security/sandbox/win/src/nt_internals.h@b8a032363ba2
security/sandbox/win/src/nt_internals.h
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rw-r--r--
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // This file holds definitions related to the ntdll API.
7 #ifndef SANDBOX_WIN_SRC_NT_INTERNALS_H__
8 #define SANDBOX_WIN_SRC_NT_INTERNALS_H__
10 #include <windows.h>
12 typedef LONG NTSTATUS;
13 #define NT_SUCCESS(st) (st >= 0)
15 #define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
16 #define STATUS_BUFFER_OVERFLOW ((NTSTATUS)0x80000005L)
17 #define STATUS_UNSUCCESSFUL ((NTSTATUS)0xC0000001L)
18 #define STATUS_NOT_IMPLEMENTED ((NTSTATUS)0xC0000002L)
19 #define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004L)
20 #ifndef STATUS_INVALID_PARAMETER
21 // It is now defined in Windows 2008 SDK.
22 #define STATUS_INVALID_PARAMETER ((NTSTATUS)0xC000000DL)
23 #endif
24 #define STATUS_CONFLICTING_ADDRESSES ((NTSTATUS)0xC0000018L)
25 #define STATUS_ACCESS_DENIED ((NTSTATUS)0xC0000022L)
26 #define STATUS_BUFFER_TOO_SMALL ((NTSTATUS)0xC0000023L)
27 #define STATUS_OBJECT_NAME_NOT_FOUND ((NTSTATUS)0xC0000034L)
28 #define STATUS_PROCEDURE_NOT_FOUND ((NTSTATUS)0xC000007AL)
29 #define STATUS_INVALID_IMAGE_FORMAT ((NTSTATUS)0xC000007BL)
30 #define STATUS_NO_TOKEN ((NTSTATUS)0xC000007CL)
32 #define CURRENT_PROCESS ((HANDLE) -1)
33 #define CURRENT_THREAD ((HANDLE) -2)
34 #define NtCurrentProcess CURRENT_PROCESS
36 typedef struct _UNICODE_STRING {
37 USHORT Length;
38 USHORT MaximumLength;
39 PWSTR Buffer;
40 } UNICODE_STRING;
41 typedef UNICODE_STRING *PUNICODE_STRING;
42 typedef const UNICODE_STRING *PCUNICODE_STRING;
44 typedef struct _STRING {
45 USHORT Length;
46 USHORT MaximumLength;
47 PCHAR Buffer;
48 } STRING;
49 typedef STRING *PSTRING;
51 typedef STRING ANSI_STRING;
52 typedef PSTRING PANSI_STRING;
53 typedef CONST PSTRING PCANSI_STRING;
55 typedef STRING OEM_STRING;
56 typedef PSTRING POEM_STRING;
57 typedef CONST STRING* PCOEM_STRING;
59 #define OBJ_CASE_INSENSITIVE 0x00000040L
61 typedef struct _OBJECT_ATTRIBUTES {
62 ULONG Length;
63 HANDLE RootDirectory;
64 PUNICODE_STRING ObjectName;
65 ULONG Attributes;
66 PVOID SecurityDescriptor;
67 PVOID SecurityQualityOfService;
68 } OBJECT_ATTRIBUTES;
69 typedef OBJECT_ATTRIBUTES *POBJECT_ATTRIBUTES;
71 #define InitializeObjectAttributes(p, n, a, r, s) { \
72 (p)->Length = sizeof(OBJECT_ATTRIBUTES);\
73 (p)->RootDirectory = r;\
74 (p)->Attributes = a;\
75 (p)->ObjectName = n;\
76 (p)->SecurityDescriptor = s;\
77 (p)->SecurityQualityOfService = NULL;\
78 }
80 typedef struct _IO_STATUS_BLOCK {
81 union {
82 NTSTATUS Status;
83 PVOID Pointer;
84 };
85 ULONG_PTR Information;
86 } IO_STATUS_BLOCK, *PIO_STATUS_BLOCK;
88 // -----------------------------------------------------------------------
89 // File IO
91 // Create disposition values.
93 #define FILE_SUPERSEDE 0x00000000
94 #define FILE_OPEN 0x00000001
95 #define FILE_CREATE 0x00000002
96 #define FILE_OPEN_IF 0x00000003
97 #define FILE_OVERWRITE 0x00000004
98 #define FILE_OVERWRITE_IF 0x00000005
99 #define FILE_MAXIMUM_DISPOSITION 0x00000005
101 // Create/open option flags.
103 #define FILE_DIRECTORY_FILE 0x00000001
104 #define FILE_WRITE_THROUGH 0x00000002
105 #define FILE_SEQUENTIAL_ONLY 0x00000004
106 #define FILE_NO_INTERMEDIATE_BUFFERING 0x00000008
108 #define FILE_SYNCHRONOUS_IO_ALERT 0x00000010
109 #define FILE_SYNCHRONOUS_IO_NONALERT 0x00000020
110 #define FILE_NON_DIRECTORY_FILE 0x00000040
111 #define FILE_CREATE_TREE_CONNECTION 0x00000080
113 #define FILE_COMPLETE_IF_OPLOCKED 0x00000100
114 #define FILE_NO_EA_KNOWLEDGE 0x00000200
115 #define FILE_OPEN_REMOTE_INSTANCE 0x00000400
116 #define FILE_RANDOM_ACCESS 0x00000800
118 #define FILE_DELETE_ON_CLOSE 0x00001000
119 #define FILE_OPEN_BY_FILE_ID 0x00002000
120 #define FILE_OPEN_FOR_BACKUP_INTENT 0x00004000
121 #define FILE_NO_COMPRESSION 0x00008000
123 #define FILE_RESERVE_OPFILTER 0x00100000
124 #define FILE_OPEN_REPARSE_POINT 0x00200000
125 #define FILE_OPEN_NO_RECALL 0x00400000
126 #define FILE_OPEN_FOR_FREE_SPACE_QUERY 0x00800000
128 typedef NTSTATUS (WINAPI *NtCreateFileFunction)(
129 OUT PHANDLE FileHandle,
130 IN ACCESS_MASK DesiredAccess,
131 IN POBJECT_ATTRIBUTES ObjectAttributes,
132 OUT PIO_STATUS_BLOCK IoStatusBlock,
133 IN PLARGE_INTEGER AllocationSize OPTIONAL,
134 IN ULONG FileAttributes,
135 IN ULONG ShareAccess,
136 IN ULONG CreateDisposition,
137 IN ULONG CreateOptions,
138 IN PVOID EaBuffer OPTIONAL,
139 IN ULONG EaLength);
141 typedef NTSTATUS (WINAPI *NtOpenFileFunction)(
142 OUT PHANDLE FileHandle,
143 IN ACCESS_MASK DesiredAccess,
144 IN POBJECT_ATTRIBUTES ObjectAttributes,
145 OUT PIO_STATUS_BLOCK IoStatusBlock,
146 IN ULONG ShareAccess,
147 IN ULONG OpenOptions);
149 typedef NTSTATUS (WINAPI *NtCloseFunction)(
150 IN HANDLE Handle);
152 typedef enum _FILE_INFORMATION_CLASS {
153 FileRenameInformation = 10
154 } FILE_INFORMATION_CLASS, *PFILE_INFORMATION_CLASS;
156 typedef struct _FILE_RENAME_INFORMATION {
157 BOOLEAN ReplaceIfExists;
158 HANDLE RootDirectory;
159 ULONG FileNameLength;
160 WCHAR FileName[1];
161 } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION;
163 typedef NTSTATUS (WINAPI *NtSetInformationFileFunction)(
164 IN HANDLE FileHandle,
165 OUT PIO_STATUS_BLOCK IoStatusBlock,
166 IN PVOID FileInformation,
167 IN ULONG Length,
168 IN FILE_INFORMATION_CLASS FileInformationClass);
170 typedef struct FILE_BASIC_INFORMATION {
171 LARGE_INTEGER CreationTime;
172 LARGE_INTEGER LastAccessTime;
173 LARGE_INTEGER LastWriteTime;
174 LARGE_INTEGER ChangeTime;
175 ULONG FileAttributes;
176 } FILE_BASIC_INFORMATION, *PFILE_BASIC_INFORMATION;
178 typedef NTSTATUS (WINAPI *NtQueryAttributesFileFunction)(
179 IN POBJECT_ATTRIBUTES ObjectAttributes,
180 OUT PFILE_BASIC_INFORMATION FileAttributes);
182 typedef struct _FILE_NETWORK_OPEN_INFORMATION {
183 LARGE_INTEGER CreationTime;
184 LARGE_INTEGER LastAccessTime;
185 LARGE_INTEGER LastWriteTime;
186 LARGE_INTEGER ChangeTime;
187 LARGE_INTEGER AllocationSize;
188 LARGE_INTEGER EndOfFile;
189 ULONG FileAttributes;
190 } FILE_NETWORK_OPEN_INFORMATION, *PFILE_NETWORK_OPEN_INFORMATION;
192 typedef NTSTATUS (WINAPI *NtQueryFullAttributesFileFunction)(
193 IN POBJECT_ATTRIBUTES ObjectAttributes,
194 OUT PFILE_NETWORK_OPEN_INFORMATION FileAttributes);
196 // -----------------------------------------------------------------------
197 // Sections
199 typedef NTSTATUS (WINAPI *NtCreateSectionFunction)(
200 OUT PHANDLE SectionHandle,
201 IN ACCESS_MASK DesiredAccess,
202 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
203 IN PLARGE_INTEGER MaximumSize OPTIONAL,
204 IN ULONG SectionPageProtection,
205 IN ULONG AllocationAttributes,
206 IN HANDLE FileHandle OPTIONAL);
208 typedef ULONG SECTION_INHERIT;
209 #define ViewShare 1
210 #define ViewUnmap 2
212 typedef NTSTATUS (WINAPI *NtMapViewOfSectionFunction)(
213 IN HANDLE SectionHandle,
214 IN HANDLE ProcessHandle,
215 IN OUT PVOID *BaseAddress,
216 IN ULONG_PTR ZeroBits,
217 IN SIZE_T CommitSize,
218 IN OUT PLARGE_INTEGER SectionOffset OPTIONAL,
219 IN OUT PSIZE_T ViewSize,
220 IN SECTION_INHERIT InheritDisposition,
221 IN ULONG AllocationType,
222 IN ULONG Win32Protect);
224 typedef NTSTATUS (WINAPI *NtUnmapViewOfSectionFunction)(
225 IN HANDLE ProcessHandle,
226 IN PVOID BaseAddress);
228 typedef enum _SECTION_INFORMATION_CLASS {
229 SectionBasicInformation = 0,
230 SectionImageInformation
231 } SECTION_INFORMATION_CLASS;
233 typedef struct _SECTION_BASIC_INFORMATION {
234 PVOID BaseAddress;
235 ULONG Attributes;
236 LARGE_INTEGER Size;
237 } SECTION_BASIC_INFORMATION, *PSECTION_BASIC_INFORMATION;
239 typedef NTSTATUS (WINAPI *NtQuerySectionFunction)(
240 IN HANDLE SectionHandle,
241 IN SECTION_INFORMATION_CLASS SectionInformationClass,
242 OUT PVOID SectionInformation,
243 IN SIZE_T SectionInformationLength,
244 OUT PSIZE_T ReturnLength OPTIONAL);
246 // -----------------------------------------------------------------------
247 // Process and Thread
249 typedef struct _CLIENT_ID {
250 PVOID UniqueProcess;
251 PVOID UniqueThread;
252 } CLIENT_ID, *PCLIENT_ID;
254 typedef NTSTATUS (WINAPI *NtOpenThreadFunction) (
255 OUT PHANDLE ThreadHandle,
256 IN ACCESS_MASK DesiredAccess,
257 IN POBJECT_ATTRIBUTES ObjectAttributes,
258 IN PCLIENT_ID ClientId);
260 typedef NTSTATUS (WINAPI *NtOpenProcessFunction) (
261 OUT PHANDLE ProcessHandle,
262 IN ACCESS_MASK DesiredAccess,
263 IN POBJECT_ATTRIBUTES ObjectAttributes,
264 IN PCLIENT_ID ClientId);
266 typedef enum _NT_THREAD_INFORMATION_CLASS {
267 ThreadBasicInformation,
268 ThreadTimes,
269 ThreadPriority,
270 ThreadBasePriority,
271 ThreadAffinityMask,
272 ThreadImpersonationToken,
273 ThreadDescriptorTableEntry,
274 ThreadEnableAlignmentFaultFixup,
275 ThreadEventPair,
276 ThreadQuerySetWin32StartAddress,
277 ThreadZeroTlsCell,
278 ThreadPerformanceCount,
279 ThreadAmILastThread,
280 ThreadIdealProcessor,
281 ThreadPriorityBoost,
282 ThreadSetTlsArrayAddress,
283 ThreadIsIoPending,
284 ThreadHideFromDebugger
285 } NT_THREAD_INFORMATION_CLASS, *PNT_THREAD_INFORMATION_CLASS;
287 typedef NTSTATUS (WINAPI *NtSetInformationThreadFunction) (
288 IN HANDLE ThreadHandle,
289 IN NT_THREAD_INFORMATION_CLASS ThreadInformationClass,
290 IN PVOID ThreadInformation,
291 IN ULONG ThreadInformationLength);
293 // Partial definition only:
294 typedef enum _PROCESSINFOCLASS {
295 ProcessBasicInformation = 0,
296 ProcessExecuteFlags = 0x22
297 } PROCESSINFOCLASS;
299 typedef PVOID PPEB;
300 typedef PVOID KPRIORITY;
302 typedef struct _PROCESS_BASIC_INFORMATION {
303 NTSTATUS ExitStatus;
304 PPEB PebBaseAddress;
305 KAFFINITY AffinityMask;
306 KPRIORITY BasePriority;
307 ULONG UniqueProcessId;
308 ULONG InheritedFromUniqueProcessId;
309 } PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION;
311 typedef NTSTATUS (WINAPI *NtQueryInformationProcessFunction)(
312 IN HANDLE ProcessHandle,
313 IN PROCESSINFOCLASS ProcessInformationClass,
314 OUT PVOID ProcessInformation,
315 IN ULONG ProcessInformationLength,
316 OUT PULONG ReturnLength OPTIONAL);
318 typedef NTSTATUS (WINAPI *NtSetInformationProcessFunction)(
319 HANDLE ProcessHandle,
320 IN PROCESSINFOCLASS ProcessInformationClass,
321 IN PVOID ProcessInformation,
322 IN ULONG ProcessInformationLength);
324 typedef NTSTATUS (WINAPI *NtOpenThreadTokenFunction) (
325 IN HANDLE ThreadHandle,
326 IN ACCESS_MASK DesiredAccess,
327 IN BOOLEAN OpenAsSelf,
328 OUT PHANDLE TokenHandle);
330 typedef NTSTATUS (WINAPI *NtOpenThreadTokenExFunction) (
331 IN HANDLE ThreadHandle,
332 IN ACCESS_MASK DesiredAccess,
333 IN BOOLEAN OpenAsSelf,
334 IN ULONG HandleAttributes,
335 OUT PHANDLE TokenHandle);
337 typedef NTSTATUS (WINAPI *NtOpenProcessTokenFunction) (
338 IN HANDLE ProcessHandle,
339 IN ACCESS_MASK DesiredAccess,
340 OUT PHANDLE TokenHandle);
342 typedef NTSTATUS (WINAPI *NtOpenProcessTokenExFunction) (
343 IN HANDLE ProcessHandle,
344 IN ACCESS_MASK DesiredAccess,
345 IN ULONG HandleAttributes,
346 OUT PHANDLE TokenHandle);
348 typedef NTSTATUS (WINAPI * RtlCreateUserThreadFunction)(
349 IN HANDLE Process,
350 IN PSECURITY_DESCRIPTOR ThreadSecurityDescriptor,
351 IN BOOLEAN CreateSuspended,
352 IN ULONG ZeroBits,
353 IN SIZE_T MaximumStackSize,
354 IN SIZE_T CommittedStackSize,
355 IN LPTHREAD_START_ROUTINE StartAddress,
356 IN PVOID Parameter,
357 OUT PHANDLE Thread,
358 OUT PCLIENT_ID ClientId);
360 // -----------------------------------------------------------------------
361 // Registry
363 typedef NTSTATUS (WINAPI *NtCreateKeyFunction)(
364 OUT PHANDLE KeyHandle,
365 IN ACCESS_MASK DesiredAccess,
366 IN POBJECT_ATTRIBUTES ObjectAttributes,
367 IN ULONG TitleIndex,
368 IN PUNICODE_STRING Class OPTIONAL,
369 IN ULONG CreateOptions,
370 OUT PULONG Disposition OPTIONAL);
372 typedef NTSTATUS (WINAPI *NtOpenKeyFunction)(
373 OUT PHANDLE KeyHandle,
374 IN ACCESS_MASK DesiredAccess,
375 IN POBJECT_ATTRIBUTES ObjectAttributes);
377 typedef NTSTATUS (WINAPI *NtOpenKeyExFunction)(
378 OUT PHANDLE KeyHandle,
379 IN ACCESS_MASK DesiredAccess,
380 IN POBJECT_ATTRIBUTES ObjectAttributes,
381 IN DWORD open_options);
383 typedef NTSTATUS (WINAPI *NtDeleteKeyFunction)(
384 IN HANDLE KeyHandle);
386 // -----------------------------------------------------------------------
387 // Memory
389 // Don't really need this structure right now.
390 typedef PVOID PRTL_HEAP_PARAMETERS;
392 typedef PVOID (WINAPI *RtlCreateHeapFunction)(
393 IN ULONG Flags,
394 IN PVOID HeapBase OPTIONAL,
395 IN SIZE_T ReserveSize OPTIONAL,
396 IN SIZE_T CommitSize OPTIONAL,
397 IN PVOID Lock OPTIONAL,
398 IN PRTL_HEAP_PARAMETERS Parameters OPTIONAL);
400 typedef PVOID (WINAPI *RtlDestroyHeapFunction)(
401 IN PVOID HeapHandle);
403 typedef PVOID (WINAPI *RtlAllocateHeapFunction)(
404 IN PVOID HeapHandle,
405 IN ULONG Flags,
406 IN SIZE_T Size);
408 typedef BOOLEAN (WINAPI *RtlFreeHeapFunction)(
409 IN PVOID HeapHandle,
410 IN ULONG Flags,
411 IN PVOID HeapBase);
413 typedef NTSTATUS (WINAPI *NtAllocateVirtualMemoryFunction) (
414 IN HANDLE ProcessHandle,
415 IN OUT PVOID *BaseAddress,
416 IN ULONG_PTR ZeroBits,
417 IN OUT PSIZE_T RegionSize,
418 IN ULONG AllocationType,
419 IN ULONG Protect);
421 typedef NTSTATUS (WINAPI *NtFreeVirtualMemoryFunction) (
422 IN HANDLE ProcessHandle,
423 IN OUT PVOID *BaseAddress,
424 IN OUT PSIZE_T RegionSize,
425 IN ULONG FreeType);
427 typedef enum _MEMORY_INFORMATION_CLASS {
428 MemoryBasicInformation = 0,
429 MemoryWorkingSetList,
430 MemorySectionName,
431 MemoryBasicVlmInformation
432 } MEMORY_INFORMATION_CLASS;
434 typedef struct _MEMORY_SECTION_NAME { // Information Class 2
435 UNICODE_STRING SectionFileName;
436 } MEMORY_SECTION_NAME, *PMEMORY_SECTION_NAME;
438 typedef NTSTATUS (WINAPI *NtQueryVirtualMemoryFunction)(
439 IN HANDLE ProcessHandle,
440 IN PVOID BaseAddress,
441 IN MEMORY_INFORMATION_CLASS MemoryInformationClass,
442 OUT PVOID MemoryInformation,
443 IN ULONG MemoryInformationLength,
444 OUT PULONG ReturnLength OPTIONAL);
446 typedef NTSTATUS (WINAPI *NtProtectVirtualMemoryFunction)(
447 IN HANDLE ProcessHandle,
448 IN OUT PVOID* BaseAddress,
449 IN OUT PSIZE_T ProtectSize,
450 IN ULONG NewProtect,
451 OUT PULONG OldProtect);
453 // -----------------------------------------------------------------------
454 // Objects
456 typedef enum _OBJECT_INFORMATION_CLASS {
457 ObjectBasicInformation,
458 ObjectNameInformation,
459 ObjectTypeInformation,
460 ObjectAllInformation,
461 ObjectDataInformation
462 } OBJECT_INFORMATION_CLASS, *POBJECT_INFORMATION_CLASS;
464 typedef struct _OBJDIR_INFORMATION {
465 UNICODE_STRING ObjectName;
466 UNICODE_STRING ObjectTypeName;
467 BYTE Data[1];
468 } OBJDIR_INFORMATION;
470 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
471 ULONG Attributes;
472 ACCESS_MASK GrantedAccess;
473 ULONG HandleCount;
474 ULONG PointerCount;
475 ULONG Reserved[10]; // reserved for internal use
476 } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;
478 typedef struct __PUBLIC_OBJECT_TYPE_INFORMATION {
479 UNICODE_STRING TypeName;
480 ULONG Reserved[22]; // reserved for internal use
481 } PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;
483 typedef enum _POOL_TYPE {
484 NonPagedPool,
485 PagedPool,
486 NonPagedPoolMustSucceed,
487 ReservedType,
488 NonPagedPoolCacheAligned,
489 PagedPoolCacheAligned,
490 NonPagedPoolCacheAlignedMustS
491 } POOL_TYPE;
493 typedef struct _OBJECT_BASIC_INFORMATION {
494 ULONG Attributes;
495 ACCESS_MASK GrantedAccess;
496 ULONG HandleCount;
497 ULONG PointerCount;
498 ULONG PagedPoolUsage;
499 ULONG NonPagedPoolUsage;
500 ULONG Reserved[3];
501 ULONG NameInformationLength;
502 ULONG TypeInformationLength;
503 ULONG SecurityDescriptorLength;
504 LARGE_INTEGER CreateTime;
505 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
507 typedef struct _OBJECT_TYPE_INFORMATION {
508 UNICODE_STRING Name;
509 ULONG TotalNumberOfObjects;
510 ULONG TotalNumberOfHandles;
511 ULONG TotalPagedPoolUsage;
512 ULONG TotalNonPagedPoolUsage;
513 ULONG TotalNamePoolUsage;
514 ULONG TotalHandleTableUsage;
515 ULONG HighWaterNumberOfObjects;
516 ULONG HighWaterNumberOfHandles;
517 ULONG HighWaterPagedPoolUsage;
518 ULONG HighWaterNonPagedPoolUsage;
519 ULONG HighWaterNamePoolUsage;
520 ULONG HighWaterHandleTableUsage;
521 ULONG InvalidAttributes;
522 GENERIC_MAPPING GenericMapping;
523 ULONG ValidAccess;
524 BOOLEAN SecurityRequired;
525 BOOLEAN MaintainHandleCount;
526 USHORT MaintainTypeList;
527 POOL_TYPE PoolType;
528 ULONG PagedPoolUsage;
529 ULONG NonPagedPoolUsage;
530 } OBJECT_TYPE_INFORMATION, *POBJECT_TYPE_INFORMATION;
532 typedef enum _SYSTEM_INFORMATION_CLASS {
533 SystemHandleInformation = 16
534 } SYSTEM_INFORMATION_CLASS;
536 typedef struct _SYSTEM_HANDLE_INFORMATION {
537 USHORT ProcessId;
538 USHORT CreatorBackTraceIndex;
539 UCHAR ObjectTypeNumber;
540 UCHAR Flags;
541 USHORT Handle;
542 PVOID Object;
543 ACCESS_MASK GrantedAccess;
544 } SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;
546 typedef struct _SYSTEM_HANDLE_INFORMATION_EX {
547 ULONG NumberOfHandles;
548 SYSTEM_HANDLE_INFORMATION Information[1];
549 } SYSTEM_HANDLE_INFORMATION_EX, *PSYSTEM_HANDLE_INFORMATION_EX;
551 typedef struct _OBJECT_NAME_INFORMATION {
552 UNICODE_STRING ObjectName;
553 } OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION;
555 typedef NTSTATUS (WINAPI *NtQueryObjectFunction)(
556 IN HANDLE Handle,
557 IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
558 OUT PVOID ObjectInformation OPTIONAL,
559 IN ULONG ObjectInformationLength,
560 OUT PULONG ReturnLength OPTIONAL);
562 typedef NTSTATUS (WINAPI *NtDuplicateObjectFunction)(
563 IN HANDLE SourceProcess,
564 IN HANDLE SourceHandle,
565 IN HANDLE TargetProcess,
566 OUT PHANDLE TargetHandle,
567 IN ACCESS_MASK DesiredAccess,
568 IN ULONG Attributes,
569 IN ULONG Options);
571 typedef NTSTATUS (WINAPI *NtSignalAndWaitForSingleObjectFunction)(
572 IN HANDLE HandleToSignal,
573 IN HANDLE HandleToWait,
574 IN BOOLEAN Alertable,
575 IN PLARGE_INTEGER Timeout OPTIONAL);
577 typedef NTSTATUS (WINAPI *NtQuerySystemInformation)(
578 IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
579 OUT PVOID SystemInformation,
580 IN ULONG SystemInformationLength,
581 OUT PULONG ReturnLength);
583 typedef NTSTATUS (WINAPI *NtQueryObject)(
584 IN HANDLE Handle,
585 IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
586 OUT PVOID ObjectInformation,
587 IN ULONG ObjectInformationLength,
588 OUT PULONG ReturnLength);
590 // -----------------------------------------------------------------------
591 // Strings
593 typedef int (__cdecl *_strnicmpFunction)(
594 IN const char* _Str1,
595 IN const char* _Str2,
596 IN size_t _MaxCount);
598 typedef size_t (__cdecl *strlenFunction)(
599 IN const char * _Str);
601 typedef size_t (__cdecl *wcslenFunction)(
602 IN const wchar_t* _Str);
604 typedef NTSTATUS (WINAPI *RtlAnsiStringToUnicodeStringFunction)(
605 IN OUT PUNICODE_STRING DestinationString,
606 IN PANSI_STRING SourceString,
607 IN BOOLEAN AllocateDestinationString);
609 typedef LONG (WINAPI *RtlCompareUnicodeStringFunction)(
610 IN PCUNICODE_STRING String1,
611 IN PCUNICODE_STRING String2,
612 IN BOOLEAN CaseInSensitive);
614 typedef VOID (WINAPI *RtlInitUnicodeStringFunction) (
615 IN OUT PUNICODE_STRING DestinationString,
616 IN PCWSTR SourceString);
618 #endif // SANDBOX_WIN_SRC_NT_INTERNALS_H__
