search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Roll src/third_party/WebKit e0eac24:489c548 (svn 193311:193320)
[chromium-blink-merge.git] / sandbox / win / src / nt_internals.h
blob45511a1f98a16bcaa0f0e89811ff659387697634
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 // This file holds definitions related to the ntdll API.
6
7 #ifndef SANDBOX_WIN_SRC_NT_INTERNALS_H__
8 #define SANDBOX_WIN_SRC_NT_INTERNALS_H__
9
10 #include <windows.h>
11
12 typedef LONG NTSTATUS;
13 #define NT_SUCCESS(st) (st >= 0)
14
15 #define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
16 #define STATUS_BUFFER_OVERFLOW ((NTSTATUS)0x80000005L)
17 #define STATUS_UNSUCCESSFUL ((NTSTATUS)0xC0000001L)
18 #define STATUS_NOT_IMPLEMENTED ((NTSTATUS)0xC0000002L)
19 #define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004L)
20 #ifndef STATUS_INVALID_PARAMETER
21 // It is now defined in Windows 2008 SDK.
22 #define STATUS_INVALID_PARAMETER ((NTSTATUS)0xC000000DL)
23 #endif
24 #define STATUS_CONFLICTING_ADDRESSES ((NTSTATUS)0xC0000018L)
25 #define STATUS_ACCESS_DENIED ((NTSTATUS)0xC0000022L)
26 #define STATUS_BUFFER_TOO_SMALL ((NTSTATUS)0xC0000023L)
27 #define STATUS_OBJECT_NAME_NOT_FOUND ((NTSTATUS)0xC0000034L)
28 #define STATUS_OBJECT_NAME_COLLISION ((NTSTATUS)0xC0000035L)
29 #define STATUS_PROCEDURE_NOT_FOUND ((NTSTATUS)0xC000007AL)
30 #define STATUS_INVALID_IMAGE_FORMAT ((NTSTATUS)0xC000007BL)
31 #define STATUS_NO_TOKEN ((NTSTATUS)0xC000007CL)
32
33 #define CURRENT_PROCESS ((HANDLE) -1)
34 #define CURRENT_THREAD ((HANDLE) -2)
35 #define NtCurrentProcess CURRENT_PROCESS
36
37 typedef struct _UNICODE_STRING {
38 USHORT Length;
39 USHORT MaximumLength;
40 PWSTR Buffer;
41 } UNICODE_STRING;
42 typedef UNICODE_STRING *PUNICODE_STRING;
43 typedef const UNICODE_STRING *PCUNICODE_STRING;
44
45 typedef struct _STRING {
46 USHORT Length;
47 USHORT MaximumLength;
48 PCHAR Buffer;
49 } STRING;
50 typedef STRING *PSTRING;
51
52 typedef STRING ANSI_STRING;
53 typedef PSTRING PANSI_STRING;
54 typedef CONST PSTRING PCANSI_STRING;
55
56 typedef STRING OEM_STRING;
57 typedef PSTRING POEM_STRING;
58 typedef CONST STRING* PCOEM_STRING;
59
60 #define OBJ_CASE_INSENSITIVE 0x00000040L
61
62 typedef struct _OBJECT_ATTRIBUTES {
63 ULONG Length;
64 HANDLE RootDirectory;
65 PUNICODE_STRING ObjectName;
66 ULONG Attributes;
67 PVOID SecurityDescriptor;
68 PVOID SecurityQualityOfService;
69 } OBJECT_ATTRIBUTES;
70 typedef OBJECT_ATTRIBUTES *POBJECT_ATTRIBUTES;
71
72 #define InitializeObjectAttributes(p, n, a, r, s) { \
73 (p)->Length = sizeof(OBJECT_ATTRIBUTES);\
74 (p)->RootDirectory = r;\
75 (p)->Attributes = a;\
76 (p)->ObjectName = n;\
77 (p)->SecurityDescriptor = s;\
78 (p)->SecurityQualityOfService = NULL;\
79 }
80
81 typedef struct _IO_STATUS_BLOCK {
82 union {
83 NTSTATUS Status;
84 PVOID Pointer;
85 };
86 ULONG_PTR Information;
87 } IO_STATUS_BLOCK, *PIO_STATUS_BLOCK;
88
89 // -----------------------------------------------------------------------
90 // File IO
91
92 // Create disposition values.
93
94 #define FILE_SUPERSEDE 0x00000000
95 #define FILE_OPEN 0x00000001
96 #define FILE_CREATE 0x00000002
97 #define FILE_OPEN_IF 0x00000003
98 #define FILE_OVERWRITE 0x00000004
99 #define FILE_OVERWRITE_IF 0x00000005
100 #define FILE_MAXIMUM_DISPOSITION 0x00000005
101
102 // Create/open option flags.
103
104 #define FILE_DIRECTORY_FILE 0x00000001
105 #define FILE_WRITE_THROUGH 0x00000002
106 #define FILE_SEQUENTIAL_ONLY 0x00000004
107 #define FILE_NO_INTERMEDIATE_BUFFERING 0x00000008
108
109 #define FILE_SYNCHRONOUS_IO_ALERT 0x00000010
110 #define FILE_SYNCHRONOUS_IO_NONALERT 0x00000020
111 #define FILE_NON_DIRECTORY_FILE 0x00000040
112 #define FILE_CREATE_TREE_CONNECTION 0x00000080
113
114 #define FILE_COMPLETE_IF_OPLOCKED 0x00000100
115 #define FILE_NO_EA_KNOWLEDGE 0x00000200
116 #define FILE_OPEN_REMOTE_INSTANCE 0x00000400
117 #define FILE_RANDOM_ACCESS 0x00000800
118
119 #define FILE_DELETE_ON_CLOSE 0x00001000
120 #define FILE_OPEN_BY_FILE_ID 0x00002000
121 #define FILE_OPEN_FOR_BACKUP_INTENT 0x00004000
122 #define FILE_NO_COMPRESSION 0x00008000
123
124 #define FILE_RESERVE_OPFILTER 0x00100000
125 #define FILE_OPEN_REPARSE_POINT 0x00200000
126 #define FILE_OPEN_NO_RECALL 0x00400000
127 #define FILE_OPEN_FOR_FREE_SPACE_QUERY 0x00800000
128
129 // Create/open result values. These are the disposition values returned on the
130 // io status information.
131 #define FILE_SUPERSEDED 0x00000000
132 #define FILE_OPENED 0x00000001
133 #define FILE_CREATED 0x00000002
134 #define FILE_OVERWRITTEN 0x00000003
135 #define FILE_EXISTS 0x00000004
136 #define FILE_DOES_NOT_EXIST 0x00000005
137
138 typedef NTSTATUS (WINAPI *NtCreateFileFunction)(
139 OUT PHANDLE FileHandle,
140 IN ACCESS_MASK DesiredAccess,
141 IN POBJECT_ATTRIBUTES ObjectAttributes,
142 OUT PIO_STATUS_BLOCK IoStatusBlock,
143 IN PLARGE_INTEGER AllocationSize OPTIONAL,
144 IN ULONG FileAttributes,
145 IN ULONG ShareAccess,
146 IN ULONG CreateDisposition,
147 IN ULONG CreateOptions,
148 IN PVOID EaBuffer OPTIONAL,
149 IN ULONG EaLength);
150
151 typedef NTSTATUS (WINAPI *NtOpenFileFunction)(
152 OUT PHANDLE FileHandle,
153 IN ACCESS_MASK DesiredAccess,
154 IN POBJECT_ATTRIBUTES ObjectAttributes,
155 OUT PIO_STATUS_BLOCK IoStatusBlock,
156 IN ULONG ShareAccess,
157 IN ULONG OpenOptions);
158
159 typedef NTSTATUS (WINAPI *NtCloseFunction)(
160 IN HANDLE Handle);
161
162 typedef enum _FILE_INFORMATION_CLASS {
163 FileRenameInformation = 10
164 } FILE_INFORMATION_CLASS, *PFILE_INFORMATION_CLASS;
165
166 typedef struct _FILE_RENAME_INFORMATION {
167 BOOLEAN ReplaceIfExists;
168 HANDLE RootDirectory;
169 ULONG FileNameLength;
170 WCHAR FileName[1];
171 } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION;
172
173 typedef NTSTATUS (WINAPI *NtSetInformationFileFunction)(
174 IN HANDLE FileHandle,
175 OUT PIO_STATUS_BLOCK IoStatusBlock,
176 IN PVOID FileInformation,
177 IN ULONG Length,
178 IN FILE_INFORMATION_CLASS FileInformationClass);
179
180 typedef struct FILE_BASIC_INFORMATION {
181 LARGE_INTEGER CreationTime;
182 LARGE_INTEGER LastAccessTime;
183 LARGE_INTEGER LastWriteTime;
184 LARGE_INTEGER ChangeTime;
185 ULONG FileAttributes;
186 } FILE_BASIC_INFORMATION, *PFILE_BASIC_INFORMATION;
187
188 typedef NTSTATUS (WINAPI *NtQueryAttributesFileFunction)(
189 IN POBJECT_ATTRIBUTES ObjectAttributes,
190 OUT PFILE_BASIC_INFORMATION FileAttributes);
191
192 typedef struct _FILE_NETWORK_OPEN_INFORMATION {
193 LARGE_INTEGER CreationTime;
194 LARGE_INTEGER LastAccessTime;
195 LARGE_INTEGER LastWriteTime;
196 LARGE_INTEGER ChangeTime;
197 LARGE_INTEGER AllocationSize;
198 LARGE_INTEGER EndOfFile;
199 ULONG FileAttributes;
200 } FILE_NETWORK_OPEN_INFORMATION, *PFILE_NETWORK_OPEN_INFORMATION;
201
202 typedef NTSTATUS (WINAPI *NtQueryFullAttributesFileFunction)(
203 IN POBJECT_ATTRIBUTES ObjectAttributes,
204 OUT PFILE_NETWORK_OPEN_INFORMATION FileAttributes);
205
206 // -----------------------------------------------------------------------
207 // Sections
208
209 typedef NTSTATUS (WINAPI *NtCreateSectionFunction)(
210 OUT PHANDLE SectionHandle,
211 IN ACCESS_MASK DesiredAccess,
212 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
213 IN PLARGE_INTEGER MaximumSize OPTIONAL,
214 IN ULONG SectionPageProtection,
215 IN ULONG AllocationAttributes,
216 IN HANDLE FileHandle OPTIONAL);
217
218 typedef ULONG SECTION_INHERIT;
219 #define ViewShare 1
220 #define ViewUnmap 2
221
222 typedef NTSTATUS (WINAPI *NtMapViewOfSectionFunction)(
223 IN HANDLE SectionHandle,
224 IN HANDLE ProcessHandle,
225 IN OUT PVOID *BaseAddress,
226 IN ULONG_PTR ZeroBits,
227 IN SIZE_T CommitSize,
228 IN OUT PLARGE_INTEGER SectionOffset OPTIONAL,
229 IN OUT PSIZE_T ViewSize,
230 IN SECTION_INHERIT InheritDisposition,
231 IN ULONG AllocationType,
232 IN ULONG Win32Protect);
233
234 typedef NTSTATUS (WINAPI *NtUnmapViewOfSectionFunction)(
235 IN HANDLE ProcessHandle,
236 IN PVOID BaseAddress);
237
238 typedef enum _SECTION_INFORMATION_CLASS {
239 SectionBasicInformation = 0,
240 SectionImageInformation
241 } SECTION_INFORMATION_CLASS;
242
243 typedef struct _SECTION_BASIC_INFORMATION {
244 PVOID BaseAddress;
245 ULONG Attributes;
246 LARGE_INTEGER Size;
247 } SECTION_BASIC_INFORMATION, *PSECTION_BASIC_INFORMATION;
248
249 typedef NTSTATUS (WINAPI *NtQuerySectionFunction)(
250 IN HANDLE SectionHandle,
251 IN SECTION_INFORMATION_CLASS SectionInformationClass,
252 OUT PVOID SectionInformation,
253 IN SIZE_T SectionInformationLength,
254 OUT PSIZE_T ReturnLength OPTIONAL);
255
256 // -----------------------------------------------------------------------
257 // Process and Thread
258
259 typedef struct _CLIENT_ID {
260 PVOID UniqueProcess;
261 PVOID UniqueThread;
262 } CLIENT_ID, *PCLIENT_ID;
263
264 typedef NTSTATUS (WINAPI *NtOpenThreadFunction) (
265 OUT PHANDLE ThreadHandle,
266 IN ACCESS_MASK DesiredAccess,
267 IN POBJECT_ATTRIBUTES ObjectAttributes,
268 IN PCLIENT_ID ClientId);
269
270 typedef NTSTATUS (WINAPI *NtOpenProcessFunction) (
271 OUT PHANDLE ProcessHandle,
272 IN ACCESS_MASK DesiredAccess,
273 IN POBJECT_ATTRIBUTES ObjectAttributes,
274 IN PCLIENT_ID ClientId);
275
276 typedef enum _NT_THREAD_INFORMATION_CLASS {
277 ThreadBasicInformation,
278 ThreadTimes,
279 ThreadPriority,
280 ThreadBasePriority,
281 ThreadAffinityMask,
282 ThreadImpersonationToken,
283 ThreadDescriptorTableEntry,
284 ThreadEnableAlignmentFaultFixup,
285 ThreadEventPair,
286 ThreadQuerySetWin32StartAddress,
287 ThreadZeroTlsCell,
288 ThreadPerformanceCount,
289 ThreadAmILastThread,
290 ThreadIdealProcessor,
291 ThreadPriorityBoost,
292 ThreadSetTlsArrayAddress,
293 ThreadIsIoPending,
294 ThreadHideFromDebugger
295 } NT_THREAD_INFORMATION_CLASS, *PNT_THREAD_INFORMATION_CLASS;
296
297 typedef NTSTATUS (WINAPI *NtSetInformationThreadFunction) (
298 IN HANDLE ThreadHandle,
299 IN NT_THREAD_INFORMATION_CLASS ThreadInformationClass,
300 IN PVOID ThreadInformation,
301 IN ULONG ThreadInformationLength);
302
303 // Partial definition only:
304 typedef enum _PROCESSINFOCLASS {
305 ProcessBasicInformation = 0,
306 ProcessExecuteFlags = 0x22
307 } PROCESSINFOCLASS;
308
309 typedef PVOID PPEB;
310 typedef PVOID KPRIORITY;
311
312 typedef struct _PROCESS_BASIC_INFORMATION {
313 NTSTATUS ExitStatus;
314 PPEB PebBaseAddress;
315 KAFFINITY AffinityMask;
316 KPRIORITY BasePriority;
317 ULONG UniqueProcessId;
318 ULONG InheritedFromUniqueProcessId;
319 } PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION;
320
321 typedef NTSTATUS (WINAPI *NtQueryInformationProcessFunction)(
322 IN HANDLE ProcessHandle,
323 IN PROCESSINFOCLASS ProcessInformationClass,
324 OUT PVOID ProcessInformation,
325 IN ULONG ProcessInformationLength,
326 OUT PULONG ReturnLength OPTIONAL);
327
328 typedef NTSTATUS (WINAPI *NtSetInformationProcessFunction)(
329 HANDLE ProcessHandle,
330 IN PROCESSINFOCLASS ProcessInformationClass,
331 IN PVOID ProcessInformation,
332 IN ULONG ProcessInformationLength);
333
334 typedef NTSTATUS (WINAPI *NtOpenThreadTokenFunction) (
335 IN HANDLE ThreadHandle,
336 IN ACCESS_MASK DesiredAccess,
337 IN BOOLEAN OpenAsSelf,
338 OUT PHANDLE TokenHandle);
339
340 typedef NTSTATUS (WINAPI *NtOpenThreadTokenExFunction) (
341 IN HANDLE ThreadHandle,
342 IN ACCESS_MASK DesiredAccess,
343 IN BOOLEAN OpenAsSelf,
344 IN ULONG HandleAttributes,
345 OUT PHANDLE TokenHandle);
346
347 typedef NTSTATUS (WINAPI *NtOpenProcessTokenFunction) (
348 IN HANDLE ProcessHandle,
349 IN ACCESS_MASK DesiredAccess,
350 OUT PHANDLE TokenHandle);
351
352 typedef NTSTATUS (WINAPI *NtOpenProcessTokenExFunction) (
353 IN HANDLE ProcessHandle,
354 IN ACCESS_MASK DesiredAccess,
355 IN ULONG HandleAttributes,
356 OUT PHANDLE TokenHandle);
357
358 typedef NTSTATUS (WINAPI * RtlCreateUserThreadFunction)(
359 IN HANDLE Process,
360 IN PSECURITY_DESCRIPTOR ThreadSecurityDescriptor,
361 IN BOOLEAN CreateSuspended,
362 IN ULONG ZeroBits,
363 IN SIZE_T MaximumStackSize,
364 IN SIZE_T CommittedStackSize,
365 IN LPTHREAD_START_ROUTINE StartAddress,
366 IN PVOID Parameter,
367 OUT PHANDLE Thread,
368 OUT PCLIENT_ID ClientId);
369
370 // -----------------------------------------------------------------------
371 // Registry
372
373 typedef NTSTATUS (WINAPI *NtCreateKeyFunction)(
374 OUT PHANDLE KeyHandle,
375 IN ACCESS_MASK DesiredAccess,
376 IN POBJECT_ATTRIBUTES ObjectAttributes,
377 IN ULONG TitleIndex,
378 IN PUNICODE_STRING Class OPTIONAL,
379 IN ULONG CreateOptions,
380 OUT PULONG Disposition OPTIONAL);
381
382 typedef NTSTATUS (WINAPI *NtOpenKeyFunction)(
383 OUT PHANDLE KeyHandle,
384 IN ACCESS_MASK DesiredAccess,
385 IN POBJECT_ATTRIBUTES ObjectAttributes);
386
387 typedef NTSTATUS (WINAPI *NtOpenKeyExFunction)(
388 OUT PHANDLE KeyHandle,
389 IN ACCESS_MASK DesiredAccess,
390 IN POBJECT_ATTRIBUTES ObjectAttributes,
391 IN DWORD open_options);
392
393 typedef NTSTATUS (WINAPI *NtDeleteKeyFunction)(
394 IN HANDLE KeyHandle);
395
396 // -----------------------------------------------------------------------
397 // Memory
398
399 // Don't really need this structure right now.
400 typedef PVOID PRTL_HEAP_PARAMETERS;
401
402 typedef PVOID (WINAPI *RtlCreateHeapFunction)(
403 IN ULONG Flags,
404 IN PVOID HeapBase OPTIONAL,
405 IN SIZE_T ReserveSize OPTIONAL,
406 IN SIZE_T CommitSize OPTIONAL,
407 IN PVOID Lock OPTIONAL,
408 IN PRTL_HEAP_PARAMETERS Parameters OPTIONAL);
409
410 typedef PVOID (WINAPI *RtlDestroyHeapFunction)(
411 IN PVOID HeapHandle);
412
413 typedef PVOID (WINAPI *RtlAllocateHeapFunction)(
414 IN PVOID HeapHandle,
415 IN ULONG Flags,
416 IN SIZE_T Size);
417
418 typedef BOOLEAN (WINAPI *RtlFreeHeapFunction)(
419 IN PVOID HeapHandle,
420 IN ULONG Flags,
421 IN PVOID HeapBase);
422
423 typedef NTSTATUS (WINAPI *NtAllocateVirtualMemoryFunction) (
424 IN HANDLE ProcessHandle,
425 IN OUT PVOID *BaseAddress,
426 IN ULONG_PTR ZeroBits,
427 IN OUT PSIZE_T RegionSize,
428 IN ULONG AllocationType,
429 IN ULONG Protect);
430
431 typedef NTSTATUS (WINAPI *NtFreeVirtualMemoryFunction) (
432 IN HANDLE ProcessHandle,
433 IN OUT PVOID *BaseAddress,
434 IN OUT PSIZE_T RegionSize,
435 IN ULONG FreeType);
436
437 typedef enum _MEMORY_INFORMATION_CLASS {
438 MemoryBasicInformation = 0,
439 MemoryWorkingSetList,
440 MemorySectionName,
441 MemoryBasicVlmInformation
442 } MEMORY_INFORMATION_CLASS;
443
444 typedef struct _MEMORY_SECTION_NAME { // Information Class 2
445 UNICODE_STRING SectionFileName;
446 } MEMORY_SECTION_NAME, *PMEMORY_SECTION_NAME;
447
448 typedef NTSTATUS (WINAPI *NtQueryVirtualMemoryFunction)(
449 IN HANDLE ProcessHandle,
450 IN PVOID BaseAddress,
451 IN MEMORY_INFORMATION_CLASS MemoryInformationClass,
452 OUT PVOID MemoryInformation,
453 IN SIZE_T MemoryInformationLength,
454 OUT PSIZE_T ReturnLength OPTIONAL);
455
456 typedef NTSTATUS (WINAPI *NtProtectVirtualMemoryFunction)(
457 IN HANDLE ProcessHandle,
458 IN OUT PVOID* BaseAddress,
459 IN OUT PSIZE_T ProtectSize,
460 IN ULONG NewProtect,
461 OUT PULONG OldProtect);
462
463 // -----------------------------------------------------------------------
464 // Objects
465
466 typedef enum _OBJECT_INFORMATION_CLASS {
467 ObjectBasicInformation,
468 ObjectNameInformation,
469 ObjectTypeInformation,
470 ObjectAllInformation,
471 ObjectDataInformation
472 } OBJECT_INFORMATION_CLASS, *POBJECT_INFORMATION_CLASS;
473
474 typedef struct _OBJDIR_INFORMATION {
475 UNICODE_STRING ObjectName;
476 UNICODE_STRING ObjectTypeName;
477 BYTE Data[1];
478 } OBJDIR_INFORMATION;
479
480 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
481 ULONG Attributes;
482 ACCESS_MASK GrantedAccess;
483 ULONG HandleCount;
484 ULONG PointerCount;
485 ULONG Reserved[10]; // reserved for internal use
486 } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;
487
488 typedef struct __PUBLIC_OBJECT_TYPE_INFORMATION {
489 UNICODE_STRING TypeName;
490 ULONG Reserved[22]; // reserved for internal use
491 } PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;
492
493 typedef enum _POOL_TYPE {
494 NonPagedPool,
495 PagedPool,
496 NonPagedPoolMustSucceed,
497 ReservedType,
498 NonPagedPoolCacheAligned,
499 PagedPoolCacheAligned,
500 NonPagedPoolCacheAlignedMustS
501 } POOL_TYPE;
502
503 typedef struct _OBJECT_BASIC_INFORMATION {
504 ULONG Attributes;
505 ACCESS_MASK GrantedAccess;
506 ULONG HandleCount;
507 ULONG PointerCount;
508 ULONG PagedPoolUsage;
509 ULONG NonPagedPoolUsage;
510 ULONG Reserved[3];
511 ULONG NameInformationLength;
512 ULONG TypeInformationLength;
513 ULONG SecurityDescriptorLength;
514 LARGE_INTEGER CreateTime;
515 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
516
517 typedef struct _OBJECT_TYPE_INFORMATION {
518 UNICODE_STRING Name;
519 ULONG TotalNumberOfObjects;
520 ULONG TotalNumberOfHandles;
521 ULONG TotalPagedPoolUsage;
522 ULONG TotalNonPagedPoolUsage;
523 ULONG TotalNamePoolUsage;
524 ULONG TotalHandleTableUsage;
525 ULONG HighWaterNumberOfObjects;
526 ULONG HighWaterNumberOfHandles;
527 ULONG HighWaterPagedPoolUsage;
528 ULONG HighWaterNonPagedPoolUsage;
529 ULONG HighWaterNamePoolUsage;
530 ULONG HighWaterHandleTableUsage;
531 ULONG InvalidAttributes;
532 GENERIC_MAPPING GenericMapping;
533 ULONG ValidAccess;
534 BOOLEAN SecurityRequired;
535 BOOLEAN MaintainHandleCount;
536 USHORT MaintainTypeList;
537 POOL_TYPE PoolType;
538 ULONG PagedPoolUsage;
539 ULONG NonPagedPoolUsage;
540 } OBJECT_TYPE_INFORMATION, *POBJECT_TYPE_INFORMATION;
541
542 typedef enum _SYSTEM_INFORMATION_CLASS {
543 SystemHandleInformation = 16
544 } SYSTEM_INFORMATION_CLASS;
545
546 typedef struct _SYSTEM_HANDLE_INFORMATION {
547 USHORT ProcessId;
548 USHORT CreatorBackTraceIndex;
549 UCHAR ObjectTypeNumber;
550 UCHAR Flags;
551 USHORT Handle;
552 PVOID Object;
553 ACCESS_MASK GrantedAccess;
554 } SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;
555
556 typedef struct _SYSTEM_HANDLE_INFORMATION_EX {
557 ULONG NumberOfHandles;
558 SYSTEM_HANDLE_INFORMATION Information[1];
559 } SYSTEM_HANDLE_INFORMATION_EX, *PSYSTEM_HANDLE_INFORMATION_EX;
560
561 typedef struct _OBJECT_NAME_INFORMATION {
562 UNICODE_STRING ObjectName;
563 } OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION;
564
565 typedef NTSTATUS (WINAPI *NtQueryObjectFunction)(
566 IN HANDLE Handle,
567 IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
568 OUT PVOID ObjectInformation OPTIONAL,
569 IN ULONG ObjectInformationLength,
570 OUT PULONG ReturnLength OPTIONAL);
571
572 typedef NTSTATUS (WINAPI *NtDuplicateObjectFunction)(
573 IN HANDLE SourceProcess,
574 IN HANDLE SourceHandle,
575 IN HANDLE TargetProcess,
576 OUT PHANDLE TargetHandle,
577 IN ACCESS_MASK DesiredAccess,
578 IN ULONG Attributes,
579 IN ULONG Options);
580
581 typedef NTSTATUS (WINAPI *NtSignalAndWaitForSingleObjectFunction)(
582 IN HANDLE HandleToSignal,
583 IN HANDLE HandleToWait,
584 IN BOOLEAN Alertable,
585 IN PLARGE_INTEGER Timeout OPTIONAL);
586
587 typedef NTSTATUS (WINAPI *NtQuerySystemInformation)(
588 IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
589 OUT PVOID SystemInformation,
590 IN ULONG SystemInformationLength,
591 OUT PULONG ReturnLength);
592
593 typedef NTSTATUS (WINAPI *NtQueryObject)(
594 IN HANDLE Handle,
595 IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
596 OUT PVOID ObjectInformation,
597 IN ULONG ObjectInformationLength,
598 OUT PULONG ReturnLength);
599
600 // -----------------------------------------------------------------------
601 // Strings
602
603 typedef int (__cdecl *_strnicmpFunction)(
604 IN const char* _Str1,
605 IN const char* _Str2,
606 IN size_t _MaxCount);
607
608 typedef size_t (__cdecl *strlenFunction)(
609 IN const char * _Str);
610
611 typedef size_t (__cdecl *wcslenFunction)(
612 IN const wchar_t* _Str);
613
614 typedef void* (__cdecl *memcpyFunction)(
615 IN void* dest,
616 IN const void* src,
617 IN size_t count);
618
619 typedef NTSTATUS (WINAPI *RtlAnsiStringToUnicodeStringFunction)(
620 IN OUT PUNICODE_STRING DestinationString,
621 IN PANSI_STRING SourceString,
622 IN BOOLEAN AllocateDestinationString);
623
624 typedef LONG (WINAPI *RtlCompareUnicodeStringFunction)(
625 IN PCUNICODE_STRING String1,
626 IN PCUNICODE_STRING String2,
627 IN BOOLEAN CaseInSensitive);
628
629 typedef VOID (WINAPI *RtlInitUnicodeStringFunction) (
630 IN OUT PUNICODE_STRING DestinationString,
631 IN PCWSTR SourceString);
632
633 typedef enum _EVENT_TYPE {
634 NotificationEvent,
635 SynchronizationEvent
636 } EVENT_TYPE, *PEVENT_TYPE;
637
638 typedef NTSTATUS (WINAPI* NtOpenDirectoryObjectFunction) (
639 PHANDLE DirectoryHandle,
640 ACCESS_MASK DesiredAccess,
641 POBJECT_ATTRIBUTES ObjectAttributes);
642
643 typedef NTSTATUS (WINAPI* NtQuerySymbolicLinkObjectFunction) (
644 HANDLE LinkHandle,
645 PUNICODE_STRING LinkTarget,
646 PULONG ReturnedLength);
647
648 typedef NTSTATUS (WINAPI* NtOpenSymbolicLinkObjectFunction) (
649 PHANDLE LinkHandle,
650 ACCESS_MASK DesiredAccess,
651 POBJECT_ATTRIBUTES ObjectAttributes);
652
653 #define DIRECTORY_QUERY 0x0001
654 #define DIRECTORY_TRAVERSE 0x0002
655 #define DIRECTORY_CREATE_OBJECT 0x0004
656 #define DIRECTORY_CREATE_SUBDIRECTORY 0x0008
657 #define DIRECTORY_ALL_ACCESS 0x000F
658
659 typedef NTSTATUS (WINAPI* NtCreateLowBoxToken)(
660 OUT PHANDLE token,
661 IN HANDLE original_handle,
662 IN ACCESS_MASK access,
663 IN POBJECT_ATTRIBUTES object_attribute,
664 IN PSID appcontainer_sid,
665 IN DWORD capabilityCount,
666 IN PSID_AND_ATTRIBUTES capabilities,
667 IN DWORD handle_count,
668 IN PHANDLE handles);
669
670 typedef NTSTATUS(WINAPI *NtSetInformationProcess)(
671 IN HANDLE process_handle,
672 IN ULONG info_class,
673 IN PVOID process_information,
674 IN ULONG information_length);
675
676 struct PROCESS_ACCESS_TOKEN {
677 HANDLE token;
678 HANDLE thread;
679 };
680
681 const unsigned int NtProcessInformationAccessToken = 9;
682
683 #endif // SANDBOX_WIN_SRC_NT_INTERNALS_H__
684