nt.h revision 9f997e760f610c92e3a365be21ead6972bc46130
* available from http://www.virtualbox.org. This file is free software;
#ifndef ___iprt_nt_nt_h___
#define ___iprt_nt_nt_h___
#ifdef DOXYGEN_RUNNING
# define IPRT_NT_MAP_TO_ZW
#ifdef IPRT_NT_MAP_TO_ZW
#include <ntstatus.h>
#ifdef IPRT_NT_USE_WINTERNL
* Use Winternl.h.
# define SystemProcessorPerformanceInformation IncompleteWinternl_SystemProcessorPerformanceInformation
# define WIN32_NO_STATUS
# include <windef.h>
# include <winnt.h>
# include <winternl.h>
# include <ntstatus.h>
# ifdef RT_ARCH_X86
# include <ntifs.h>
# include <wdm.h>
# ifdef RT_ARCH_X86
# define IPRT_NT_NEED_API_GROUP_NTIFS
#define RTNT_CONSTANT_UNISTR(a_String) { sizeof(a_String) - sizeof(WCHAR), sizeof(a_String), (WCHAR *)a_String }
RTDECL(int) RTNtPathOpen(const char *pszPath, ACCESS_MASK fDesiredAccess, ULONG fFileAttribs, ULONG fShareAccess,
RTDECL(int) RTNtPathOpenDir(const char *pszPath, ACCESS_MASK fDesiredAccess, ULONG fShareAccess, ULONG fCreateOptions,
RTDECL(int) RTNtPathFromWinUtf16Ex(struct _UNICODE_STRING *pNtName, HANDLE *phRootDir, PCRTUTF16 pwszPath, size_t cwcPath);
#ifndef PROCESS_TERMINATE
#ifndef PROCESS_CREATE_THREAD
#ifndef PROCESS_SET_SESSIONID
#ifndef PROCESS_VM_OPERATION
#ifndef PROCESS_VM_READ
#ifndef PROCESS_VM_WRITE
#ifndef PROCESS_DUP_HANDLE
#ifndef PROCESS_CREATE_PROCESS
#ifndef PROCESS_SET_QUOTA
#ifndef PROCESS_SET_INFORMATION
#ifndef PROCESS_QUERY_INFORMATION
#ifndef PROCESS_SUSPEND_RESUME
#ifndef PROCESS_SET_LIMITED_INFORMATION
#ifndef PROCESS_ALL_ACCESS
#ifndef THREAD_QUERY_INFORMATION
#ifndef THREAD_SET_THREAD_TOKEN
#ifndef THREAD_IMPERSONATE
#ifndef THREAD_DIRECT_IMPERSONATION
#ifndef THREAD_RESUME
#ifndef NtCurrentProcess
#ifndef NtCurrentThread
#ifndef ZwCurrentProcess
#ifndef ZwCurrentThread
#ifndef DIRECTORY_QUERY
#ifndef DIRECTORY_TRAVERSE
#ifndef DIRECTORY_CREATE_OBJECT
#ifndef DIRECTORY_CREATE_SUBDIRECTORY
#ifndef DIRECTORY_ALL_ACCESS
#ifdef IPRT_NT_USE_WINTERNL
typedef struct _CLIENT_ID
} CLIENT_ID;
typedef struct _PEB_LDR_DATA
} PEB_LDR_DATA;
typedef struct _PEB_COMMON
} Common;
} W81;
} W80;
uint8_t IsLegacyProcess : 1; /**< 0x003 / 0x003 : Pos 2, 1 Bit - Differs from W81, same as W80 & W6. */
uint8_t IsImageDynamicallyRelocated : 1; /**< 0x003 / 0x003 : Pos 3, 1 Bit - Differs from W81, same as W80 & W6. */
uint8_t SkipPatchingUser32Forwarders : 1; /**< 0x003 / 0x003 : Pos 4, 1 Bit - Added in W7; Differs from W81, same as W80. */
uint8_t SpareBits : 3; /**< 0x003 / 0x003 : Pos 5, 3 Bit - Differs from W81 & W80, more spare bits. */
} W7;
uint8_t IsLegacyProcess : 1; /**< 0x003 / 0x003 : Pos 2, 1 Bit - Differs from W81, same as W80 & W7. */
uint8_t IsImageDynamicallyRelocated : 1; /**< 0x003 / 0x003 : Pos 3, 1 Bit - Differs from W81, same as W80 & W7. */
uint8_t SpareBits : 4; /**< 0x003 / 0x003 : Pos 4, 4 Bit - Differs from W81, W80, & W7, more spare bits. */
} W6;
uint8_t SpareBits : 7; /**< 0x003 / 0x003 : Pos 1, 7 Bit - Differs from W81, W80, & W7, more spare bits. */
} W52;
} W51;
} Diff0;
} W6;
} W52;
} W51;
} Diff1;
} W51;
} Diff2;
} W51;
} Diff3;
} W81;
} W52;
} Diff4;
} Diff5;
} W7;
} Diff6;
} W7;
} Diff7;
} PEB_COMMON;
AssertCompileMemberOffset(PEB_COMMON, Diff5.W52.ImageProcessAffinityMask, ARCH_BITS == 64 ? 0x138 : 0xc0);
typedef struct _NT_TIB
} NT_TIB;
typedef struct _ACTIVATION_CONTEXT_STACK
typedef struct _TEB_COMMON
} W51;
} Diff0;
} W52;
} Diff1;
} W52;
} Diff2;
} W52;
} W51;
} Diff3;
} W51;
} Diff4;
} Diff5;
} W52;
struct _Wx86ThreadState
} W51;
} Diff6;
} W6;
} Diff7;
} W7;
} Diff8;
} W52;
} Diff9;
} Common;
} W7;
} W6;
} Diff10;
} W6;
} Diff11;
} W7;
} W6;
} Diff12;
} TEB_COMMON;
#define TEB_SIZE_W6 ( RT_UOFFSETOF(TEB_COMMON, Diff12.W6.WaitReasonBitMap) + sizeof(LARGE_INTEGER) )
#ifdef IPRT_NT_USE_WINTERNL
NTSYSAPI NTSTATUS NTAPI NtCreateSection(PHANDLE, ACCESS_MASK, POBJECT_ATTRIBUTES, PLARGE_INTEGER, ULONG, ULONG, HANDLE);
typedef enum _SECTION_INHERIT
NTSYSAPI NTSTATUS NTAPI NtMapViewOfSection(HANDLE, HANDLE, PVOID *, ULONG, SIZE_T, PLARGE_INTEGER, PSIZE_T, SECTION_INHERIT,
typedef struct _FILE_FS_ATTRIBUTE_INFORMATION
typedef enum _FSINFOCLASS
NTSYSAPI NTSTATUS NTAPI NtQueryVolumeInformationFile(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FS_INFORMATION_CLASS);
typedef struct _FILE_BOTH_DIR_INFORMATION
typedef struct _FILE_BASIC_INFORMATION
typedef struct _FILE_STANDARD_INFORMATION
typedef struct _FILE_NAME_INFORMATION
typedef enum _FILE_INFORMATION_CLASS
NTSYSAPI NTSTATUS NTAPI NtQueryInformationFile(HANDLE, PIO_STATUS_BLOCK, PVOID, ULONG, FILE_INFORMATION_CLASS);
NTSYSAPI NTSTATUS NTAPI NtQueryDirectoryFile(HANDLE, HANDLE, PIO_APC_ROUTINE, PVOID, PIO_STATUS_BLOCK, PVOID, ULONG,
typedef struct _MEMORY_SECTION_NAME
#ifdef IPRT_NT_USE_WINTERNL
typedef struct _PROCESS_BASIC_INFORMATION
typedef enum _PROCESSINFOCLASS
typedef enum _THREADINFOCLASS
NTSYSAPI NTSTATUS NTAPI NtQueryInformationToken(HANDLE, TOKEN_INFORMATION_CLASS, PVOID, ULONG, PULONG);
NTSYSAPI NTSTATUS NTAPI NtReadFile(HANDLE, HANDLE, PIO_APC_ROUTINE, PVOID, PIO_STATUS_BLOCK, PVOID, ULONG, PLARGE_INTEGER, PULONG);
NTSYSAPI NTSTATUS NTAPI NtWriteFile(HANDLE, HANDLE, PIO_APC_ROUTINE, void const *, PIO_STATUS_BLOCK, PVOID, ULONG, PLARGE_INTEGER, PULONG);
typedef enum _OBJECT_INFORMATION_CLASS
#ifdef IN_RING0
NTSYSAPI NTSTATUS NTAPI NtDuplicateObject(HANDLE, HANDLE, HANDLE, PHANDLE, ACCESS_MASK, ULONG, ULONG);
typedef struct _OBJECT_DIRECTORY_INFORMATION
NTSYSAPI NTSTATUS NTAPI NtQueryDirectoryObject(HANDLE, PVOID, ULONG, BOOLEAN, BOOLEAN, PULONG, PULONG);
typedef struct _SECTION_IMAGE_INFORMATION
typedef enum _SECTION_INFORMATION_CLASS
NTSYSAPI NTSTATUS NTAPI NtCreateSymbolicLinkObject(PHANDLE, ACCESS_MASK, POBJECT_ATTRIBUTES, PUNICODE_STRING pTarget);
#ifndef SYMBOLIC_LINK_QUERY
#ifndef SYMBOLIC_LINK_ALL_ACCESS
#ifndef SEC_FILE
#ifndef SEC_IMAGE
#ifndef SEC_PROTECTED_IMAGE
#ifndef SEC_NOCACHE
#ifndef MEM_ROTATE
typedef enum _MEMORY_INFORMATION_CLASS
#ifdef IN_RING0
typedef struct _MEMORY_BASIC_INFORMATION
NTSYSAPI NTSTATUS NTAPI NtQueryVirtualMemory(HANDLE, void const *, MEMORY_INFORMATION_CLASS, PVOID, SIZE_T, PSIZE_T);
#ifdef IPRT_NT_USE_WINTERNL
typedef enum _SYSTEM_INFORMATION_CLASS
#ifdef IPRT_NT_USE_WINTERNL
typedef struct _VM_COUNTERS
} VM_COUNTERS;
typedef struct _IO_COUNTERS
} IO_COUNTERS;
typedef struct _RTNT_SYSTEM_PROCESS_INFORMATION
#ifndef IPRT_NT_USE_WINTERNL
typedef struct _SYSTEM_HANDLE_ENTRY_INFO
typedef struct _SYSTEM_HANDLE_INFORMATION
typedef struct _SYSTEM_HANDLE_ENTRY_INFO_EX
typedef struct _SYSTEM_HANDLE_INFORMATION_EX
typedef struct _SYSTEM_SESSION_PROCESS_INFORMATION
#ifndef IPRT_NT_USE_WINTERNL
typedef enum _OBJECT_WAIT_TYPE { WaitAllObjects = 0, WaitAnyObject = 1, ObjectWaitTypeHack = 0x7fffffff } OBJECT_WAIT_TYPE;
NTSYSAPI NTSTATUS NTAPI NtWaitForMultipleObjects(ULONG, PHANDLE, OBJECT_WAIT_TYPE, BOOLEAN, PLARGE_INTEGER);
#ifdef IPRT_NT_USE_WINTERNL
typedef enum _EVENT_TYPE
NotificationEvent = 0,
} EVENT_TYPE;
NTSYSAPI NTSTATUS NTAPI NtCreateEvent(PHANDLE, ACCESS_MASK, POBJECT_ATTRIBUTES, EVENT_TYPE, BOOLEAN);
typedef enum _EVENT_INFORMATION_CLASS
typedef struct EVENT_BASIC_INFORMATION
#ifdef IPRT_NT_USE_WINTERNL
typedef enum _KEY_VALUE_INFORMATION_CLASS
typedef struct _KEY_VALUE_PARTIAL_INFORMATION
NTSYSAPI NTSTATUS NTAPI NtQueryValueKey(HANDLE, PUNICODE_STRING, KEY_VALUE_INFORMATION_CLASS, PVOID, ULONG, PULONG);
typedef struct _CURDIR
} CURDIR;
typedef struct _RTL_DRIVE_LETTER_CURDIR
typedef struct _RTL_USER_PROCESS_PARAMETERS
typedef struct _RTL_USER_PROCESS_INFORMATION
NTSYSAPI NTSTATUS NTAPI RtlCreateUserProcess(PUNICODE_STRING, ULONG, PRTL_USER_PROCESS_PARAMETERS, PSECURITY_DESCRIPTOR,
NTSYSAPI NTSTATUS NTAPI RtlCreateProcessParameters(PRTL_USER_PROCESS_PARAMETERS *, PUNICODE_STRING ImagePathName,
NTSYSAPI NTSTATUS NTAPI RtlCreateUserThread(HANDLE, PSECURITY_DESCRIPTOR, BOOLEAN, ULONG, SIZE_T, SIZE_T,
NTSYSAPI BOOLEAN NTAPI ObFindHandleForObject(PEPROCESS pProcess, PVOID pvObject, POBJECT_TYPE pObjectType,
NTSYSAPI NTSTATUS NTAPI ObReferenceObjectByName(PUNICODE_STRING pObjectPath, ULONG fAttributes, PACCESS_STATE pAccessState,
extern DECLIMPORT(POBJECT_TYPE *) LpcPortObjectType; /**< In vista+ this is the ALPC port object type. */
extern DECLIMPORT(POBJECT_TYPE *) LpcWaitablePortObjectType; /**< In vista+ this is the ALPC port object type. */
typedef struct CSR_MSG_DATA_CREATED_PROCESS
NTSYSAPI NTSTATUS NTAPI RtlExpandEnvironmentStrings_U(PVOID, PUNICODE_STRING, PUNICODE_STRING, PULONG);
# ifdef IPRT_NT_USE_WINTERNL
typedef struct _RTL_HEAP_PARAMETERS
NTSYSAPI PVOID NTAPI RtlCreateHeap(ULONG fFlags, PVOID pvHeapBase, SIZE_T cbReserve, SIZE_T cbCommit, PVOID pvLock,
# ifdef IPRT_NT_USE_WINTERNL
# ifdef IPRT_NT_USE_WINTERNL