search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Record MTU discovery packets in net-internals log.
[chromium-blink-merge.git] / sandbox / win / src / nt_internals.h
blob40b29c6beb3276415bf845b19deb9458bca08a21
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 // This file holds definitions related to the ntdll API.
6
7 #ifndef SANDBOX_WIN_SRC_NT_INTERNALS_H__
8 #define SANDBOX_WIN_SRC_NT_INTERNALS_H__
9
10 #include <windows.h>
11
12 typedef LONG NTSTATUS;
13 #define NT_SUCCESS(st) (st >= 0)
14
15 #define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
16 #define STATUS_BUFFER_OVERFLOW ((NTSTATUS)0x80000005L)
17 #define STATUS_UNSUCCESSFUL ((NTSTATUS)0xC0000001L)
18 #define STATUS_NOT_IMPLEMENTED ((NTSTATUS)0xC0000002L)
19 #define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004L)
20 #ifndef STATUS_INVALID_PARAMETER
21 // It is now defined in Windows 2008 SDK.
22 #define STATUS_INVALID_PARAMETER ((NTSTATUS)0xC000000DL)
23 #endif
24 #define STATUS_CONFLICTING_ADDRESSES ((NTSTATUS)0xC0000018L)
25 #define STATUS_ACCESS_DENIED ((NTSTATUS)0xC0000022L)
26 #define STATUS_BUFFER_TOO_SMALL ((NTSTATUS)0xC0000023L)
27 #define STATUS_OBJECT_NAME_NOT_FOUND ((NTSTATUS)0xC0000034L)
28 #define STATUS_OBJECT_NAME_COLLISION ((NTSTATUS)0xC0000035L)
29 #define STATUS_PROCEDURE_NOT_FOUND ((NTSTATUS)0xC000007AL)
30 #define STATUS_INVALID_IMAGE_FORMAT ((NTSTATUS)0xC000007BL)
31 #define STATUS_NO_TOKEN ((NTSTATUS)0xC000007CL)
32
33 #define CURRENT_PROCESS ((HANDLE) -1)
34 #define CURRENT_THREAD ((HANDLE) -2)
35 #define NtCurrentProcess CURRENT_PROCESS
36
37 typedef struct _UNICODE_STRING {
38 USHORT Length;
39 USHORT MaximumLength;
40 PWSTR Buffer;
41 } UNICODE_STRING;
42 typedef UNICODE_STRING *PUNICODE_STRING;
43 typedef const UNICODE_STRING *PCUNICODE_STRING;
44
45 typedef struct _STRING {
46 USHORT Length;
47 USHORT MaximumLength;
48 PCHAR Buffer;
49 } STRING;
50 typedef STRING *PSTRING;
51
52 typedef STRING ANSI_STRING;
53 typedef PSTRING PANSI_STRING;
54 typedef CONST PSTRING PCANSI_STRING;
55
56 typedef STRING OEM_STRING;
57 typedef PSTRING POEM_STRING;
58 typedef CONST STRING* PCOEM_STRING;
59
60 #define OBJ_CASE_INSENSITIVE 0x00000040L
61 #define OBJ_OPENIF 0x00000080L
62
63 typedef struct _OBJECT_ATTRIBUTES {
64 ULONG Length;
65 HANDLE RootDirectory;
66 PUNICODE_STRING ObjectName;
67 ULONG Attributes;
68 PVOID SecurityDescriptor;
69 PVOID SecurityQualityOfService;
70 } OBJECT_ATTRIBUTES;
71 typedef OBJECT_ATTRIBUTES *POBJECT_ATTRIBUTES;
72
73 #define InitializeObjectAttributes(p, n, a, r, s) { \
74 (p)->Length = sizeof(OBJECT_ATTRIBUTES);\
75 (p)->RootDirectory = r;\
76 (p)->Attributes = a;\
77 (p)->ObjectName = n;\
78 (p)->SecurityDescriptor = s;\
79 (p)->SecurityQualityOfService = NULL;\
80 }
81
82 typedef struct _IO_STATUS_BLOCK {
83 union {
84 NTSTATUS Status;
85 PVOID Pointer;
86 };
87 ULONG_PTR Information;
88 } IO_STATUS_BLOCK, *PIO_STATUS_BLOCK;
89
90 // -----------------------------------------------------------------------
91 // File IO
92
93 // Create disposition values.
94
95 #define FILE_SUPERSEDE 0x00000000
96 #define FILE_OPEN 0x00000001
97 #define FILE_CREATE 0x00000002
98 #define FILE_OPEN_IF 0x00000003
99 #define FILE_OVERWRITE 0x00000004
100 #define FILE_OVERWRITE_IF 0x00000005
101 #define FILE_MAXIMUM_DISPOSITION 0x00000005
102
103 // Create/open option flags.
104
105 #define FILE_DIRECTORY_FILE 0x00000001
106 #define FILE_WRITE_THROUGH 0x00000002
107 #define FILE_SEQUENTIAL_ONLY 0x00000004
108 #define FILE_NO_INTERMEDIATE_BUFFERING 0x00000008
109
110 #define FILE_SYNCHRONOUS_IO_ALERT 0x00000010
111 #define FILE_SYNCHRONOUS_IO_NONALERT 0x00000020
112 #define FILE_NON_DIRECTORY_FILE 0x00000040
113 #define FILE_CREATE_TREE_CONNECTION 0x00000080
114
115 #define FILE_COMPLETE_IF_OPLOCKED 0x00000100
116 #define FILE_NO_EA_KNOWLEDGE 0x00000200
117 #define FILE_OPEN_REMOTE_INSTANCE 0x00000400
118 #define FILE_RANDOM_ACCESS 0x00000800
119
120 #define FILE_DELETE_ON_CLOSE 0x00001000
121 #define FILE_OPEN_BY_FILE_ID 0x00002000
122 #define FILE_OPEN_FOR_BACKUP_INTENT 0x00004000
123 #define FILE_NO_COMPRESSION 0x00008000
124
125 #define FILE_RESERVE_OPFILTER 0x00100000
126 #define FILE_OPEN_REPARSE_POINT 0x00200000
127 #define FILE_OPEN_NO_RECALL 0x00400000
128 #define FILE_OPEN_FOR_FREE_SPACE_QUERY 0x00800000
129
130 // Create/open result values. These are the disposition values returned on the
131 // io status information.
132 #define FILE_SUPERSEDED 0x00000000
133 #define FILE_OPENED 0x00000001
134 #define FILE_CREATED 0x00000002
135 #define FILE_OVERWRITTEN 0x00000003
136 #define FILE_EXISTS 0x00000004
137 #define FILE_DOES_NOT_EXIST 0x00000005
138
139 typedef NTSTATUS (WINAPI *NtCreateFileFunction)(
140 OUT PHANDLE FileHandle,
141 IN ACCESS_MASK DesiredAccess,
142 IN POBJECT_ATTRIBUTES ObjectAttributes,
143 OUT PIO_STATUS_BLOCK IoStatusBlock,
144 IN PLARGE_INTEGER AllocationSize OPTIONAL,
145 IN ULONG FileAttributes,
146 IN ULONG ShareAccess,
147 IN ULONG CreateDisposition,
148 IN ULONG CreateOptions,
149 IN PVOID EaBuffer OPTIONAL,
150 IN ULONG EaLength);
151
152 typedef NTSTATUS (WINAPI *NtOpenFileFunction)(
153 OUT PHANDLE FileHandle,
154 IN ACCESS_MASK DesiredAccess,
155 IN POBJECT_ATTRIBUTES ObjectAttributes,
156 OUT PIO_STATUS_BLOCK IoStatusBlock,
157 IN ULONG ShareAccess,
158 IN ULONG OpenOptions);
159
160 typedef NTSTATUS (WINAPI *NtCloseFunction)(
161 IN HANDLE Handle);
162
163 typedef enum _FILE_INFORMATION_CLASS {
164 FileRenameInformation = 10
165 } FILE_INFORMATION_CLASS, *PFILE_INFORMATION_CLASS;
166
167 typedef struct _FILE_RENAME_INFORMATION {
168 BOOLEAN ReplaceIfExists;
169 HANDLE RootDirectory;
170 ULONG FileNameLength;
171 WCHAR FileName[1];
172 } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION;
173
174 typedef NTSTATUS (WINAPI *NtSetInformationFileFunction)(
175 IN HANDLE FileHandle,
176 OUT PIO_STATUS_BLOCK IoStatusBlock,
177 IN PVOID FileInformation,
178 IN ULONG Length,
179 IN FILE_INFORMATION_CLASS FileInformationClass);
180
181 typedef struct FILE_BASIC_INFORMATION {
182 LARGE_INTEGER CreationTime;
183 LARGE_INTEGER LastAccessTime;
184 LARGE_INTEGER LastWriteTime;
185 LARGE_INTEGER ChangeTime;
186 ULONG FileAttributes;
187 } FILE_BASIC_INFORMATION, *PFILE_BASIC_INFORMATION;
188
189 typedef NTSTATUS (WINAPI *NtQueryAttributesFileFunction)(
190 IN POBJECT_ATTRIBUTES ObjectAttributes,
191 OUT PFILE_BASIC_INFORMATION FileAttributes);
192
193 typedef struct _FILE_NETWORK_OPEN_INFORMATION {
194 LARGE_INTEGER CreationTime;
195 LARGE_INTEGER LastAccessTime;
196 LARGE_INTEGER LastWriteTime;
197 LARGE_INTEGER ChangeTime;
198 LARGE_INTEGER AllocationSize;
199 LARGE_INTEGER EndOfFile;
200 ULONG FileAttributes;
201 } FILE_NETWORK_OPEN_INFORMATION, *PFILE_NETWORK_OPEN_INFORMATION;
202
203 typedef NTSTATUS (WINAPI *NtQueryFullAttributesFileFunction)(
204 IN POBJECT_ATTRIBUTES ObjectAttributes,
205 OUT PFILE_NETWORK_OPEN_INFORMATION FileAttributes);
206
207 // -----------------------------------------------------------------------
208 // Sections
209
210 typedef NTSTATUS (WINAPI *NtCreateSectionFunction)(
211 OUT PHANDLE SectionHandle,
212 IN ACCESS_MASK DesiredAccess,
213 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
214 IN PLARGE_INTEGER MaximumSize OPTIONAL,
215 IN ULONG SectionPageProtection,
216 IN ULONG AllocationAttributes,
217 IN HANDLE FileHandle OPTIONAL);
218
219 typedef ULONG SECTION_INHERIT;
220 #define ViewShare 1
221 #define ViewUnmap 2
222
223 typedef NTSTATUS (WINAPI *NtMapViewOfSectionFunction)(
224 IN HANDLE SectionHandle,
225 IN HANDLE ProcessHandle,
226 IN OUT PVOID *BaseAddress,
227 IN ULONG_PTR ZeroBits,
228 IN SIZE_T CommitSize,
229 IN OUT PLARGE_INTEGER SectionOffset OPTIONAL,
230 IN OUT PSIZE_T ViewSize,
231 IN SECTION_INHERIT InheritDisposition,
232 IN ULONG AllocationType,
233 IN ULONG Win32Protect);
234
235 typedef NTSTATUS (WINAPI *NtUnmapViewOfSectionFunction)(
236 IN HANDLE ProcessHandle,
237 IN PVOID BaseAddress);
238
239 typedef enum _SECTION_INFORMATION_CLASS {
240 SectionBasicInformation = 0,
241 SectionImageInformation
242 } SECTION_INFORMATION_CLASS;
243
244 typedef struct _SECTION_BASIC_INFORMATION {
245 PVOID BaseAddress;
246 ULONG Attributes;
247 LARGE_INTEGER Size;
248 } SECTION_BASIC_INFORMATION, *PSECTION_BASIC_INFORMATION;
249
250 typedef NTSTATUS (WINAPI *NtQuerySectionFunction)(
251 IN HANDLE SectionHandle,
252 IN SECTION_INFORMATION_CLASS SectionInformationClass,
253 OUT PVOID SectionInformation,
254 IN SIZE_T SectionInformationLength,
255 OUT PSIZE_T ReturnLength OPTIONAL);
256
257 // -----------------------------------------------------------------------
258 // Process and Thread
259
260 typedef struct _CLIENT_ID {
261 PVOID UniqueProcess;
262 PVOID UniqueThread;
263 } CLIENT_ID, *PCLIENT_ID;
264
265 typedef NTSTATUS (WINAPI *NtOpenThreadFunction) (
266 OUT PHANDLE ThreadHandle,
267 IN ACCESS_MASK DesiredAccess,
268 IN POBJECT_ATTRIBUTES ObjectAttributes,
269 IN PCLIENT_ID ClientId);
270
271 typedef NTSTATUS (WINAPI *NtOpenProcessFunction) (
272 OUT PHANDLE ProcessHandle,
273 IN ACCESS_MASK DesiredAccess,
274 IN POBJECT_ATTRIBUTES ObjectAttributes,
275 IN PCLIENT_ID ClientId);
276
277 typedef enum _NT_THREAD_INFORMATION_CLASS {
278 ThreadBasicInformation,
279 ThreadTimes,
280 ThreadPriority,
281 ThreadBasePriority,
282 ThreadAffinityMask,
283 ThreadImpersonationToken,
284 ThreadDescriptorTableEntry,
285 ThreadEnableAlignmentFaultFixup,
286 ThreadEventPair,
287 ThreadQuerySetWin32StartAddress,
288 ThreadZeroTlsCell,
289 ThreadPerformanceCount,
290 ThreadAmILastThread,
291 ThreadIdealProcessor,
292 ThreadPriorityBoost,
293 ThreadSetTlsArrayAddress,
294 ThreadIsIoPending,
295 ThreadHideFromDebugger
296 } NT_THREAD_INFORMATION_CLASS, *PNT_THREAD_INFORMATION_CLASS;
297
298 typedef NTSTATUS (WINAPI *NtSetInformationThreadFunction) (
299 IN HANDLE ThreadHandle,
300 IN NT_THREAD_INFORMATION_CLASS ThreadInformationClass,
301 IN PVOID ThreadInformation,
302 IN ULONG ThreadInformationLength);
303
304 // Partial definition only:
305 typedef enum _PROCESSINFOCLASS {
306 ProcessBasicInformation = 0,
307 ProcessExecuteFlags = 0x22
308 } PROCESSINFOCLASS;
309
310 typedef PVOID PPEB;
311 typedef PVOID KPRIORITY;
312
313 typedef struct _PROCESS_BASIC_INFORMATION {
314 NTSTATUS ExitStatus;
315 PPEB PebBaseAddress;
316 KAFFINITY AffinityMask;
317 KPRIORITY BasePriority;
318 ULONG UniqueProcessId;
319 ULONG InheritedFromUniqueProcessId;
320 } PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION;
321
322 typedef NTSTATUS (WINAPI *NtQueryInformationProcessFunction)(
323 IN HANDLE ProcessHandle,
324 IN PROCESSINFOCLASS ProcessInformationClass,
325 OUT PVOID ProcessInformation,
326 IN ULONG ProcessInformationLength,
327 OUT PULONG ReturnLength OPTIONAL);
328
329 typedef NTSTATUS (WINAPI *NtSetInformationProcessFunction)(
330 HANDLE ProcessHandle,
331 IN PROCESSINFOCLASS ProcessInformationClass,
332 IN PVOID ProcessInformation,
333 IN ULONG ProcessInformationLength);
334
335 typedef NTSTATUS (WINAPI *NtOpenThreadTokenFunction) (
336 IN HANDLE ThreadHandle,
337 IN ACCESS_MASK DesiredAccess,
338 IN BOOLEAN OpenAsSelf,
339 OUT PHANDLE TokenHandle);
340
341 typedef NTSTATUS (WINAPI *NtOpenThreadTokenExFunction) (
342 IN HANDLE ThreadHandle,
343 IN ACCESS_MASK DesiredAccess,
344 IN BOOLEAN OpenAsSelf,
345 IN ULONG HandleAttributes,
346 OUT PHANDLE TokenHandle);
347
348 typedef NTSTATUS (WINAPI *NtOpenProcessTokenFunction) (
349 IN HANDLE ProcessHandle,
350 IN ACCESS_MASK DesiredAccess,
351 OUT PHANDLE TokenHandle);
352
353 typedef NTSTATUS (WINAPI *NtOpenProcessTokenExFunction) (
354 IN HANDLE ProcessHandle,
355 IN ACCESS_MASK DesiredAccess,
356 IN ULONG HandleAttributes,
357 OUT PHANDLE TokenHandle);
358
359 typedef NTSTATUS (WINAPI * RtlCreateUserThreadFunction)(
360 IN HANDLE Process,
361 IN PSECURITY_DESCRIPTOR ThreadSecurityDescriptor,
362 IN BOOLEAN CreateSuspended,
363 IN ULONG ZeroBits,
364 IN SIZE_T MaximumStackSize,
365 IN SIZE_T CommittedStackSize,
366 IN LPTHREAD_START_ROUTINE StartAddress,
367 IN PVOID Parameter,
368 OUT PHANDLE Thread,
369 OUT PCLIENT_ID ClientId);
370
371 // -----------------------------------------------------------------------
372 // Registry
373
374 typedef NTSTATUS (WINAPI *NtCreateKeyFunction)(
375 OUT PHANDLE KeyHandle,
376 IN ACCESS_MASK DesiredAccess,
377 IN POBJECT_ATTRIBUTES ObjectAttributes,
378 IN ULONG TitleIndex,
379 IN PUNICODE_STRING Class OPTIONAL,
380 IN ULONG CreateOptions,
381 OUT PULONG Disposition OPTIONAL);
382
383 typedef NTSTATUS (WINAPI *NtOpenKeyFunction)(
384 OUT PHANDLE KeyHandle,
385 IN ACCESS_MASK DesiredAccess,
386 IN POBJECT_ATTRIBUTES ObjectAttributes);
387
388 typedef NTSTATUS (WINAPI *NtOpenKeyExFunction)(
389 OUT PHANDLE KeyHandle,
390 IN ACCESS_MASK DesiredAccess,
391 IN POBJECT_ATTRIBUTES ObjectAttributes,
392 IN DWORD open_options);
393
394 typedef NTSTATUS (WINAPI *NtDeleteKeyFunction)(
395 IN HANDLE KeyHandle);
396
397 // -----------------------------------------------------------------------
398 // Memory
399
400 // Don't really need this structure right now.
401 typedef PVOID PRTL_HEAP_PARAMETERS;
402
403 typedef PVOID (WINAPI *RtlCreateHeapFunction)(
404 IN ULONG Flags,
405 IN PVOID HeapBase OPTIONAL,
406 IN SIZE_T ReserveSize OPTIONAL,
407 IN SIZE_T CommitSize OPTIONAL,
408 IN PVOID Lock OPTIONAL,
409 IN PRTL_HEAP_PARAMETERS Parameters OPTIONAL);
410
411 typedef PVOID (WINAPI *RtlDestroyHeapFunction)(
412 IN PVOID HeapHandle);
413
414 typedef PVOID (WINAPI *RtlAllocateHeapFunction)(
415 IN PVOID HeapHandle,
416 IN ULONG Flags,
417 IN SIZE_T Size);
418
419 typedef BOOLEAN (WINAPI *RtlFreeHeapFunction)(
420 IN PVOID HeapHandle,
421 IN ULONG Flags,
422 IN PVOID HeapBase);
423
424 typedef NTSTATUS (WINAPI *NtAllocateVirtualMemoryFunction) (
425 IN HANDLE ProcessHandle,
426 IN OUT PVOID *BaseAddress,
427 IN ULONG_PTR ZeroBits,
428 IN OUT PSIZE_T RegionSize,
429 IN ULONG AllocationType,
430 IN ULONG Protect);
431
432 typedef NTSTATUS (WINAPI *NtFreeVirtualMemoryFunction) (
433 IN HANDLE ProcessHandle,
434 IN OUT PVOID *BaseAddress,
435 IN OUT PSIZE_T RegionSize,
436 IN ULONG FreeType);
437
438 typedef enum _MEMORY_INFORMATION_CLASS {
439 MemoryBasicInformation = 0,
440 MemoryWorkingSetList,
441 MemorySectionName,
442 MemoryBasicVlmInformation
443 } MEMORY_INFORMATION_CLASS;
444
445 typedef struct _MEMORY_SECTION_NAME { // Information Class 2
446 UNICODE_STRING SectionFileName;
447 } MEMORY_SECTION_NAME, *PMEMORY_SECTION_NAME;
448
449 typedef NTSTATUS (WINAPI *NtQueryVirtualMemoryFunction)(
450 IN HANDLE ProcessHandle,
451 IN PVOID BaseAddress,
452 IN MEMORY_INFORMATION_CLASS MemoryInformationClass,
453 OUT PVOID MemoryInformation,
454 IN SIZE_T MemoryInformationLength,
455 OUT PSIZE_T ReturnLength OPTIONAL);
456
457 typedef NTSTATUS (WINAPI *NtProtectVirtualMemoryFunction)(
458 IN HANDLE ProcessHandle,
459 IN OUT PVOID* BaseAddress,
460 IN OUT PSIZE_T ProtectSize,
461 IN ULONG NewProtect,
462 OUT PULONG OldProtect);
463
464 // -----------------------------------------------------------------------
465 // Objects
466
467 typedef enum _OBJECT_INFORMATION_CLASS {
468 ObjectBasicInformation,
469 ObjectNameInformation,
470 ObjectTypeInformation,
471 ObjectAllInformation,
472 ObjectDataInformation
473 } OBJECT_INFORMATION_CLASS, *POBJECT_INFORMATION_CLASS;
474
475 typedef struct _OBJDIR_INFORMATION {
476 UNICODE_STRING ObjectName;
477 UNICODE_STRING ObjectTypeName;
478 BYTE Data[1];
479 } OBJDIR_INFORMATION;
480
481 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
482 ULONG Attributes;
483 ACCESS_MASK GrantedAccess;
484 ULONG HandleCount;
485 ULONG PointerCount;
486 ULONG Reserved[10]; // reserved for internal use
487 } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;
488
489 typedef struct __PUBLIC_OBJECT_TYPE_INFORMATION {
490 UNICODE_STRING TypeName;
491 ULONG Reserved[22]; // reserved for internal use
492 } PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;
493
494 typedef enum _POOL_TYPE {
495 NonPagedPool,
496 PagedPool,
497 NonPagedPoolMustSucceed,
498 ReservedType,
499 NonPagedPoolCacheAligned,
500 PagedPoolCacheAligned,
501 NonPagedPoolCacheAlignedMustS
502 } POOL_TYPE;
503
504 typedef struct _OBJECT_BASIC_INFORMATION {
505 ULONG Attributes;
506 ACCESS_MASK GrantedAccess;
507 ULONG HandleCount;
508 ULONG PointerCount;
509 ULONG PagedPoolUsage;
510 ULONG NonPagedPoolUsage;
511 ULONG Reserved[3];
512 ULONG NameInformationLength;
513 ULONG TypeInformationLength;
514 ULONG SecurityDescriptorLength;
515 LARGE_INTEGER CreateTime;
516 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
517
518 typedef struct _OBJECT_TYPE_INFORMATION {
519 UNICODE_STRING Name;
520 ULONG TotalNumberOfObjects;
521 ULONG TotalNumberOfHandles;
522 ULONG TotalPagedPoolUsage;
523 ULONG TotalNonPagedPoolUsage;
524 ULONG TotalNamePoolUsage;
525 ULONG TotalHandleTableUsage;
526 ULONG HighWaterNumberOfObjects;
527 ULONG HighWaterNumberOfHandles;
528 ULONG HighWaterPagedPoolUsage;
529 ULONG HighWaterNonPagedPoolUsage;
530 ULONG HighWaterNamePoolUsage;
531 ULONG HighWaterHandleTableUsage;
532 ULONG InvalidAttributes;
533 GENERIC_MAPPING GenericMapping;
534 ULONG ValidAccess;
535 BOOLEAN SecurityRequired;
536 BOOLEAN MaintainHandleCount;
537 USHORT MaintainTypeList;
538 POOL_TYPE PoolType;
539 ULONG PagedPoolUsage;
540 ULONG NonPagedPoolUsage;
541 } OBJECT_TYPE_INFORMATION, *POBJECT_TYPE_INFORMATION;
542
543 typedef enum _SYSTEM_INFORMATION_CLASS {
544 SystemHandleInformation = 16
545 } SYSTEM_INFORMATION_CLASS;
546
547 typedef struct _SYSTEM_HANDLE_INFORMATION {
548 USHORT ProcessId;
549 USHORT CreatorBackTraceIndex;
550 UCHAR ObjectTypeNumber;
551 UCHAR Flags;
552 USHORT Handle;
553 PVOID Object;
554 ACCESS_MASK GrantedAccess;
555 } SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;
556
557 typedef struct _SYSTEM_HANDLE_INFORMATION_EX {
558 ULONG NumberOfHandles;
559 SYSTEM_HANDLE_INFORMATION Information[1];
560 } SYSTEM_HANDLE_INFORMATION_EX, *PSYSTEM_HANDLE_INFORMATION_EX;
561
562 typedef struct _OBJECT_NAME_INFORMATION {
563 UNICODE_STRING ObjectName;
564 } OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION;
565
566 typedef NTSTATUS (WINAPI *NtQueryObjectFunction)(
567 IN HANDLE Handle,
568 IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
569 OUT PVOID ObjectInformation OPTIONAL,
570 IN ULONG ObjectInformationLength,
571 OUT PULONG ReturnLength OPTIONAL);
572
573 typedef NTSTATUS (WINAPI *NtDuplicateObjectFunction)(
574 IN HANDLE SourceProcess,
575 IN HANDLE SourceHandle,
576 IN HANDLE TargetProcess,
577 OUT PHANDLE TargetHandle,
578 IN ACCESS_MASK DesiredAccess,
579 IN ULONG Attributes,
580 IN ULONG Options);
581
582 typedef NTSTATUS (WINAPI *NtSignalAndWaitForSingleObjectFunction)(
583 IN HANDLE HandleToSignal,
584 IN HANDLE HandleToWait,
585 IN BOOLEAN Alertable,
586 IN PLARGE_INTEGER Timeout OPTIONAL);
587
588 typedef NTSTATUS (WINAPI *NtQuerySystemInformation)(
589 IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
590 OUT PVOID SystemInformation,
591 IN ULONG SystemInformationLength,
592 OUT PULONG ReturnLength);
593
594 typedef NTSTATUS (WINAPI *NtQueryObject)(
595 IN HANDLE Handle,
596 IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
597 OUT PVOID ObjectInformation,
598 IN ULONG ObjectInformationLength,
599 OUT PULONG ReturnLength);
600
601 // -----------------------------------------------------------------------
602 // Strings
603
604 typedef int (__cdecl *_strnicmpFunction)(
605 IN const char* _Str1,
606 IN const char* _Str2,
607 IN size_t _MaxCount);
608
609 typedef size_t (__cdecl *strlenFunction)(
610 IN const char * _Str);
611
612 typedef size_t (__cdecl *wcslenFunction)(
613 IN const wchar_t* _Str);
614
615 typedef void* (__cdecl *memcpyFunction)(
616 IN void* dest,
617 IN const void* src,
618 IN size_t count);
619
620 typedef NTSTATUS (WINAPI *RtlAnsiStringToUnicodeStringFunction)(
621 IN OUT PUNICODE_STRING DestinationString,
622 IN PANSI_STRING SourceString,
623 IN BOOLEAN AllocateDestinationString);
624
625 typedef LONG (WINAPI *RtlCompareUnicodeStringFunction)(
626 IN PCUNICODE_STRING String1,
627 IN PCUNICODE_STRING String2,
628 IN BOOLEAN CaseInSensitive);
629
630 typedef VOID (WINAPI *RtlInitUnicodeStringFunction) (
631 IN OUT PUNICODE_STRING DestinationString,
632 IN PCWSTR SourceString);
633
634 typedef enum _EVENT_TYPE {
635 NotificationEvent,
636 SynchronizationEvent
637 } EVENT_TYPE, *PEVENT_TYPE;
638
639 typedef NTSTATUS (WINAPI* NtCreateDirectoryObjectFunction) (
640 PHANDLE DirectoryHandle,
641 ACCESS_MASK DesiredAccess,
642 POBJECT_ATTRIBUTES ObjectAttributes);
643
644 typedef NTSTATUS (WINAPI* NtOpenDirectoryObjectFunction) (
645 PHANDLE DirectoryHandle,
646 ACCESS_MASK DesiredAccess,
647 POBJECT_ATTRIBUTES ObjectAttributes);
648
649 typedef NTSTATUS (WINAPI* NtQuerySymbolicLinkObjectFunction) (
650 HANDLE LinkHandle,
651 PUNICODE_STRING LinkTarget,
652 PULONG ReturnedLength);
653
654 typedef NTSTATUS (WINAPI* NtOpenSymbolicLinkObjectFunction) (
655 PHANDLE LinkHandle,
656 ACCESS_MASK DesiredAccess,
657 POBJECT_ATTRIBUTES ObjectAttributes);
658
659 #define DIRECTORY_QUERY 0x0001
660 #define DIRECTORY_TRAVERSE 0x0002
661 #define DIRECTORY_CREATE_OBJECT 0x0004
662 #define DIRECTORY_CREATE_SUBDIRECTORY 0x0008
663 #define DIRECTORY_ALL_ACCESS 0x000F
664
665 typedef NTSTATUS (WINAPI* NtCreateLowBoxToken)(
666 OUT PHANDLE token,
667 IN HANDLE original_handle,
668 IN ACCESS_MASK access,
669 IN POBJECT_ATTRIBUTES object_attribute,
670 IN PSID appcontainer_sid,
671 IN DWORD capabilityCount,
672 IN PSID_AND_ATTRIBUTES capabilities,
673 IN DWORD handle_count,
674 IN PHANDLE handles);
675
676 typedef NTSTATUS(WINAPI *NtSetInformationProcess)(
677 IN HANDLE process_handle,
678 IN ULONG info_class,
679 IN PVOID process_information,
680 IN ULONG information_length);
681
682 struct PROCESS_ACCESS_TOKEN {
683 HANDLE token;
684 HANDLE thread;
685 };
686
687 const unsigned int NtProcessInformationAccessToken = 9;
688
689 #endif // SANDBOX_WIN_SRC_NT_INTERNALS_H__
690