2,
                  SourcePath, FileName);
 
     hInf = SpInfOpenInfFile(FileNameBuffer,
                             NULL,
                             INF_STYLE_WIN4,
                             LocaleId,
                             &ErrorLine);
     if (hInf == INVALID_HANDLE_VALUE)
     {
         DPRINT1("SpInfOpenInfFile() failed\n");
         return FALSE;
     }
 
 #if 0
     if (!registry_callback(hInf, L"DelReg", FALSE))
     {
         DPRINT1("registry_callback() failed\n");
         SpInfCloseInfFile(hInf);
         return FALSE;
     }
 #endif
 
     if (!registry_callback(hInf, L"AddReg", FALSE))
     {
         DPRINT1("registry_callback() failed\n");
         SpInfCloseInfFile(hInf);
         return FALSE;
     }
 
     if (!registry_callback(hInf, L"AddReg.NT" INF_ARCH, FALSE))
     {
         DPRINT1("registry_callback() failed\n");
         SpInfCloseInfFile(hInf);
         return FALSE;
     }
 
     SpInfCloseInfFile(hInf);
     return TRUE;
 }

◆ RegCleanupRegistry()

VOID RegCleanupRegistry ( IN PUNICODE_STRING NtSystemRoot )

Definition at line 997 of file registry.c.

 {
     NTSTATUS Status;
     HANDLE KeyHandle;
     UNICODE_STRING KeyName;
     OBJECT_ATTRIBUTES ObjectAttributes;
     BOOLEAN PrivilegeSet[2] = {FALSE, FALSE};
     UINT i;
     WCHAR SrcPath[MAX_PATH];
     WCHAR DstPath[MAX_PATH];
 
     /* Acquire restore privilege */
     Status = RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, TRUE, FALSE, &PrivilegeSet[0]);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE) failed (Status 0x%08lx)\n", Status);
         /* Exit prematurely here.... */
         return;
     }
 
     /* Acquire backup privilege */
     Status = RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE, TRUE, FALSE, &PrivilegeSet[1]);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE) failed (Status 0x%08lx)\n", Status);
         RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, PrivilegeSet[0], FALSE, &PrivilegeSet[0]);
         /* Exit prematurely here.... */
         return;
     }
 
     /*
      * To keep the running system clean we need first to remove the symlinks
      * we have created and then unmounting the hives. Finally we delete the
      * master registry keys.
      */
 
     for (i = 0; i < ARRAYSIZE(RegistryHives); ++i)
     {
         if (RegistryHives[i].State == Create || RegistryHives[i].State == Repair)
         {
             /* Delete the registry symlink to this key */
             Status = DeleteSymLinkKey(RootKeys[GetPredefKeyIndex(RegistryHives[i].PredefKeyHandle)].Handle,
                                       RegistryHives[i].RegSymLink);
             if (!NT_SUCCESS(Status))
             {
                 DPRINT1("DeleteSymLinkKey(%S) failed, Status 0x%08lx\n",
                         RegistryHives[i].RegSymLink, Status);
             }
 
             /* Unmount the hive */
             Status = DisconnectRegistry(NULL,
                                         RegistryHives[i].HiveRegistryPath,
                                         1 /* REG_FORCE_UNLOAD */);
             if (!NT_SUCCESS(Status))
             {
                 DPRINT1("Unmounting '%S' failed\n", RegistryHives[i].HiveRegistryPath);
             }
 
             /* Switch the hive state to 'Update' */
             RegistryHives[i].State = Update;
         }
         else
         {
             /* Delete the *DUMMY* volatile hives created for the update procedure */
 
             RtlInitUnicodeString(&KeyName, RegistryHives[i].RegSymLink);
             InitializeObjectAttributes(&ObjectAttributes,
                                        &KeyName,
                                        OBJ_CASE_INSENSITIVE,
                                        RootKeys[GetPredefKeyIndex(RegistryHives[i].PredefKeyHandle)].Handle,
                                        NULL);
             KeyHandle = NULL;
             Status = NtOpenKey(&KeyHandle,
                                DELETE,
                                &ObjectAttributes);
             if (!NT_SUCCESS(Status))
             {
                 DPRINT1("NtOpenKey(%wZ) failed, Status 0x%08lx\n", &KeyName, Status);
                 // return;
             }
 
             NtDeleteKey(KeyHandle);
             NtClose(KeyHandle);
         }
     }
 
     /*
      * FIXME: Once force-unloading keys is correctly fixed, I'll fix
      * this code that closes some of the registry keys that were opened
      * inside the hives we've just unmounted above...
      */
 
     /* Remove the registry root keys */
     for (i = 0; i < ARRAYSIZE(RootKeys); ++i)
     {
         if (RootKeys[i].Handle)
         {
             NtFlushKey(RootKeys[i].Handle); // FIXME: Why does it hang? Answer: because we have some problems in CMAPI!
             NtDeleteKey(RootKeys[i].Handle);
             NtClose(RootKeys[i].Handle);
             RootKeys[i].Handle = NULL;
         }
     }
 
     //
     // RegBackupRegistry()
     //
     /* Now backup the hives into .sav files */
     for (i = 0; i < ARRAYSIZE(RegistryHives); ++i)
     {
         if (RegistryHives[i].State != Create && RegistryHives[i].State != Repair)
             continue;
 
         CombinePaths(SrcPath, ARRAYSIZE(SrcPath), 3,
                      NtSystemRoot->Buffer, L"System32\\config", RegistryHives[i].HiveName);
         RtlStringCchCopyW(DstPath, ARRAYSIZE(DstPath), SrcPath);
         RtlStringCchCatW(DstPath, ARRAYSIZE(DstPath), L".sav");
 
         DPRINT1("Copy hive: %S ==> %S\n", SrcPath, DstPath);
         Status = SetupCopyFile(SrcPath, DstPath, FALSE);
         if (!NT_SUCCESS(Status))
         {
             DPRINT1("SetupCopyFile() failed (Status %lx)\n", Status);
             // return Status;
         }
     }
 
     /* Remove restore and backup privileges */
     RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE, PrivilegeSet[1], FALSE, &PrivilegeSet[1]);
     RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, PrivilegeSet[0], FALSE, &PrivilegeSet[0]);
 }

Referenced by UpdateRegistry().

◆ RegInitializeRegistry()

NTSTATUS RegInitializeRegistry ( IN PUNICODE_STRING NtSystemRoot )

Definition at line 679 of file registry.c.

 {
     NTSTATUS Status;
     HANDLE KeyHandle;
     UNICODE_STRING KeyName;
     OBJECT_ATTRIBUTES ObjectAttributes;
     BOOLEAN PrivilegeSet[2] = {FALSE, FALSE};
     ULONG Disposition;
     UINT i;
 
     /* Acquire restore privilege */
     Status = RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, TRUE, FALSE, &PrivilegeSet[0]);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE) failed (Status 0x%08lx)\n", Status);
         /* Exit prematurely here.... */
         return Status;
     }
 
     /* Acquire backup privilege */
     Status = RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE, TRUE, FALSE, &PrivilegeSet[1]);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE) failed (Status 0x%08lx)\n", Status);
         RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, PrivilegeSet[0], FALSE, &PrivilegeSet[0]);
         /* Exit prematurely here.... */
         return Status;
     }
 
     /*
      * Create the template proto-hive.
      *
      * Use a dummy root key name:
      * - On 2k/XP/2k3, this is "$$$PROTO.HIV"
      * - On Vista+, this is "CMI-CreateHive{guid}"
      * See https://github.com/libyal/winreg-kb/blob/master/documentation/Registry%20files.asciidoc
      * for more information.
      */
     RtlInitUnicodeString(&KeyName, L"\\Registry\\Machine\\SYSTEM\\$$$PROTO.HIV");
     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                NULL,
                                NULL);
     Status = NtCreateKey(&KeyHandle,
                          KEY_ALL_ACCESS,
                          &ObjectAttributes,
                          0,
                          NULL,
                          REG_OPTION_NON_VOLATILE,
                          NULL);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("NtCreateKey() failed to create the proto-hive (Status %lx)\n", Status);
         goto Quit;
     }
     NtFlushKey(KeyHandle);
 
     for (i = 0; i < ARRAYSIZE(RegistryHives); ++i)
     {
         if (RegistryHives[i].State != Create && RegistryHives[i].State != Repair)
             continue;
 
         Status = CreateRegistryFile(NtSystemRoot,
                                     RegistryHives[i].HiveName,
                                     RegistryHives[i].State != Repair, // RegistryHives[i].State == Create,
                                     KeyHandle);
         if (!NT_SUCCESS(Status))
         {
             DPRINT1("CreateRegistryFile(%S) failed, Status 0x%08lx\n", RegistryHives[i].HiveName, Status);
             /* Exit prematurely here.... */
             /* That is now done, remove the proto-hive */
             NtDeleteKey(KeyHandle);
             NtClose(KeyHandle);
             goto Quit;
         }
     }
 
     /* That is now done, remove the proto-hive */
     NtDeleteKey(KeyHandle);
     NtClose(KeyHandle);
 
 
     /*
      * Prepare the registry root keys. Since we cannot create real registry keys
      * inside the master keys (\Registry, \Registry\Machine or \Registry\User),
      * we need to perform some SymLink tricks instead.
      */
 
     /* Our offline HKLM '\Registry\Machine' is inside '\Registry\Machine\SYSTEM\USetup_Machine' */
     RtlInitUnicodeString(&KeyName, RootKeys[GetPredefKeyIndex(HKEY_LOCAL_MACHINE)].MountPoint);
     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                NULL,
                                NULL);
     KeyHandle = NULL;
     Status = NtCreateKey(&KeyHandle,
                          KEY_ALL_ACCESS,
                          &ObjectAttributes,
                          0,
                          NULL,
                     // FIXME: Using REG_OPTION_VOLATILE works OK on Windows,
                     // but I need to check whether it works OK on ReactOS too.
                          REG_OPTION_NON_VOLATILE, // REG_OPTION_VOLATILE,
                          &Disposition);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("NtCreateKey(%wZ) failed (Status 0x%08lx)\n", &KeyName, Status);
         // return Status;
     }
     RootKeys[GetPredefKeyIndex(HKEY_LOCAL_MACHINE)].Handle = KeyHandle;
 
     /* Our offline HKU '\Registry\User' is inside '\Registry\Machine\SYSTEM\USetup_User' */
     RtlInitUnicodeString(&KeyName, RootKeys[GetPredefKeyIndex(HKEY_USERS)].MountPoint);
     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                NULL,
                                NULL);
     KeyHandle = NULL;
     Status = NtCreateKey(&KeyHandle,
                          KEY_ALL_ACCESS,
                          &ObjectAttributes,
                          0,
                          NULL,
                     // FIXME: Using REG_OPTION_VOLATILE works OK on Windows,
                     // but I need to check whether it works OK on ReactOS too.
                          REG_OPTION_NON_VOLATILE, // REG_OPTION_VOLATILE,
                          &Disposition);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("NtCreateKey(%wZ) failed (Status 0x%08lx)\n", &KeyName, Status);
         // return Status;
     }
     RootKeys[GetPredefKeyIndex(HKEY_USERS)].Handle = KeyHandle;
 
 
     /*
      * Now properly mount the offline hive files
      */
     for (i = 0; i < ARRAYSIZE(RegistryHives); ++i)
     {
         // if (RegistryHives[i].State != Create && RegistryHives[i].State != Repair)
             // continue;
 
         if (RegistryHives[i].State == Create || RegistryHives[i].State == Repair)
         {
             Status = ConnectRegistry(NULL,
                                      RegistryHives[i].HiveRegistryPath,
                                      NtSystemRoot,
                                      RegistryHives[i].HiveName
                                      /* SystemSecurity, sizeof(SystemSecurity) */);
             if (!NT_SUCCESS(Status))
             {
                 DPRINT1("ConnectRegistry(%S) failed, Status 0x%08lx\n",
                         RegistryHives[i].HiveName, Status);
             }
 
             /* Create the registry symlink to this key */
             Status = CreateSymLinkKey(RootKeys[GetPredefKeyIndex(RegistryHives[i].PredefKeyHandle)].Handle,
                                       RegistryHives[i].RegSymLink,
                                       RegistryHives[i].HiveRegistryPath);
             if (!NT_SUCCESS(Status))
             {
                 DPRINT1("CreateSymLinkKey(%S) failed, Status 0x%08lx\n",
                         RegistryHives[i].RegSymLink, Status);
             }
         }
         else
         {
             /* Create *DUMMY* volatile hives just to make the update procedure working */
 
             RtlInitUnicodeString(&KeyName, RegistryHives[i].RegSymLink);
             InitializeObjectAttributes(&ObjectAttributes,
                                        &KeyName,
                                        OBJ_CASE_INSENSITIVE,
                                        RootKeys[GetPredefKeyIndex(RegistryHives[i].PredefKeyHandle)].Handle,
                                        NULL);
             KeyHandle = NULL;
             Status = NtCreateKey(&KeyHandle,
                                  KEY_ALL_ACCESS,
                                  &ObjectAttributes,
                                  0,
                                  NULL,
                             // FIXME: Using REG_OPTION_VOLATILE works OK on Windows,
                             // but I need to check whether it works OK on ReactOS too.
                                  REG_OPTION_NON_VOLATILE, // REG_OPTION_VOLATILE,
                                  &Disposition);
             if (!NT_SUCCESS(Status))
             {
                 DPRINT1("NtCreateKey(%wZ) failed (Status 0x%08lx)\n", &KeyName, Status);
                 // return Status;
             }
             NtClose(KeyHandle);
         }
     }
 
 
     /* HKCU is a handle to 'HKU\.DEFAULT' */
 #if 0
     RtlInitUnicodeString(&KeyName, L".DEFAULT");
     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                RootKeys[GetPredefKeyIndex(HKEY_USERS)].Handle,
                                NULL);
 #else
     RtlInitUnicodeString(&KeyName, RootKeys[GetPredefKeyIndex(HKEY_CURRENT_USER)].MountPoint);
     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                NULL,
                                NULL);
 #endif
     KeyHandle = NULL;
     Status = NtOpenKey(&KeyHandle,
                        KEY_ALL_ACCESS,
                        &ObjectAttributes);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("NtOpenKey(%wZ) failed (Status %lx)\n", &KeyName, Status);
     }
     RootKeys[GetPredefKeyIndex(HKEY_CURRENT_USER)].Handle = KeyHandle;
 
 
     /* HKCR is a handle to 'HKLM\Software\Classes' */
 #if 0
     RtlInitUnicodeString(&KeyName, L"Software\\Classes");
     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                RootKeys[GetPredefKeyIndex(HKEY_LOCAL_MACHINE)].Handle,
                                NULL);
 #else
     RtlInitUnicodeString(&KeyName, RootKeys[GetPredefKeyIndex(HKEY_CLASSES_ROOT)].MountPoint);
     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                NULL,
                                NULL);
 #endif
     KeyHandle = NULL;
     /* We use NtCreateKey instead of NtOpenKey because Software\Classes doesn't exist originally */
     Status = NtCreateKey(&KeyHandle,
                          KEY_ALL_ACCESS,
                          &ObjectAttributes,
                          0,
                          NULL,
                          REG_OPTION_NON_VOLATILE,
                          &Disposition);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("NtCreateKey(%wZ) failed (Status %lx)\n", &KeyName, Status);
     }
     else
     {
         DPRINT("NtCreateKey() succeeded to %s the %wZ key (Status %lx)\n",
                Disposition == REG_CREATED_NEW_KEY ? "create" : /* REG_OPENED_EXISTING_KEY */ "open",
                &KeyName, Status);
     }
     RootKeys[GetPredefKeyIndex(HKEY_CLASSES_ROOT)].Handle = KeyHandle;
 
 
     Status = STATUS_SUCCESS;
 
 
     /* Create the 'HKLM\SYSTEM\ControlSet001' key */
     // REGISTRY_SETUP_MACHINE L"SYSTEM\\ControlSet001"
     RtlInitUnicodeString(&KeyName, L"SYSTEM\\ControlSet001");
     InitializeObjectAttributes(&ObjectAttributes,
                                &KeyName,
                                OBJ_CASE_INSENSITIVE,
                                RootKeys[GetPredefKeyIndex(HKEY_LOCAL_MACHINE)].Handle,
                                NULL);
     Status = NtCreateKey(&KeyHandle,
                          KEY_ALL_ACCESS,
                          &ObjectAttributes,
                          0,
                          NULL,
                          REG_OPTION_NON_VOLATILE,
                          &Disposition);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("NtCreateKey() failed to create the ControlSet001 key (Status %lx)\n", Status);
         // return Status;
     }
     else
     {
         DPRINT("NtCreateKey() succeeded to %s the ControlSet001 key (Status %lx)\n",
                Disposition == REG_CREATED_NEW_KEY ? "create" : /* REG_OPENED_EXISTING_KEY */ "open",
                Status);
     }
     NtClose(KeyHandle);
 
     /* Create the 'HKLM\SYSTEM\CurrentControlSet' symlink */
     Status = CreateSymLinkKey(RootKeys[GetPredefKeyIndex(HKEY_LOCAL_MACHINE)].Handle,
                               L"SYSTEM\\CurrentControlSet",
                               REGISTRY_SETUP_MACHINE L"SYSTEM\\ControlSet001");
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("CreateSymLinkKey(CurrentControlSet) failed, Status 0x%08lx\n", Status);
     }
 
 
     Status = STATUS_SUCCESS;
 
 
 Quit:
     /* Remove restore and backup privileges */
     RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE, PrivilegeSet[1], FALSE, &PrivilegeSet[1]);
     RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, PrivilegeSet[0], FALSE, &PrivilegeSet[0]);
 
     return Status;
 }

Referenced by main(), and UpdateRegistry().

◆ VerifyRegistryHives()

NTSTATUS VerifyRegistryHives	(	IN PUNICODE_STRING	NtSystemRoot,
		OUT PBOOLEAN	ShouldRepairRegistry
	)

These hives are created by LSASS during 2nd stage setup

Definition at line 603 of file registry.c.

 {
     NTSTATUS Status;
     BOOLEAN PrivilegeSet[2] = {FALSE, FALSE};
     UINT i;
 
     /* Suppose first the registry hives do not have to be fully recreated */
     *ShouldRepairRegistry = FALSE;
 
     /* Acquire restore privilege */
     Status = RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, TRUE, FALSE, &PrivilegeSet[0]);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE) failed (Status 0x%08lx)\n", Status);
         /* Exit prematurely here.... */
         return Status;
     }
 
     /* Acquire backup privilege */
     Status = RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE, TRUE, FALSE, &PrivilegeSet[1]);
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE) failed (Status 0x%08lx)\n", Status);
         RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, PrivilegeSet[0], FALSE, &PrivilegeSet[0]);
         /* Exit prematurely here.... */
         return Status;
     }
 
     for (i = 0; i < ARRAYSIZE(RegistryHives); ++i)
     {
         Status = VerifyRegistryHive(NtSystemRoot, RegistryHives[i].HiveName);
         if (!NT_SUCCESS(Status))
         {
             DPRINT1("Registry hive '%S' needs repair!\n", RegistryHives[i].HiveName);
             RegistryHives[i].State = Repair;
             *ShouldRepairRegistry = TRUE;
         }
         else
         {
             RegistryHives[i].State = Update;
         }
     }
 
     for (i = 0; i < ARRAYSIZE(SecurityRegistryHives); ++i)
     {
         Status = VerifyRegistryHive(NtSystemRoot, SecurityRegistryHives[i].HiveName);
         if (!NT_SUCCESS(Status))
         {
             DPRINT1("Registry hive '%S' needs repair!\n", SecurityRegistryHives[i].HiveName);
             SecurityRegistryHives[i].State = Repair;
             /*
              * Note that it's not the role of the 1st-stage installer to fix
              * the security hives. This should be done at 2nd-stage installation
              * by LSASS.
              */
         }
         else
         {
             SecurityRegistryHives[i].State = Update;
         }
     }
 
     /* Reset the status (we succeeded in checking all the hives) */
     Status = STATUS_SUCCESS;
 
     /* Remove restore and backup privileges */
     RtlAdjustPrivilege(SE_BACKUP_PRIVILEGE, PrivilegeSet[1], FALSE, &PrivilegeSet[1]);
     RtlAdjustPrivilege(SE_RESTORE_PRIVILEGE, PrivilegeSet[0], FALSE, &PrivilegeSet[0]);
 
     return Status;
 }