michael@0: // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. michael@0: // Use of this source code is governed by a BSD-style license that can be michael@0: // found in the LICENSE file. michael@0: michael@0: // This file holds definitions related to the ntdll API. michael@0: michael@0: #ifndef SANDBOX_WIN_SRC_NT_INTERNALS_H__ michael@0: #define SANDBOX_WIN_SRC_NT_INTERNALS_H__ michael@0: michael@0: #include michael@0: michael@0: typedef LONG NTSTATUS; michael@0: #define NT_SUCCESS(st) (st >= 0) michael@0: michael@0: #define STATUS_SUCCESS ((NTSTATUS)0x00000000L) michael@0: #define STATUS_BUFFER_OVERFLOW ((NTSTATUS)0x80000005L) michael@0: #define STATUS_UNSUCCESSFUL ((NTSTATUS)0xC0000001L) michael@0: #define STATUS_NOT_IMPLEMENTED ((NTSTATUS)0xC0000002L) michael@0: #define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004L) michael@0: #ifndef STATUS_INVALID_PARAMETER michael@0: // It is now defined in Windows 2008 SDK. michael@0: #define STATUS_INVALID_PARAMETER ((NTSTATUS)0xC000000DL) michael@0: #endif michael@0: #define STATUS_CONFLICTING_ADDRESSES ((NTSTATUS)0xC0000018L) michael@0: #define STATUS_ACCESS_DENIED ((NTSTATUS)0xC0000022L) michael@0: #define STATUS_BUFFER_TOO_SMALL ((NTSTATUS)0xC0000023L) michael@0: #define STATUS_OBJECT_NAME_NOT_FOUND ((NTSTATUS)0xC0000034L) michael@0: #define STATUS_PROCEDURE_NOT_FOUND ((NTSTATUS)0xC000007AL) michael@0: #define STATUS_INVALID_IMAGE_FORMAT ((NTSTATUS)0xC000007BL) michael@0: #define STATUS_NO_TOKEN ((NTSTATUS)0xC000007CL) michael@0: michael@0: #define CURRENT_PROCESS ((HANDLE) -1) michael@0: #define CURRENT_THREAD ((HANDLE) -2) michael@0: #define NtCurrentProcess CURRENT_PROCESS michael@0: michael@0: typedef struct _UNICODE_STRING { michael@0: USHORT Length; michael@0: USHORT MaximumLength; michael@0: PWSTR Buffer; michael@0: } UNICODE_STRING; michael@0: typedef UNICODE_STRING *PUNICODE_STRING; michael@0: typedef const UNICODE_STRING *PCUNICODE_STRING; michael@0: michael@0: typedef struct _STRING { michael@0: USHORT Length; michael@0: USHORT MaximumLength; michael@0: PCHAR Buffer; michael@0: } STRING; michael@0: typedef STRING *PSTRING; michael@0: michael@0: typedef STRING ANSI_STRING; michael@0: typedef PSTRING PANSI_STRING; michael@0: typedef CONST PSTRING PCANSI_STRING; michael@0: michael@0: typedef STRING OEM_STRING; michael@0: typedef PSTRING POEM_STRING; michael@0: typedef CONST STRING* PCOEM_STRING; michael@0: michael@0: #define OBJ_CASE_INSENSITIVE 0x00000040L michael@0: michael@0: typedef struct _OBJECT_ATTRIBUTES { michael@0: ULONG Length; michael@0: HANDLE RootDirectory; michael@0: PUNICODE_STRING ObjectName; michael@0: ULONG Attributes; michael@0: PVOID SecurityDescriptor; michael@0: PVOID SecurityQualityOfService; michael@0: } OBJECT_ATTRIBUTES; michael@0: typedef OBJECT_ATTRIBUTES *POBJECT_ATTRIBUTES; michael@0: michael@0: #define InitializeObjectAttributes(p, n, a, r, s) { \ michael@0: (p)->Length = sizeof(OBJECT_ATTRIBUTES);\ michael@0: (p)->RootDirectory = r;\ michael@0: (p)->Attributes = a;\ michael@0: (p)->ObjectName = n;\ michael@0: (p)->SecurityDescriptor = s;\ michael@0: (p)->SecurityQualityOfService = NULL;\ michael@0: } michael@0: michael@0: typedef struct _IO_STATUS_BLOCK { michael@0: union { michael@0: NTSTATUS Status; michael@0: PVOID Pointer; michael@0: }; michael@0: ULONG_PTR Information; michael@0: } IO_STATUS_BLOCK, *PIO_STATUS_BLOCK; michael@0: michael@0: // ----------------------------------------------------------------------- michael@0: // File IO michael@0: michael@0: // Create disposition values. michael@0: michael@0: #define FILE_SUPERSEDE 0x00000000 michael@0: #define FILE_OPEN 0x00000001 michael@0: #define FILE_CREATE 0x00000002 michael@0: #define FILE_OPEN_IF 0x00000003 michael@0: #define FILE_OVERWRITE 0x00000004 michael@0: #define FILE_OVERWRITE_IF 0x00000005 michael@0: #define FILE_MAXIMUM_DISPOSITION 0x00000005 michael@0: michael@0: // Create/open option flags. michael@0: michael@0: #define FILE_DIRECTORY_FILE 0x00000001 michael@0: #define FILE_WRITE_THROUGH 0x00000002 michael@0: #define FILE_SEQUENTIAL_ONLY 0x00000004 michael@0: #define FILE_NO_INTERMEDIATE_BUFFERING 0x00000008 michael@0: michael@0: #define FILE_SYNCHRONOUS_IO_ALERT 0x00000010 michael@0: #define FILE_SYNCHRONOUS_IO_NONALERT 0x00000020 michael@0: #define FILE_NON_DIRECTORY_FILE 0x00000040 michael@0: #define FILE_CREATE_TREE_CONNECTION 0x00000080 michael@0: michael@0: #define FILE_COMPLETE_IF_OPLOCKED 0x00000100 michael@0: #define FILE_NO_EA_KNOWLEDGE 0x00000200 michael@0: #define FILE_OPEN_REMOTE_INSTANCE 0x00000400 michael@0: #define FILE_RANDOM_ACCESS 0x00000800 michael@0: michael@0: #define FILE_DELETE_ON_CLOSE 0x00001000 michael@0: #define FILE_OPEN_BY_FILE_ID 0x00002000 michael@0: #define FILE_OPEN_FOR_BACKUP_INTENT 0x00004000 michael@0: #define FILE_NO_COMPRESSION 0x00008000 michael@0: michael@0: #define FILE_RESERVE_OPFILTER 0x00100000 michael@0: #define FILE_OPEN_REPARSE_POINT 0x00200000 michael@0: #define FILE_OPEN_NO_RECALL 0x00400000 michael@0: #define FILE_OPEN_FOR_FREE_SPACE_QUERY 0x00800000 michael@0: michael@0: typedef NTSTATUS (WINAPI *NtCreateFileFunction)( michael@0: OUT PHANDLE FileHandle, michael@0: IN ACCESS_MASK DesiredAccess, michael@0: IN POBJECT_ATTRIBUTES ObjectAttributes, michael@0: OUT PIO_STATUS_BLOCK IoStatusBlock, michael@0: IN PLARGE_INTEGER AllocationSize OPTIONAL, michael@0: IN ULONG FileAttributes, michael@0: IN ULONG ShareAccess, michael@0: IN ULONG CreateDisposition, michael@0: IN ULONG CreateOptions, michael@0: IN PVOID EaBuffer OPTIONAL, michael@0: IN ULONG EaLength); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtOpenFileFunction)( michael@0: OUT PHANDLE FileHandle, michael@0: IN ACCESS_MASK DesiredAccess, michael@0: IN POBJECT_ATTRIBUTES ObjectAttributes, michael@0: OUT PIO_STATUS_BLOCK IoStatusBlock, michael@0: IN ULONG ShareAccess, michael@0: IN ULONG OpenOptions); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtCloseFunction)( michael@0: IN HANDLE Handle); michael@0: michael@0: typedef enum _FILE_INFORMATION_CLASS { michael@0: FileRenameInformation = 10 michael@0: } FILE_INFORMATION_CLASS, *PFILE_INFORMATION_CLASS; michael@0: michael@0: typedef struct _FILE_RENAME_INFORMATION { michael@0: BOOLEAN ReplaceIfExists; michael@0: HANDLE RootDirectory; michael@0: ULONG FileNameLength; michael@0: WCHAR FileName[1]; michael@0: } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION; michael@0: michael@0: typedef NTSTATUS (WINAPI *NtSetInformationFileFunction)( michael@0: IN HANDLE FileHandle, michael@0: OUT PIO_STATUS_BLOCK IoStatusBlock, michael@0: IN PVOID FileInformation, michael@0: IN ULONG Length, michael@0: IN FILE_INFORMATION_CLASS FileInformationClass); michael@0: michael@0: typedef struct FILE_BASIC_INFORMATION { michael@0: LARGE_INTEGER CreationTime; michael@0: LARGE_INTEGER LastAccessTime; michael@0: LARGE_INTEGER LastWriteTime; michael@0: LARGE_INTEGER ChangeTime; michael@0: ULONG FileAttributes; michael@0: } FILE_BASIC_INFORMATION, *PFILE_BASIC_INFORMATION; michael@0: michael@0: typedef NTSTATUS (WINAPI *NtQueryAttributesFileFunction)( michael@0: IN POBJECT_ATTRIBUTES ObjectAttributes, michael@0: OUT PFILE_BASIC_INFORMATION FileAttributes); michael@0: michael@0: typedef struct _FILE_NETWORK_OPEN_INFORMATION { michael@0: LARGE_INTEGER CreationTime; michael@0: LARGE_INTEGER LastAccessTime; michael@0: LARGE_INTEGER LastWriteTime; michael@0: LARGE_INTEGER ChangeTime; michael@0: LARGE_INTEGER AllocationSize; michael@0: LARGE_INTEGER EndOfFile; michael@0: ULONG FileAttributes; michael@0: } FILE_NETWORK_OPEN_INFORMATION, *PFILE_NETWORK_OPEN_INFORMATION; michael@0: michael@0: typedef NTSTATUS (WINAPI *NtQueryFullAttributesFileFunction)( michael@0: IN POBJECT_ATTRIBUTES ObjectAttributes, michael@0: OUT PFILE_NETWORK_OPEN_INFORMATION FileAttributes); michael@0: michael@0: // ----------------------------------------------------------------------- michael@0: // Sections michael@0: michael@0: typedef NTSTATUS (WINAPI *NtCreateSectionFunction)( michael@0: OUT PHANDLE SectionHandle, michael@0: IN ACCESS_MASK DesiredAccess, michael@0: IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, michael@0: IN PLARGE_INTEGER MaximumSize OPTIONAL, michael@0: IN ULONG SectionPageProtection, michael@0: IN ULONG AllocationAttributes, michael@0: IN HANDLE FileHandle OPTIONAL); michael@0: michael@0: typedef ULONG SECTION_INHERIT; michael@0: #define ViewShare 1 michael@0: #define ViewUnmap 2 michael@0: michael@0: typedef NTSTATUS (WINAPI *NtMapViewOfSectionFunction)( michael@0: IN HANDLE SectionHandle, michael@0: IN HANDLE ProcessHandle, michael@0: IN OUT PVOID *BaseAddress, michael@0: IN ULONG_PTR ZeroBits, michael@0: IN SIZE_T CommitSize, michael@0: IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, michael@0: IN OUT PSIZE_T ViewSize, michael@0: IN SECTION_INHERIT InheritDisposition, michael@0: IN ULONG AllocationType, michael@0: IN ULONG Win32Protect); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtUnmapViewOfSectionFunction)( michael@0: IN HANDLE ProcessHandle, michael@0: IN PVOID BaseAddress); michael@0: michael@0: typedef enum _SECTION_INFORMATION_CLASS { michael@0: SectionBasicInformation = 0, michael@0: SectionImageInformation michael@0: } SECTION_INFORMATION_CLASS; michael@0: michael@0: typedef struct _SECTION_BASIC_INFORMATION { michael@0: PVOID BaseAddress; michael@0: ULONG Attributes; michael@0: LARGE_INTEGER Size; michael@0: } SECTION_BASIC_INFORMATION, *PSECTION_BASIC_INFORMATION; michael@0: michael@0: typedef NTSTATUS (WINAPI *NtQuerySectionFunction)( michael@0: IN HANDLE SectionHandle, michael@0: IN SECTION_INFORMATION_CLASS SectionInformationClass, michael@0: OUT PVOID SectionInformation, michael@0: IN SIZE_T SectionInformationLength, michael@0: OUT PSIZE_T ReturnLength OPTIONAL); michael@0: michael@0: // ----------------------------------------------------------------------- michael@0: // Process and Thread michael@0: michael@0: typedef struct _CLIENT_ID { michael@0: PVOID UniqueProcess; michael@0: PVOID UniqueThread; michael@0: } CLIENT_ID, *PCLIENT_ID; michael@0: michael@0: typedef NTSTATUS (WINAPI *NtOpenThreadFunction) ( michael@0: OUT PHANDLE ThreadHandle, michael@0: IN ACCESS_MASK DesiredAccess, michael@0: IN POBJECT_ATTRIBUTES ObjectAttributes, michael@0: IN PCLIENT_ID ClientId); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtOpenProcessFunction) ( michael@0: OUT PHANDLE ProcessHandle, michael@0: IN ACCESS_MASK DesiredAccess, michael@0: IN POBJECT_ATTRIBUTES ObjectAttributes, michael@0: IN PCLIENT_ID ClientId); michael@0: michael@0: typedef enum _NT_THREAD_INFORMATION_CLASS { michael@0: ThreadBasicInformation, michael@0: ThreadTimes, michael@0: ThreadPriority, michael@0: ThreadBasePriority, michael@0: ThreadAffinityMask, michael@0: ThreadImpersonationToken, michael@0: ThreadDescriptorTableEntry, michael@0: ThreadEnableAlignmentFaultFixup, michael@0: ThreadEventPair, michael@0: ThreadQuerySetWin32StartAddress, michael@0: ThreadZeroTlsCell, michael@0: ThreadPerformanceCount, michael@0: ThreadAmILastThread, michael@0: ThreadIdealProcessor, michael@0: ThreadPriorityBoost, michael@0: ThreadSetTlsArrayAddress, michael@0: ThreadIsIoPending, michael@0: ThreadHideFromDebugger michael@0: } NT_THREAD_INFORMATION_CLASS, *PNT_THREAD_INFORMATION_CLASS; michael@0: michael@0: typedef NTSTATUS (WINAPI *NtSetInformationThreadFunction) ( michael@0: IN HANDLE ThreadHandle, michael@0: IN NT_THREAD_INFORMATION_CLASS ThreadInformationClass, michael@0: IN PVOID ThreadInformation, michael@0: IN ULONG ThreadInformationLength); michael@0: michael@0: // Partial definition only: michael@0: typedef enum _PROCESSINFOCLASS { michael@0: ProcessBasicInformation = 0, michael@0: ProcessExecuteFlags = 0x22 michael@0: } PROCESSINFOCLASS; michael@0: michael@0: typedef PVOID PPEB; michael@0: typedef PVOID KPRIORITY; michael@0: michael@0: typedef struct _PROCESS_BASIC_INFORMATION { michael@0: NTSTATUS ExitStatus; michael@0: PPEB PebBaseAddress; michael@0: KAFFINITY AffinityMask; michael@0: KPRIORITY BasePriority; michael@0: ULONG UniqueProcessId; michael@0: ULONG InheritedFromUniqueProcessId; michael@0: } PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION; michael@0: michael@0: typedef NTSTATUS (WINAPI *NtQueryInformationProcessFunction)( michael@0: IN HANDLE ProcessHandle, michael@0: IN PROCESSINFOCLASS ProcessInformationClass, michael@0: OUT PVOID ProcessInformation, michael@0: IN ULONG ProcessInformationLength, michael@0: OUT PULONG ReturnLength OPTIONAL); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtSetInformationProcessFunction)( michael@0: HANDLE ProcessHandle, michael@0: IN PROCESSINFOCLASS ProcessInformationClass, michael@0: IN PVOID ProcessInformation, michael@0: IN ULONG ProcessInformationLength); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtOpenThreadTokenFunction) ( michael@0: IN HANDLE ThreadHandle, michael@0: IN ACCESS_MASK DesiredAccess, michael@0: IN BOOLEAN OpenAsSelf, michael@0: OUT PHANDLE TokenHandle); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtOpenThreadTokenExFunction) ( michael@0: IN HANDLE ThreadHandle, michael@0: IN ACCESS_MASK DesiredAccess, michael@0: IN BOOLEAN OpenAsSelf, michael@0: IN ULONG HandleAttributes, michael@0: OUT PHANDLE TokenHandle); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtOpenProcessTokenFunction) ( michael@0: IN HANDLE ProcessHandle, michael@0: IN ACCESS_MASK DesiredAccess, michael@0: OUT PHANDLE TokenHandle); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtOpenProcessTokenExFunction) ( michael@0: IN HANDLE ProcessHandle, michael@0: IN ACCESS_MASK DesiredAccess, michael@0: IN ULONG HandleAttributes, michael@0: OUT PHANDLE TokenHandle); michael@0: michael@0: typedef NTSTATUS (WINAPI * RtlCreateUserThreadFunction)( michael@0: IN HANDLE Process, michael@0: IN PSECURITY_DESCRIPTOR ThreadSecurityDescriptor, michael@0: IN BOOLEAN CreateSuspended, michael@0: IN ULONG ZeroBits, michael@0: IN SIZE_T MaximumStackSize, michael@0: IN SIZE_T CommittedStackSize, michael@0: IN LPTHREAD_START_ROUTINE StartAddress, michael@0: IN PVOID Parameter, michael@0: OUT PHANDLE Thread, michael@0: OUT PCLIENT_ID ClientId); michael@0: michael@0: // ----------------------------------------------------------------------- michael@0: // Registry michael@0: michael@0: typedef NTSTATUS (WINAPI *NtCreateKeyFunction)( michael@0: OUT PHANDLE KeyHandle, michael@0: IN ACCESS_MASK DesiredAccess, michael@0: IN POBJECT_ATTRIBUTES ObjectAttributes, michael@0: IN ULONG TitleIndex, michael@0: IN PUNICODE_STRING Class OPTIONAL, michael@0: IN ULONG CreateOptions, michael@0: OUT PULONG Disposition OPTIONAL); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtOpenKeyFunction)( michael@0: OUT PHANDLE KeyHandle, michael@0: IN ACCESS_MASK DesiredAccess, michael@0: IN POBJECT_ATTRIBUTES ObjectAttributes); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtOpenKeyExFunction)( michael@0: OUT PHANDLE KeyHandle, michael@0: IN ACCESS_MASK DesiredAccess, michael@0: IN POBJECT_ATTRIBUTES ObjectAttributes, michael@0: IN DWORD open_options); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtDeleteKeyFunction)( michael@0: IN HANDLE KeyHandle); michael@0: michael@0: // ----------------------------------------------------------------------- michael@0: // Memory michael@0: michael@0: // Don't really need this structure right now. michael@0: typedef PVOID PRTL_HEAP_PARAMETERS; michael@0: michael@0: typedef PVOID (WINAPI *RtlCreateHeapFunction)( michael@0: IN ULONG Flags, michael@0: IN PVOID HeapBase OPTIONAL, michael@0: IN SIZE_T ReserveSize OPTIONAL, michael@0: IN SIZE_T CommitSize OPTIONAL, michael@0: IN PVOID Lock OPTIONAL, michael@0: IN PRTL_HEAP_PARAMETERS Parameters OPTIONAL); michael@0: michael@0: typedef PVOID (WINAPI *RtlDestroyHeapFunction)( michael@0: IN PVOID HeapHandle); michael@0: michael@0: typedef PVOID (WINAPI *RtlAllocateHeapFunction)( michael@0: IN PVOID HeapHandle, michael@0: IN ULONG Flags, michael@0: IN SIZE_T Size); michael@0: michael@0: typedef BOOLEAN (WINAPI *RtlFreeHeapFunction)( michael@0: IN PVOID HeapHandle, michael@0: IN ULONG Flags, michael@0: IN PVOID HeapBase); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtAllocateVirtualMemoryFunction) ( michael@0: IN HANDLE ProcessHandle, michael@0: IN OUT PVOID *BaseAddress, michael@0: IN ULONG_PTR ZeroBits, michael@0: IN OUT PSIZE_T RegionSize, michael@0: IN ULONG AllocationType, michael@0: IN ULONG Protect); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtFreeVirtualMemoryFunction) ( michael@0: IN HANDLE ProcessHandle, michael@0: IN OUT PVOID *BaseAddress, michael@0: IN OUT PSIZE_T RegionSize, michael@0: IN ULONG FreeType); michael@0: michael@0: typedef enum _MEMORY_INFORMATION_CLASS { michael@0: MemoryBasicInformation = 0, michael@0: MemoryWorkingSetList, michael@0: MemorySectionName, michael@0: MemoryBasicVlmInformation michael@0: } MEMORY_INFORMATION_CLASS; michael@0: michael@0: typedef struct _MEMORY_SECTION_NAME { // Information Class 2 michael@0: UNICODE_STRING SectionFileName; michael@0: } MEMORY_SECTION_NAME, *PMEMORY_SECTION_NAME; michael@0: michael@0: typedef NTSTATUS (WINAPI *NtQueryVirtualMemoryFunction)( michael@0: IN HANDLE ProcessHandle, michael@0: IN PVOID BaseAddress, michael@0: IN MEMORY_INFORMATION_CLASS MemoryInformationClass, michael@0: OUT PVOID MemoryInformation, michael@0: IN ULONG MemoryInformationLength, michael@0: OUT PULONG ReturnLength OPTIONAL); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtProtectVirtualMemoryFunction)( michael@0: IN HANDLE ProcessHandle, michael@0: IN OUT PVOID* BaseAddress, michael@0: IN OUT PSIZE_T ProtectSize, michael@0: IN ULONG NewProtect, michael@0: OUT PULONG OldProtect); michael@0: michael@0: // ----------------------------------------------------------------------- michael@0: // Objects michael@0: michael@0: typedef enum _OBJECT_INFORMATION_CLASS { michael@0: ObjectBasicInformation, michael@0: ObjectNameInformation, michael@0: ObjectTypeInformation, michael@0: ObjectAllInformation, michael@0: ObjectDataInformation michael@0: } OBJECT_INFORMATION_CLASS, *POBJECT_INFORMATION_CLASS; michael@0: michael@0: typedef struct _OBJDIR_INFORMATION { michael@0: UNICODE_STRING ObjectName; michael@0: UNICODE_STRING ObjectTypeName; michael@0: BYTE Data[1]; michael@0: } OBJDIR_INFORMATION; michael@0: michael@0: typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION { michael@0: ULONG Attributes; michael@0: ACCESS_MASK GrantedAccess; michael@0: ULONG HandleCount; michael@0: ULONG PointerCount; michael@0: ULONG Reserved[10]; // reserved for internal use michael@0: } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION; michael@0: michael@0: typedef struct __PUBLIC_OBJECT_TYPE_INFORMATION { michael@0: UNICODE_STRING TypeName; michael@0: ULONG Reserved[22]; // reserved for internal use michael@0: } PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION; michael@0: michael@0: typedef enum _POOL_TYPE { michael@0: NonPagedPool, michael@0: PagedPool, michael@0: NonPagedPoolMustSucceed, michael@0: ReservedType, michael@0: NonPagedPoolCacheAligned, michael@0: PagedPoolCacheAligned, michael@0: NonPagedPoolCacheAlignedMustS michael@0: } POOL_TYPE; michael@0: michael@0: typedef struct _OBJECT_BASIC_INFORMATION { michael@0: ULONG Attributes; michael@0: ACCESS_MASK GrantedAccess; michael@0: ULONG HandleCount; michael@0: ULONG PointerCount; michael@0: ULONG PagedPoolUsage; michael@0: ULONG NonPagedPoolUsage; michael@0: ULONG Reserved[3]; michael@0: ULONG NameInformationLength; michael@0: ULONG TypeInformationLength; michael@0: ULONG SecurityDescriptorLength; michael@0: LARGE_INTEGER CreateTime; michael@0: } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION; michael@0: michael@0: typedef struct _OBJECT_TYPE_INFORMATION { michael@0: UNICODE_STRING Name; michael@0: ULONG TotalNumberOfObjects; michael@0: ULONG TotalNumberOfHandles; michael@0: ULONG TotalPagedPoolUsage; michael@0: ULONG TotalNonPagedPoolUsage; michael@0: ULONG TotalNamePoolUsage; michael@0: ULONG TotalHandleTableUsage; michael@0: ULONG HighWaterNumberOfObjects; michael@0: ULONG HighWaterNumberOfHandles; michael@0: ULONG HighWaterPagedPoolUsage; michael@0: ULONG HighWaterNonPagedPoolUsage; michael@0: ULONG HighWaterNamePoolUsage; michael@0: ULONG HighWaterHandleTableUsage; michael@0: ULONG InvalidAttributes; michael@0: GENERIC_MAPPING GenericMapping; michael@0: ULONG ValidAccess; michael@0: BOOLEAN SecurityRequired; michael@0: BOOLEAN MaintainHandleCount; michael@0: USHORT MaintainTypeList; michael@0: POOL_TYPE PoolType; michael@0: ULONG PagedPoolUsage; michael@0: ULONG NonPagedPoolUsage; michael@0: } OBJECT_TYPE_INFORMATION, *POBJECT_TYPE_INFORMATION; michael@0: michael@0: typedef enum _SYSTEM_INFORMATION_CLASS { michael@0: SystemHandleInformation = 16 michael@0: } SYSTEM_INFORMATION_CLASS; michael@0: michael@0: typedef struct _SYSTEM_HANDLE_INFORMATION { michael@0: USHORT ProcessId; michael@0: USHORT CreatorBackTraceIndex; michael@0: UCHAR ObjectTypeNumber; michael@0: UCHAR Flags; michael@0: USHORT Handle; michael@0: PVOID Object; michael@0: ACCESS_MASK GrantedAccess; michael@0: } SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION; michael@0: michael@0: typedef struct _SYSTEM_HANDLE_INFORMATION_EX { michael@0: ULONG NumberOfHandles; michael@0: SYSTEM_HANDLE_INFORMATION Information[1]; michael@0: } SYSTEM_HANDLE_INFORMATION_EX, *PSYSTEM_HANDLE_INFORMATION_EX; michael@0: michael@0: typedef struct _OBJECT_NAME_INFORMATION { michael@0: UNICODE_STRING ObjectName; michael@0: } OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION; michael@0: michael@0: typedef NTSTATUS (WINAPI *NtQueryObjectFunction)( michael@0: IN HANDLE Handle, michael@0: IN OBJECT_INFORMATION_CLASS ObjectInformationClass, michael@0: OUT PVOID ObjectInformation OPTIONAL, michael@0: IN ULONG ObjectInformationLength, michael@0: OUT PULONG ReturnLength OPTIONAL); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtDuplicateObjectFunction)( michael@0: IN HANDLE SourceProcess, michael@0: IN HANDLE SourceHandle, michael@0: IN HANDLE TargetProcess, michael@0: OUT PHANDLE TargetHandle, michael@0: IN ACCESS_MASK DesiredAccess, michael@0: IN ULONG Attributes, michael@0: IN ULONG Options); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtSignalAndWaitForSingleObjectFunction)( michael@0: IN HANDLE HandleToSignal, michael@0: IN HANDLE HandleToWait, michael@0: IN BOOLEAN Alertable, michael@0: IN PLARGE_INTEGER Timeout OPTIONAL); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtQuerySystemInformation)( michael@0: IN SYSTEM_INFORMATION_CLASS SystemInformationClass, michael@0: OUT PVOID SystemInformation, michael@0: IN ULONG SystemInformationLength, michael@0: OUT PULONG ReturnLength); michael@0: michael@0: typedef NTSTATUS (WINAPI *NtQueryObject)( michael@0: IN HANDLE Handle, michael@0: IN OBJECT_INFORMATION_CLASS ObjectInformationClass, michael@0: OUT PVOID ObjectInformation, michael@0: IN ULONG ObjectInformationLength, michael@0: OUT PULONG ReturnLength); michael@0: michael@0: // ----------------------------------------------------------------------- michael@0: // Strings michael@0: michael@0: typedef int (__cdecl *_strnicmpFunction)( michael@0: IN const char* _Str1, michael@0: IN const char* _Str2, michael@0: IN size_t _MaxCount); michael@0: michael@0: typedef size_t (__cdecl *strlenFunction)( michael@0: IN const char * _Str); michael@0: michael@0: typedef size_t (__cdecl *wcslenFunction)( michael@0: IN const wchar_t* _Str); michael@0: michael@0: typedef NTSTATUS (WINAPI *RtlAnsiStringToUnicodeStringFunction)( michael@0: IN OUT PUNICODE_STRING DestinationString, michael@0: IN PANSI_STRING SourceString, michael@0: IN BOOLEAN AllocateDestinationString); michael@0: michael@0: typedef LONG (WINAPI *RtlCompareUnicodeStringFunction)( michael@0: IN PCUNICODE_STRING String1, michael@0: IN PCUNICODE_STRING String2, michael@0: IN BOOLEAN CaseInSensitive); michael@0: michael@0: typedef VOID (WINAPI *RtlInitUnicodeStringFunction) ( michael@0: IN OUT PUNICODE_STRING DestinationString, michael@0: IN PCWSTR SourceString); michael@0: michael@0: #endif // SANDBOX_WIN_SRC_NT_INTERNALS_H__ michael@0: