The Tor Browser / file comparison
comparison: security/sandbox/win/src/nt_internals.h
security/sandbox/win/src/nt_internals.h
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
equal
deleted
inserted
replaced
| -1:000000000000 | 0:3f0d202b101a |
|---|---|
| 1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 // This file holds definitions related to the ntdll API. | |
| 6 | |
| 7 #ifndef SANDBOX_WIN_SRC_NT_INTERNALS_H__ | |
| 8 #define SANDBOX_WIN_SRC_NT_INTERNALS_H__ | |
| 9 | |
| 10 #include <windows.h> | |
| 11 | |
| 12 typedef LONG NTSTATUS; | |
| 13 #define NT_SUCCESS(st) (st >= 0) | |
| 14 | |
| 15 #define STATUS_SUCCESS ((NTSTATUS)0x00000000L) | |
| 16 #define STATUS_BUFFER_OVERFLOW ((NTSTATUS)0x80000005L) | |
| 17 #define STATUS_UNSUCCESSFUL ((NTSTATUS)0xC0000001L) | |
| 18 #define STATUS_NOT_IMPLEMENTED ((NTSTATUS)0xC0000002L) | |
| 19 #define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004L) | |
| 20 #ifndef STATUS_INVALID_PARAMETER | |
| 21 // It is now defined in Windows 2008 SDK. | |
| 22 #define STATUS_INVALID_PARAMETER ((NTSTATUS)0xC000000DL) | |
| 23 #endif | |
| 24 #define STATUS_CONFLICTING_ADDRESSES ((NTSTATUS)0xC0000018L) | |
| 25 #define STATUS_ACCESS_DENIED ((NTSTATUS)0xC0000022L) | |
| 26 #define STATUS_BUFFER_TOO_SMALL ((NTSTATUS)0xC0000023L) | |
| 27 #define STATUS_OBJECT_NAME_NOT_FOUND ((NTSTATUS)0xC0000034L) | |
| 28 #define STATUS_PROCEDURE_NOT_FOUND ((NTSTATUS)0xC000007AL) | |
| 29 #define STATUS_INVALID_IMAGE_FORMAT ((NTSTATUS)0xC000007BL) | |
| 30 #define STATUS_NO_TOKEN ((NTSTATUS)0xC000007CL) | |
| 31 | |
| 32 #define CURRENT_PROCESS ((HANDLE) -1) | |
| 33 #define CURRENT_THREAD ((HANDLE) -2) | |
| 34 #define NtCurrentProcess CURRENT_PROCESS | |
| 35 | |
| 36 typedef struct _UNICODE_STRING { | |
| 37 USHORT Length; | |
| 38 USHORT MaximumLength; | |
| 39 PWSTR Buffer; | |
| 40 } UNICODE_STRING; | |
| 41 typedef UNICODE_STRING *PUNICODE_STRING; | |
| 42 typedef const UNICODE_STRING *PCUNICODE_STRING; | |
| 43 | |
| 44 typedef struct _STRING { | |
| 45 USHORT Length; | |
| 46 USHORT MaximumLength; | |
| 47 PCHAR Buffer; | |
| 48 } STRING; | |
| 49 typedef STRING *PSTRING; | |
| 50 | |
| 51 typedef STRING ANSI_STRING; | |
| 52 typedef PSTRING PANSI_STRING; | |
| 53 typedef CONST PSTRING PCANSI_STRING; | |
| 54 | |
| 55 typedef STRING OEM_STRING; | |
| 56 typedef PSTRING POEM_STRING; | |
| 57 typedef CONST STRING* PCOEM_STRING; | |
| 58 | |
| 59 #define OBJ_CASE_INSENSITIVE 0x00000040L | |
| 60 | |
| 61 typedef struct _OBJECT_ATTRIBUTES { | |
| 62 ULONG Length; | |
| 63 HANDLE RootDirectory; | |
| 64 PUNICODE_STRING ObjectName; | |
| 65 ULONG Attributes; | |
| 66 PVOID SecurityDescriptor; | |
| 67 PVOID SecurityQualityOfService; | |
| 68 } OBJECT_ATTRIBUTES; | |
| 69 typedef OBJECT_ATTRIBUTES *POBJECT_ATTRIBUTES; | |
| 70 | |
| 71 #define InitializeObjectAttributes(p, n, a, r, s) { \ | |
| 72 (p)->Length = sizeof(OBJECT_ATTRIBUTES);\ | |
| 73 (p)->RootDirectory = r;\ | |
| 74 (p)->Attributes = a;\ | |
| 75 (p)->ObjectName = n;\ | |
| 76 (p)->SecurityDescriptor = s;\ | |
| 77 (p)->SecurityQualityOfService = NULL;\ | |
| 78 } | |
| 79 | |
| 80 typedef struct _IO_STATUS_BLOCK { | |
| 81 union { | |
| 82 NTSTATUS Status; | |
| 83 PVOID Pointer; | |
| 84 }; | |
| 85 ULONG_PTR Information; | |
| 86 } IO_STATUS_BLOCK, *PIO_STATUS_BLOCK; | |
| 87 | |
| 88 // ----------------------------------------------------------------------- | |
| 89 // File IO | |
| 90 | |
| 91 // Create disposition values. | |
| 92 | |
| 93 #define FILE_SUPERSEDE 0x00000000 | |
| 94 #define FILE_OPEN 0x00000001 | |
| 95 #define FILE_CREATE 0x00000002 | |
| 96 #define FILE_OPEN_IF 0x00000003 | |
| 97 #define FILE_OVERWRITE 0x00000004 | |
| 98 #define FILE_OVERWRITE_IF 0x00000005 | |
| 99 #define FILE_MAXIMUM_DISPOSITION 0x00000005 | |
| 100 | |
| 101 // Create/open option flags. | |
| 102 | |
| 103 #define FILE_DIRECTORY_FILE 0x00000001 | |
| 104 #define FILE_WRITE_THROUGH 0x00000002 | |
| 105 #define FILE_SEQUENTIAL_ONLY 0x00000004 | |
| 106 #define FILE_NO_INTERMEDIATE_BUFFERING 0x00000008 | |
| 107 | |
| 108 #define FILE_SYNCHRONOUS_IO_ALERT 0x00000010 | |
| 109 #define FILE_SYNCHRONOUS_IO_NONALERT 0x00000020 | |
| 110 #define FILE_NON_DIRECTORY_FILE 0x00000040 | |
| 111 #define FILE_CREATE_TREE_CONNECTION 0x00000080 | |
| 112 | |
| 113 #define FILE_COMPLETE_IF_OPLOCKED 0x00000100 | |
| 114 #define FILE_NO_EA_KNOWLEDGE 0x00000200 | |
| 115 #define FILE_OPEN_REMOTE_INSTANCE 0x00000400 | |
| 116 #define FILE_RANDOM_ACCESS 0x00000800 | |
| 117 | |
| 118 #define FILE_DELETE_ON_CLOSE 0x00001000 | |
| 119 #define FILE_OPEN_BY_FILE_ID 0x00002000 | |
| 120 #define FILE_OPEN_FOR_BACKUP_INTENT 0x00004000 | |
| 121 #define FILE_NO_COMPRESSION 0x00008000 | |
| 122 | |
| 123 #define FILE_RESERVE_OPFILTER 0x00100000 | |
| 124 #define FILE_OPEN_REPARSE_POINT 0x00200000 | |
| 125 #define FILE_OPEN_NO_RECALL 0x00400000 | |
| 126 #define FILE_OPEN_FOR_FREE_SPACE_QUERY 0x00800000 | |
| 127 | |
| 128 typedef NTSTATUS (WINAPI *NtCreateFileFunction)( | |
| 129 OUT PHANDLE FileHandle, | |
| 130 IN ACCESS_MASK DesiredAccess, | |
| 131 IN POBJECT_ATTRIBUTES ObjectAttributes, | |
| 132 OUT PIO_STATUS_BLOCK IoStatusBlock, | |
| 133 IN PLARGE_INTEGER AllocationSize OPTIONAL, | |
| 134 IN ULONG FileAttributes, | |
| 135 IN ULONG ShareAccess, | |
| 136 IN ULONG CreateDisposition, | |
| 137 IN ULONG CreateOptions, | |
| 138 IN PVOID EaBuffer OPTIONAL, | |
| 139 IN ULONG EaLength); | |
| 140 | |
| 141 typedef NTSTATUS (WINAPI *NtOpenFileFunction)( | |
| 142 OUT PHANDLE FileHandle, | |
| 143 IN ACCESS_MASK DesiredAccess, | |
| 144 IN POBJECT_ATTRIBUTES ObjectAttributes, | |
| 145 OUT PIO_STATUS_BLOCK IoStatusBlock, | |
| 146 IN ULONG ShareAccess, | |
| 147 IN ULONG OpenOptions); | |
| 148 | |
| 149 typedef NTSTATUS (WINAPI *NtCloseFunction)( | |
| 150 IN HANDLE Handle); | |
| 151 | |
| 152 typedef enum _FILE_INFORMATION_CLASS { | |
| 153 FileRenameInformation = 10 | |
| 154 } FILE_INFORMATION_CLASS, *PFILE_INFORMATION_CLASS; | |
| 155 | |
| 156 typedef struct _FILE_RENAME_INFORMATION { | |
| 157 BOOLEAN ReplaceIfExists; | |
| 158 HANDLE RootDirectory; | |
| 159 ULONG FileNameLength; | |
| 160 WCHAR FileName[1]; | |
| 161 } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION; | |
| 162 | |
| 163 typedef NTSTATUS (WINAPI *NtSetInformationFileFunction)( | |
| 164 IN HANDLE FileHandle, | |
| 165 OUT PIO_STATUS_BLOCK IoStatusBlock, | |
| 166 IN PVOID FileInformation, | |
| 167 IN ULONG Length, | |
| 168 IN FILE_INFORMATION_CLASS FileInformationClass); | |
| 169 | |
| 170 typedef struct FILE_BASIC_INFORMATION { | |
| 171 LARGE_INTEGER CreationTime; | |
| 172 LARGE_INTEGER LastAccessTime; | |
| 173 LARGE_INTEGER LastWriteTime; | |
| 174 LARGE_INTEGER ChangeTime; | |
| 175 ULONG FileAttributes; | |
| 176 } FILE_BASIC_INFORMATION, *PFILE_BASIC_INFORMATION; | |
| 177 | |
| 178 typedef NTSTATUS (WINAPI *NtQueryAttributesFileFunction)( | |
| 179 IN POBJECT_ATTRIBUTES ObjectAttributes, | |
| 180 OUT PFILE_BASIC_INFORMATION FileAttributes); | |
| 181 | |
| 182 typedef struct _FILE_NETWORK_OPEN_INFORMATION { | |
| 183 LARGE_INTEGER CreationTime; | |
| 184 LARGE_INTEGER LastAccessTime; | |
| 185 LARGE_INTEGER LastWriteTime; | |
| 186 LARGE_INTEGER ChangeTime; | |
| 187 LARGE_INTEGER AllocationSize; | |
| 188 LARGE_INTEGER EndOfFile; | |
| 189 ULONG FileAttributes; | |
| 190 } FILE_NETWORK_OPEN_INFORMATION, *PFILE_NETWORK_OPEN_INFORMATION; | |
| 191 | |
| 192 typedef NTSTATUS (WINAPI *NtQueryFullAttributesFileFunction)( | |
| 193 IN POBJECT_ATTRIBUTES ObjectAttributes, | |
| 194 OUT PFILE_NETWORK_OPEN_INFORMATION FileAttributes); | |
| 195 | |
| 196 // ----------------------------------------------------------------------- | |
| 197 // Sections | |
| 198 | |
| 199 typedef NTSTATUS (WINAPI *NtCreateSectionFunction)( | |
| 200 OUT PHANDLE SectionHandle, | |
| 201 IN ACCESS_MASK DesiredAccess, | |
| 202 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, | |
| 203 IN PLARGE_INTEGER MaximumSize OPTIONAL, | |
| 204 IN ULONG SectionPageProtection, | |
| 205 IN ULONG AllocationAttributes, | |
| 206 IN HANDLE FileHandle OPTIONAL); | |
| 207 | |
| 208 typedef ULONG SECTION_INHERIT; | |
| 209 #define ViewShare 1 | |
| 210 #define ViewUnmap 2 | |
| 211 | |
| 212 typedef NTSTATUS (WINAPI *NtMapViewOfSectionFunction)( | |
| 213 IN HANDLE SectionHandle, | |
| 214 IN HANDLE ProcessHandle, | |
| 215 IN OUT PVOID *BaseAddress, | |
| 216 IN ULONG_PTR ZeroBits, | |
| 217 IN SIZE_T CommitSize, | |
| 218 IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, | |
| 219 IN OUT PSIZE_T ViewSize, | |
| 220 IN SECTION_INHERIT InheritDisposition, | |
| 221 IN ULONG AllocationType, | |
| 222 IN ULONG Win32Protect); | |
| 223 | |
| 224 typedef NTSTATUS (WINAPI *NtUnmapViewOfSectionFunction)( | |
| 225 IN HANDLE ProcessHandle, | |
| 226 IN PVOID BaseAddress); | |
| 227 | |
| 228 typedef enum _SECTION_INFORMATION_CLASS { | |
| 229 SectionBasicInformation = 0, | |
| 230 SectionImageInformation | |
| 231 } SECTION_INFORMATION_CLASS; | |
| 232 | |
| 233 typedef struct _SECTION_BASIC_INFORMATION { | |
| 234 PVOID BaseAddress; | |
| 235 ULONG Attributes; | |
| 236 LARGE_INTEGER Size; | |
| 237 } SECTION_BASIC_INFORMATION, *PSECTION_BASIC_INFORMATION; | |
| 238 | |
| 239 typedef NTSTATUS (WINAPI *NtQuerySectionFunction)( | |
| 240 IN HANDLE SectionHandle, | |
| 241 IN SECTION_INFORMATION_CLASS SectionInformationClass, | |
| 242 OUT PVOID SectionInformation, | |
| 243 IN SIZE_T SectionInformationLength, | |
| 244 OUT PSIZE_T ReturnLength OPTIONAL); | |
| 245 | |
| 246 // ----------------------------------------------------------------------- | |
| 247 // Process and Thread | |
| 248 | |
| 249 typedef struct _CLIENT_ID { | |
| 250 PVOID UniqueProcess; | |
| 251 PVOID UniqueThread; | |
| 252 } CLIENT_ID, *PCLIENT_ID; | |
| 253 | |
| 254 typedef NTSTATUS (WINAPI *NtOpenThreadFunction) ( | |
| 255 OUT PHANDLE ThreadHandle, | |
| 256 IN ACCESS_MASK DesiredAccess, | |
| 257 IN POBJECT_ATTRIBUTES ObjectAttributes, | |
| 258 IN PCLIENT_ID ClientId); | |
| 259 | |
| 260 typedef NTSTATUS (WINAPI *NtOpenProcessFunction) ( | |
| 261 OUT PHANDLE ProcessHandle, | |
| 262 IN ACCESS_MASK DesiredAccess, | |
| 263 IN POBJECT_ATTRIBUTES ObjectAttributes, | |
| 264 IN PCLIENT_ID ClientId); | |
| 265 | |
| 266 typedef enum _NT_THREAD_INFORMATION_CLASS { | |
| 267 ThreadBasicInformation, | |
| 268 ThreadTimes, | |
| 269 ThreadPriority, | |
| 270 ThreadBasePriority, | |
| 271 ThreadAffinityMask, | |
| 272 ThreadImpersonationToken, | |
| 273 ThreadDescriptorTableEntry, | |
| 274 ThreadEnableAlignmentFaultFixup, | |
| 275 ThreadEventPair, | |
| 276 ThreadQuerySetWin32StartAddress, | |
| 277 ThreadZeroTlsCell, | |
| 278 ThreadPerformanceCount, | |
| 279 ThreadAmILastThread, | |
| 280 ThreadIdealProcessor, | |
| 281 ThreadPriorityBoost, | |
| 282 ThreadSetTlsArrayAddress, | |
| 283 ThreadIsIoPending, | |
| 284 ThreadHideFromDebugger | |
| 285 } NT_THREAD_INFORMATION_CLASS, *PNT_THREAD_INFORMATION_CLASS; | |
| 286 | |
| 287 typedef NTSTATUS (WINAPI *NtSetInformationThreadFunction) ( | |
| 288 IN HANDLE ThreadHandle, | |
| 289 IN NT_THREAD_INFORMATION_CLASS ThreadInformationClass, | |
| 290 IN PVOID ThreadInformation, | |
| 291 IN ULONG ThreadInformationLength); | |
| 292 | |
| 293 // Partial definition only: | |
| 294 typedef enum _PROCESSINFOCLASS { | |
| 295 ProcessBasicInformation = 0, | |
| 296 ProcessExecuteFlags = 0x22 | |
| 297 } PROCESSINFOCLASS; | |
| 298 | |
| 299 typedef PVOID PPEB; | |
| 300 typedef PVOID KPRIORITY; | |
| 301 | |
| 302 typedef struct _PROCESS_BASIC_INFORMATION { | |
| 303 NTSTATUS ExitStatus; | |
| 304 PPEB PebBaseAddress; | |
| 305 KAFFINITY AffinityMask; | |
| 306 KPRIORITY BasePriority; | |
| 307 ULONG UniqueProcessId; | |
| 308 ULONG InheritedFromUniqueProcessId; | |
| 309 } PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION; | |
| 310 | |
| 311 typedef NTSTATUS (WINAPI *NtQueryInformationProcessFunction)( | |
| 312 IN HANDLE ProcessHandle, | |
| 313 IN PROCESSINFOCLASS ProcessInformationClass, | |
| 314 OUT PVOID ProcessInformation, | |
| 315 IN ULONG ProcessInformationLength, | |
| 316 OUT PULONG ReturnLength OPTIONAL); | |
| 317 | |
| 318 typedef NTSTATUS (WINAPI *NtSetInformationProcessFunction)( | |
| 319 HANDLE ProcessHandle, | |
| 320 IN PROCESSINFOCLASS ProcessInformationClass, | |
| 321 IN PVOID ProcessInformation, | |
| 322 IN ULONG ProcessInformationLength); | |
| 323 | |
| 324 typedef NTSTATUS (WINAPI *NtOpenThreadTokenFunction) ( | |
| 325 IN HANDLE ThreadHandle, | |
| 326 IN ACCESS_MASK DesiredAccess, | |
| 327 IN BOOLEAN OpenAsSelf, | |
| 328 OUT PHANDLE TokenHandle); | |
| 329 | |
| 330 typedef NTSTATUS (WINAPI *NtOpenThreadTokenExFunction) ( | |
| 331 IN HANDLE ThreadHandle, | |
| 332 IN ACCESS_MASK DesiredAccess, | |
| 333 IN BOOLEAN OpenAsSelf, | |
| 334 IN ULONG HandleAttributes, | |
| 335 OUT PHANDLE TokenHandle); | |
| 336 | |
| 337 typedef NTSTATUS (WINAPI *NtOpenProcessTokenFunction) ( | |
| 338 IN HANDLE ProcessHandle, | |
| 339 IN ACCESS_MASK DesiredAccess, | |
| 340 OUT PHANDLE TokenHandle); | |
| 341 | |
| 342 typedef NTSTATUS (WINAPI *NtOpenProcessTokenExFunction) ( | |
| 343 IN HANDLE ProcessHandle, | |
| 344 IN ACCESS_MASK DesiredAccess, | |
| 345 IN ULONG HandleAttributes, | |
| 346 OUT PHANDLE TokenHandle); | |
| 347 | |
| 348 typedef NTSTATUS (WINAPI * RtlCreateUserThreadFunction)( | |
| 349 IN HANDLE Process, | |
| 350 IN PSECURITY_DESCRIPTOR ThreadSecurityDescriptor, | |
| 351 IN BOOLEAN CreateSuspended, | |
| 352 IN ULONG ZeroBits, | |
| 353 IN SIZE_T MaximumStackSize, | |
| 354 IN SIZE_T CommittedStackSize, | |
| 355 IN LPTHREAD_START_ROUTINE StartAddress, | |
| 356 IN PVOID Parameter, | |
| 357 OUT PHANDLE Thread, | |
| 358 OUT PCLIENT_ID ClientId); | |
| 359 | |
| 360 // ----------------------------------------------------------------------- | |
| 361 // Registry | |
| 362 | |
| 363 typedef NTSTATUS (WINAPI *NtCreateKeyFunction)( | |
| 364 OUT PHANDLE KeyHandle, | |
| 365 IN ACCESS_MASK DesiredAccess, | |
| 366 IN POBJECT_ATTRIBUTES ObjectAttributes, | |
| 367 IN ULONG TitleIndex, | |
| 368 IN PUNICODE_STRING Class OPTIONAL, | |
| 369 IN ULONG CreateOptions, | |
| 370 OUT PULONG Disposition OPTIONAL); | |
| 371 | |
| 372 typedef NTSTATUS (WINAPI *NtOpenKeyFunction)( | |
| 373 OUT PHANDLE KeyHandle, | |
| 374 IN ACCESS_MASK DesiredAccess, | |
| 375 IN POBJECT_ATTRIBUTES ObjectAttributes); | |
| 376 | |
| 377 typedef NTSTATUS (WINAPI *NtOpenKeyExFunction)( | |
| 378 OUT PHANDLE KeyHandle, | |
| 379 IN ACCESS_MASK DesiredAccess, | |
| 380 IN POBJECT_ATTRIBUTES ObjectAttributes, | |
| 381 IN DWORD open_options); | |
| 382 | |
| 383 typedef NTSTATUS (WINAPI *NtDeleteKeyFunction)( | |
| 384 IN HANDLE KeyHandle); | |
| 385 | |
| 386 // ----------------------------------------------------------------------- | |
| 387 // Memory | |
| 388 | |
| 389 // Don't really need this structure right now. | |
| 390 typedef PVOID PRTL_HEAP_PARAMETERS; | |
| 391 | |
| 392 typedef PVOID (WINAPI *RtlCreateHeapFunction)( | |
| 393 IN ULONG Flags, | |
| 394 IN PVOID HeapBase OPTIONAL, | |
| 395 IN SIZE_T ReserveSize OPTIONAL, | |
| 396 IN SIZE_T CommitSize OPTIONAL, | |
| 397 IN PVOID Lock OPTIONAL, | |
| 398 IN PRTL_HEAP_PARAMETERS Parameters OPTIONAL); | |
| 399 | |
| 400 typedef PVOID (WINAPI *RtlDestroyHeapFunction)( | |
| 401 IN PVOID HeapHandle); | |
| 402 | |
| 403 typedef PVOID (WINAPI *RtlAllocateHeapFunction)( | |
| 404 IN PVOID HeapHandle, | |
| 405 IN ULONG Flags, | |
| 406 IN SIZE_T Size); | |
| 407 | |
| 408 typedef BOOLEAN (WINAPI *RtlFreeHeapFunction)( | |
| 409 IN PVOID HeapHandle, | |
| 410 IN ULONG Flags, | |
| 411 IN PVOID HeapBase); | |
| 412 | |
| 413 typedef NTSTATUS (WINAPI *NtAllocateVirtualMemoryFunction) ( | |
| 414 IN HANDLE ProcessHandle, | |
| 415 IN OUT PVOID *BaseAddress, | |
| 416 IN ULONG_PTR ZeroBits, | |
| 417 IN OUT PSIZE_T RegionSize, | |
| 418 IN ULONG AllocationType, | |
| 419 IN ULONG Protect); | |
| 420 | |
| 421 typedef NTSTATUS (WINAPI *NtFreeVirtualMemoryFunction) ( | |
| 422 IN HANDLE ProcessHandle, | |
| 423 IN OUT PVOID *BaseAddress, | |
| 424 IN OUT PSIZE_T RegionSize, | |
| 425 IN ULONG FreeType); | |
| 426 | |
| 427 typedef enum _MEMORY_INFORMATION_CLASS { | |
| 428 MemoryBasicInformation = 0, | |
| 429 MemoryWorkingSetList, | |
| 430 MemorySectionName, | |
| 431 MemoryBasicVlmInformation | |
| 432 } MEMORY_INFORMATION_CLASS; | |
| 433 | |
| 434 typedef struct _MEMORY_SECTION_NAME { // Information Class 2 | |
| 435 UNICODE_STRING SectionFileName; | |
| 436 } MEMORY_SECTION_NAME, *PMEMORY_SECTION_NAME; | |
| 437 | |
| 438 typedef NTSTATUS (WINAPI *NtQueryVirtualMemoryFunction)( | |
| 439 IN HANDLE ProcessHandle, | |
| 440 IN PVOID BaseAddress, | |
| 441 IN MEMORY_INFORMATION_CLASS MemoryInformationClass, | |
| 442 OUT PVOID MemoryInformation, | |
| 443 IN ULONG MemoryInformationLength, | |
| 444 OUT PULONG ReturnLength OPTIONAL); | |
| 445 | |
| 446 typedef NTSTATUS (WINAPI *NtProtectVirtualMemoryFunction)( | |
| 447 IN HANDLE ProcessHandle, | |
| 448 IN OUT PVOID* BaseAddress, | |
| 449 IN OUT PSIZE_T ProtectSize, | |
| 450 IN ULONG NewProtect, | |
| 451 OUT PULONG OldProtect); | |
| 452 | |
| 453 // ----------------------------------------------------------------------- | |
| 454 // Objects | |
| 455 | |
| 456 typedef enum _OBJECT_INFORMATION_CLASS { | |
| 457 ObjectBasicInformation, | |
| 458 ObjectNameInformation, | |
| 459 ObjectTypeInformation, | |
| 460 ObjectAllInformation, | |
| 461 ObjectDataInformation | |
| 462 } OBJECT_INFORMATION_CLASS, *POBJECT_INFORMATION_CLASS; | |
| 463 | |
| 464 typedef struct _OBJDIR_INFORMATION { | |
| 465 UNICODE_STRING ObjectName; | |
| 466 UNICODE_STRING ObjectTypeName; | |
| 467 BYTE Data[1]; | |
| 468 } OBJDIR_INFORMATION; | |
| 469 | |
| 470 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION { | |
| 471 ULONG Attributes; | |
| 472 ACCESS_MASK GrantedAccess; | |
| 473 ULONG HandleCount; | |
| 474 ULONG PointerCount; | |
| 475 ULONG Reserved[10]; // reserved for internal use | |
| 476 } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION; | |
| 477 | |
| 478 typedef struct __PUBLIC_OBJECT_TYPE_INFORMATION { | |
| 479 UNICODE_STRING TypeName; | |
| 480 ULONG Reserved[22]; // reserved for internal use | |
| 481 } PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION; | |
| 482 | |
| 483 typedef enum _POOL_TYPE { | |
| 484 NonPagedPool, | |
| 485 PagedPool, | |
| 486 NonPagedPoolMustSucceed, | |
| 487 ReservedType, | |
| 488 NonPagedPoolCacheAligned, | |
| 489 PagedPoolCacheAligned, | |
| 490 NonPagedPoolCacheAlignedMustS | |
| 491 } POOL_TYPE; | |
| 492 | |
| 493 typedef struct _OBJECT_BASIC_INFORMATION { | |
| 494 ULONG Attributes; | |
| 495 ACCESS_MASK GrantedAccess; | |
| 496 ULONG HandleCount; | |
| 497 ULONG PointerCount; | |
| 498 ULONG PagedPoolUsage; | |
| 499 ULONG NonPagedPoolUsage; | |
| 500 ULONG Reserved[3]; | |
| 501 ULONG NameInformationLength; | |
| 502 ULONG TypeInformationLength; | |
| 503 ULONG SecurityDescriptorLength; | |
| 504 LARGE_INTEGER CreateTime; | |
| 505 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION; | |
| 506 | |
| 507 typedef struct _OBJECT_TYPE_INFORMATION { | |
| 508 UNICODE_STRING Name; | |
| 509 ULONG TotalNumberOfObjects; | |
| 510 ULONG TotalNumberOfHandles; | |
| 511 ULONG TotalPagedPoolUsage; | |
| 512 ULONG TotalNonPagedPoolUsage; | |
| 513 ULONG TotalNamePoolUsage; | |
| 514 ULONG TotalHandleTableUsage; | |
| 515 ULONG HighWaterNumberOfObjects; | |
| 516 ULONG HighWaterNumberOfHandles; | |
| 517 ULONG HighWaterPagedPoolUsage; | |
| 518 ULONG HighWaterNonPagedPoolUsage; | |
| 519 ULONG HighWaterNamePoolUsage; | |
| 520 ULONG HighWaterHandleTableUsage; | |
| 521 ULONG InvalidAttributes; | |
| 522 GENERIC_MAPPING GenericMapping; | |
| 523 ULONG ValidAccess; | |
| 524 BOOLEAN SecurityRequired; | |
| 525 BOOLEAN MaintainHandleCount; | |
| 526 USHORT MaintainTypeList; | |
| 527 POOL_TYPE PoolType; | |
| 528 ULONG PagedPoolUsage; | |
| 529 ULONG NonPagedPoolUsage; | |
| 530 } OBJECT_TYPE_INFORMATION, *POBJECT_TYPE_INFORMATION; | |
| 531 | |
| 532 typedef enum _SYSTEM_INFORMATION_CLASS { | |
| 533 SystemHandleInformation = 16 | |
| 534 } SYSTEM_INFORMATION_CLASS; | |
| 535 | |
| 536 typedef struct _SYSTEM_HANDLE_INFORMATION { | |
| 537 USHORT ProcessId; | |
| 538 USHORT CreatorBackTraceIndex; | |
| 539 UCHAR ObjectTypeNumber; | |
| 540 UCHAR Flags; | |
| 541 USHORT Handle; | |
| 542 PVOID Object; | |
| 543 ACCESS_MASK GrantedAccess; | |
| 544 } SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION; | |
| 545 | |
| 546 typedef struct _SYSTEM_HANDLE_INFORMATION_EX { | |
| 547 ULONG NumberOfHandles; | |
| 548 SYSTEM_HANDLE_INFORMATION Information[1]; | |
| 549 } SYSTEM_HANDLE_INFORMATION_EX, *PSYSTEM_HANDLE_INFORMATION_EX; | |
| 550 | |
| 551 typedef struct _OBJECT_NAME_INFORMATION { | |
| 552 UNICODE_STRING ObjectName; | |
| 553 } OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION; | |
| 554 | |
| 555 typedef NTSTATUS (WINAPI *NtQueryObjectFunction)( | |
| 556 IN HANDLE Handle, | |
| 557 IN OBJECT_INFORMATION_CLASS ObjectInformationClass, | |
| 558 OUT PVOID ObjectInformation OPTIONAL, | |
| 559 IN ULONG ObjectInformationLength, | |
| 560 OUT PULONG ReturnLength OPTIONAL); | |
| 561 | |
| 562 typedef NTSTATUS (WINAPI *NtDuplicateObjectFunction)( | |
| 563 IN HANDLE SourceProcess, | |
| 564 IN HANDLE SourceHandle, | |
| 565 IN HANDLE TargetProcess, | |
| 566 OUT PHANDLE TargetHandle, | |
| 567 IN ACCESS_MASK DesiredAccess, | |
| 568 IN ULONG Attributes, | |
| 569 IN ULONG Options); | |
| 570 | |
| 571 typedef NTSTATUS (WINAPI *NtSignalAndWaitForSingleObjectFunction)( | |
| 572 IN HANDLE HandleToSignal, | |
| 573 IN HANDLE HandleToWait, | |
| 574 IN BOOLEAN Alertable, | |
| 575 IN PLARGE_INTEGER Timeout OPTIONAL); | |
| 576 | |
| 577 typedef NTSTATUS (WINAPI *NtQuerySystemInformation)( | |
| 578 IN SYSTEM_INFORMATION_CLASS SystemInformationClass, | |
| 579 OUT PVOID SystemInformation, | |
| 580 IN ULONG SystemInformationLength, | |
| 581 OUT PULONG ReturnLength); | |
| 582 | |
| 583 typedef NTSTATUS (WINAPI *NtQueryObject)( | |
| 584 IN HANDLE Handle, | |
| 585 IN OBJECT_INFORMATION_CLASS ObjectInformationClass, | |
| 586 OUT PVOID ObjectInformation, | |
| 587 IN ULONG ObjectInformationLength, | |
| 588 OUT PULONG ReturnLength); | |
| 589 | |
| 590 // ----------------------------------------------------------------------- | |
| 591 // Strings | |
| 592 | |
| 593 typedef int (__cdecl *_strnicmpFunction)( | |
| 594 IN const char* _Str1, | |
| 595 IN const char* _Str2, | |
| 596 IN size_t _MaxCount); | |
| 597 | |
| 598 typedef size_t (__cdecl *strlenFunction)( | |
| 599 IN const char * _Str); | |
| 600 | |
| 601 typedef size_t (__cdecl *wcslenFunction)( | |
| 602 IN const wchar_t* _Str); | |
| 603 | |
| 604 typedef NTSTATUS (WINAPI *RtlAnsiStringToUnicodeStringFunction)( | |
| 605 IN OUT PUNICODE_STRING DestinationString, | |
| 606 IN PANSI_STRING SourceString, | |
| 607 IN BOOLEAN AllocateDestinationString); | |
| 608 | |
| 609 typedef LONG (WINAPI *RtlCompareUnicodeStringFunction)( | |
| 610 IN PCUNICODE_STRING String1, | |
| 611 IN PCUNICODE_STRING String2, | |
| 612 IN BOOLEAN CaseInSensitive); | |
| 613 | |
| 614 typedef VOID (WINAPI *RtlInitUnicodeStringFunction) ( | |
| 615 IN OUT PUNICODE_STRING DestinationString, | |
| 616 IN PCWSTR SourceString); | |
| 617 | |
| 618 #endif // SANDBOX_WIN_SRC_NT_INTERNALS_H__ | |
| 619 |
