ntapi.h

开放源码的编译器open watcom 1.6.0版的源代码

typedef struct _DEBUG_BUFFER {
	HANDLE  SectionHandle;
	PVOID  SectionBase;
	PVOID  RemoteSectionBase;
	ULONG  SectionBaseDelta;
	HANDLE  EventPairHandle;
	ULONG  Unknown[2];
	HANDLE  RemoteThreadHandle;
	ULONG  InfoClassMask;
	ULONG  SizeOfInfo;
	ULONG  AllocatedSize;
	ULONG  SectionSize;
	PVOID  ModuleInformation;
	PVOID  BackTraceInformation;
	PVOID  HeapInformation;
	PVOID  LockInformation;
	PVOID  Reserved[8];
} DEBUG_BUFFER, *PDEBUG_BUFFER;

PDEBUG_BUFFER
NTAPI
RtlCreateQueryDebugBuffer(
  /*IN*/ ULONG  Size,
  /*IN*/ BOOLEAN  EventPair);

/* RtlQueryProcessDebugInformation.DebugInfoClassMask constants */
#define PDI_MODULES                       0x01
#define PDI_BACKTRACE                     0x02
#define PDI_HEAPS                         0x04
#define PDI_HEAP_TAGS                     0x08
#define PDI_HEAP_BLOCKS                   0x10
#define PDI_LOCKS                         0x20

NTSTATUS
NTAPI
RtlQueryProcessDebugInformation(
  /*IN*/ ULONG  ProcessId,
  /*IN*/ ULONG  DebugInfoClassMask,
  /*IN OUT*/ PDEBUG_BUFFER  DebugBuffer);

NTSTATUS
NTAPI
RtlDestroyQueryDebugBuffer(
  /*IN*/ PDEBUG_BUFFER  DebugBuffer);

/* DEBUG_MODULE_INFORMATION.Flags constants */
#define LDRP_STATIC_LINK                  0x00000002
#define LDRP_IMAGE_DLL                    0x00000004
#define LDRP_LOAD_IN_PROGRESS             0x00001000
#define LDRP_UNLOAD_IN_PROGRESS           0x00002000
#define LDRP_ENTRY_PROCESSED              0x00004000
#define LDRP_ENTRY_INSERTED               0x00008000
#define LDRP_CURRENT_LOAD                 0x00010000
#define LDRP_FAILED_BUILTIN_LOAD          0x00020000
#define LDRP_DONT_CALL_FOR_THREADS        0x00040000
#define LDRP_PROCESS_ATTACH_CALLED        0x00080000
#define LDRP_DEBUG_SYMBOLS_LOADED         0x00100000
#define LDRP_IMAGE_NOT_AT_BASE            0x00200000
#define LDRP_WX86_IGNORE_MACHINETYPE      0x00400000

typedef struct _DEBUG_MODULE_INFORMATION {
	ULONG  Reserved[2];
	ULONG  Base;
	ULONG  Size;
	ULONG  Flags;
	USHORT  Index;
	USHORT  Unknown;
	USHORT  LoadCount;
	USHORT  ModuleNameOffset;
	CHAR  ImageName[256];
} DEBUG_MODULE_INFORMATION, *PDEBUG_MODULE_INFORMATION;

typedef struct _DEBUG_HEAP_INFORMATION {
	ULONG  Base;
	ULONG  Flags;
	USHORT  Granularity;
	USHORT  Unknown;
	ULONG  Allocated;
	ULONG  Committed;
	ULONG  TagCount;
	ULONG  BlockCount;
	ULONG  Reserved[7];
	PVOID  Tags;
	PVOID  Blocks;
} DEBUG_HEAP_INFORMATION, *PDEBUG_HEAP_INFORMATION;

typedef struct _DEBUG_LOCK_INFORMATION {
	PVOID  Address;
	USHORT  Type;
	USHORT  CreatorBackTraceIndex;
	ULONG  OwnerThreadId;
	ULONG  ActiveCount;
	ULONG  ContentionCount;
	ULONG  EntryCount;
	ULONG  RecursionCount;
	ULONG  NumberOfSharedWaiters;
	ULONG  NumberOfExclusiveWaiters;
} DEBUG_LOCK_INFORMATION, *PDEBUG_LOCK_INFORMATION;



/* Jobs */

NTOSAPI
NTSTATUS
NTAPI
ZwCreateJobObject(
  /*OUT*/ PHANDLE  JobHandle,
  /*IN*/ ACCESS_MASK  DesiredAccess,
  /*IN*/ POBJECT_ATTRIBUTES  ObjectAttributes);

NTOSAPI
NTSTATUS
NTAPI
ZwOpenJobObject(
  /*OUT*/ PHANDLE  JobHandle,
  /*IN*/ ACCESS_MASK  DesiredAccess,
  /*IN*/ POBJECT_ATTRIBUTES  ObjectAttributes);

NTOSAPI
NTSTATUS
NTAPI
ZwTerminateJobObject(
  /*IN*/ HANDLE  JobHandle,
  /*IN*/ NTSTATUS  ExitStatus);

NTOSAPI
NTSTATUS
NTAPI
ZwAssignProcessToJobObject(
  /*IN*/ HANDLE  JobHandle,
  /*IN*/ HANDLE  ProcessHandle);

NTOSAPI
NTSTATUS
NTAPI
ZwQueryInformationJobObject(
  /*IN*/ HANDLE  JobHandle,
  /*IN*/ JOBOBJECTINFOCLASS  JobInformationClass,
  /*OUT*/ PVOID  JobInformation,
  /*IN*/ ULONG  JobInformationLength,
  /*OUT*/ PULONG  ReturnLength  /*OPTIONAL*/);

NTOSAPI
NTSTATUS
NTAPI
ZwSetInformationJobObject(
  /*IN*/ HANDLE  JobHandle,
  /*IN*/ JOBOBJECTINFOCLASS  JobInformationClass,
  /*IN*/ PVOID  JobInformation,
  /*IN*/ ULONG  JobInformationLength);


/* Tokens */

NTOSAPI
NTSTATUS
NTAPI
ZwCreateToken(
  /*OUT*/ PHANDLE TokenHandle,
  /*IN*/ ACCESS_MASK DesiredAccess,
  /*IN*/ POBJECT_ATTRIBUTES ObjectAttributes,
  /*IN*/ TOKEN_TYPE Type,
  /*IN*/ PLUID AuthenticationId,
  /*IN*/ PLARGE_INTEGER ExpirationTime,
  /*IN*/ PTOKEN_USER User,
  /*IN*/ PTOKEN_GROUPS Groups,
  /*IN*/ PTOKEN_PRIVILEGES Privileges,
  /*IN*/ PTOKEN_OWNER Owner,
  /*IN*/ PTOKEN_PRIMARY_GROUP PrimaryGroup,
  /*IN*/ PTOKEN_DEFAULT_DACL DefaultDacl,
  /*IN*/ PTOKEN_SOURCE Source
);

NTOSAPI
NTSTATUS
NTAPI
NtOpenProcessToken(
  /*IN*/ HANDLE  ProcessHandle,
  /*IN*/ ACCESS_MASK  DesiredAccess,
  /*OUT*/ PHANDLE  TokenHandle);

NTOSAPI
NTSTATUS
NTAPI
ZwOpenProcessToken(
  /*IN*/ HANDLE  ProcessHandle,
  /*IN*/ ACCESS_MASK  DesiredAccess,
  /*OUT*/ PHANDLE  TokenHandle);

NTOSAPI
NTSTATUS
NTAPI
NtOpenThreadToken(
  /*IN*/ HANDLE  ThreadHandle,
  /*IN*/ ACCESS_MASK  DesiredAccess,
  /*IN*/ BOOLEAN  OpenAsSelf,
  /*OUT*/ PHANDLE  TokenHandle);

NTOSAPI
NTSTATUS
NTAPI
ZwOpenThreadToken(
  /*IN*/ HANDLE  ThreadHandle,
  /*IN*/ ACCESS_MASK  DesiredAccess,
  /*IN*/ BOOLEAN  OpenAsSelf,
  /*OUT*/ PHANDLE  TokenHandle);

NTOSAPI
NTSTATUS
NTAPI
NtDuplicateToken(
  /*IN*/ HANDLE  ExistingTokenHandle,
  /*IN*/ ACCESS_MASK  DesiredAccess,
  /*IN*/ POBJECT_ATTRIBUTES  ObjectAttributes,
  /*IN*/ BOOLEAN  EffectiveOnly,
  /*IN*/ TOKEN_TYPE  TokenType,
  /*OUT*/ PHANDLE  NewTokenHandle);

NTOSAPI
NTSTATUS
NTAPI
ZwDuplicateToken(
  /*IN*/ HANDLE  ExistingTokenHandle,
  /*IN*/ ACCESS_MASK  DesiredAccess,
  /*IN*/ POBJECT_ATTRIBUTES  ObjectAttributes,
  /*IN*/ BOOLEAN  EffectiveOnly,
  /*IN*/ TOKEN_TYPE  TokenType,
  /*OUT*/ PHANDLE  NewTokenHandle);

NTOSAPI
NTSTATUS
NTAPI
ZwFilterToken(
  /*IN*/ HANDLE  ExistingTokenHandle,
  /*IN*/ ULONG  Flags,
  /*IN*/ PTOKEN_GROUPS  SidsToDisable,
  /*IN*/ PTOKEN_PRIVILEGES  PrivilegesToDelete,
  /*IN*/ PTOKEN_GROUPS  SidsToRestricted,
  /*OUT*/ PHANDLE  NewTokenHandle);

NTOSAPI
NTSTATUS
NTAPI
NtAdjustPrivilegesToken(
  /*IN*/ HANDLE  TokenHandle,
  /*IN*/ BOOLEAN  DisableAllPrivileges,
  /*IN*/ PTOKEN_PRIVILEGES  NewState,
  /*IN*/ ULONG  BufferLength,
  /*OUT*/ PTOKEN_PRIVILEGES  PreviousState  /*OPTIONAL*/,
  /*OUT*/ PULONG  ReturnLength);

NTOSAPI
NTSTATUS
NTAPI
ZwAdjustPrivilegesToken(
  /*IN*/ HANDLE  TokenHandle,
  /*IN*/ BOOLEAN  DisableAllPrivileges,
  /*IN*/ PTOKEN_PRIVILEGES  NewState,
  /*IN*/ ULONG  BufferLength,
  /*OUT*/ PTOKEN_PRIVILEGES  PreviousState  /*OPTIONAL*/,
  /*OUT*/ PULONG  ReturnLength);

NTOSAPI
NTSTATUS
NTAPI
ZwAdjustGroupsToken(
  /*IN*/ HANDLE  TokenHandle,
  /*IN*/ BOOLEAN  ResetToDefault,
  /*IN*/ PTOKEN_GROUPS  NewState,
  /*IN*/ ULONG  BufferLength,
  /*OUT*/ PTOKEN_GROUPS  PreviousState  /*OPTIONAL*/,
  /*OUT*/ PULONG  ReturnLength);

NTOSAPI
NTSTATUS
NTAPI
NtQueryInformationToken(
  /*IN*/ HANDLE  TokenHandle,
  /*IN*/ TOKEN_INFORMATION_CLASS  TokenInformationClass,
  /*OUT*/ PVOID  TokenInformation,
  /*IN*/ ULONG  TokenInformationLength,
  /*OUT*/ PULONG  ReturnLength);

NTOSAPI
NTSTATUS
NTAPI
ZwQueryInformationToken(
  /*IN*/ HANDLE  TokenHandle,
  /*IN*/ TOKEN_INFORMATION_CLASS  TokenInformationClass,
  /*OUT*/ PVOID  TokenInformation,
  /*IN*/ ULONG  TokenInformationLength,
  /*OUT*/ PULONG  ReturnLength);

NTOSAPI
NTSTATUS
NTAPI
ZwSetInformationToken(
  /*IN*/ HANDLE  TokenHandle,
  /*IN*/ TOKEN_INFORMATION_CLASS  TokenInformationClass,
  /*IN*/ PVOID  TokenInformation,
  /*IN*/ ULONG  TokenInformationLength);




/* Time */

NTOSAPI
NTSTATUS
NTAPI
ZwQuerySystemTime(
  /*OUT*/ PLARGE_INTEGER  CurrentTime);

NTOSAPI
NTSTATUS
NTAPI
ZwSetSystemTime(
  /*IN*/ PLARGE_INTEGER  NewTime,
  /*OUT*/ PLARGE_INTEGER  OldTime  /*OPTIONAL*/);

NTOSAPI
NTSTATUS
NTAPI
ZwQueryPerformanceCounter(
  /*OUT*/ PLARGE_INTEGER  PerformanceCount,
  /*OUT*/ PLARGE_INTEGER  PerformanceFrequency  /*OPTIONAL*/);

NTOSAPI
NTSTATUS
NTAPI
ZwQueryPerformanceCounter(
  /*OUT*/ PLARGE_INTEGER  PerformanceCount,
  /*OUT*/ PLARGE_INTEGER  PerformanceFrequency  /*OPTIONAL*/);

NTOSAPI
NTSTATUS
NTAPI
ZwQueryTimerResolution(
  /*OUT*/ PULONG  CoarsestResolution,
  /*OUT*/ PULONG  FinestResolution,
  /*OUT*/ PULONG  ActualResolution);

NTOSAPI
NTSTATUS
NTAPI
ZwDelayExecution(
  /*IN*/ BOOLEAN  Alertable,
  /*IN*/ PLARGE_INTEGER  Interval);

NTOSAPI
NTSTATUS
NTAPI
ZwYieldExecution(
  VOID);

NTOSAPI
ULONG
NTAPI
ZwGetTickCount(
  VOID);




/* Execution profiling */

NTOSAPI
NTSTATUS
NTAPI
ZwCreateProfile(
  /*OUT*/ PHANDLE  ProfileHandle,
  /*IN*/ HANDLE  ProcessHandle,
  /*IN*/ PVOID  Base,
  /*IN*/ ULONG  Size,
  /*IN*/ ULONG  BucketShift,
  /*IN*/ PULONG  Buffer,
  /*IN*/ ULONG  BufferLength,
  /*IN*/ KPROFILE_SOURCE  Source,
  /*IN*/ ULONG  ProcessorMask);

NTOSAPI
NTSTATUS
NTAPI
ZwSetIntervalProfile(
  /*IN*/ ULONG  Interval,
  /*IN*/ KPROFILE_SOURCE  Source);

NTOSAPI
NTSTATUS
NTAPI
ZwQueryIntervalProfile(
  /*IN*/ KPROFILE_SOURCE  Source,
  /*OUT*/ PULONG  Interval);

NTOSAPI
NTSTATUS
NTAPI
ZwStartProfile(
  /*IN*/ HANDLE  ProfileHandle);

NTOSAPI
NTSTATUS
NTAPI
ZwStopProfile(
  /*IN*/ HANDLE  ProfileHandle);

/* Local Procedure Call (LPC) */

typedef struct _LPC_MESSAGE {
	USHORT  DataSize;
	USHORT  MessageSize;
	USHORT  MessageType;
	USHORT  VirtualRangesOffset;
	CLIENT_ID  ClientId;
	ULONG  MessageId;
	ULONG  SectionSize;
	UCHAR  Data[ANYSIZE_ARRAY];
} LPC_MESSAGE, *PLPC_MESSAGE;

#define LPC_MESSAGE_BASE_SIZE	24

typedef enum _LPC_TYPE {
	LPC_NEW_MESSAGE,
	LPC_REQUEST,
	LPC_REPLY,
	LPC_DATAGRAM,
	LPC_LOST_REPLY,
	LPC_PORT_CLOSED,
	LPC_CLIENT_DIED,
	LPC_EXCEPTION,
	LPC_DEBUG_EVENT,
	LPC_ERROR_EVENT,
	LPC_CONNECTION_REQUEST,
	LPC_CONNECTION_REFUSED,
  LPC_MAXIMUM
} LPC_TYPE;

typedef struct _LPC_SECTION_WRITE {
	ULONG  Length;
	HANDLE  SectionHandle;
	ULONG  SectionOffset;
	ULONG  ViewSize;
	PVOID  ViewBase;
	PVOID  TargetViewBase;
} LPC_SECTION_WRITE, *PLPC_SECTION_WRITE;

typedef struct _LPC_SECTION_READ {
	ULONG  Length;
	ULONG  ViewSize;
	PVOID  ViewBase;
} LPC_SECTION_READ, *PLPC_SECTION_READ;

NTOSAPI
NTSTATUS
NTAPI
ZwCreatePort(
  /*OUT*/ PHANDLE  PortHandle,
  /*IN*/ POBJECT_ATTRIBUTES  ObjectAttributes,
  /*IN*/ ULONG  MaxDataSize,
  /*IN*/ ULONG  MaxMessageSize,
  /*IN*/ ULONG  Reserved);

NTOSAPI
NTSTATUS
NTAPI
ZwCreateWaitablePort(
  /*OUT*/ PHANDLE  PortHandle,
  /*IN*/ POBJECT_ATTRIBUTES  ObjectAttributes,
  /*IN*/ ULONG  MaxDataSize,
  /*IN*/ ULONG  MaxMessageSize,
  /*IN*/ ULONG  Reserved);

NTOSAPI
NTSTATUS
NTAPI
NtConnectPort(
  /*OUT*/ PHANDLE  PortHandle,
  /*IN*/ PUNICODE_STRING  PortName,
  /*IN*/ PSECURITY_QUALITY_OF_SERVICE  SecurityQos,
  /*IN OUT*/ PLPC_SECTION_WRITE  WriteSection  /*OPTIONAL*/,
  /*IN OUT*/ PLPC_SECTION_READ  ReadSection  /*OPTIONAL*/,
  /*OUT*/ PULONG  MaxMessageSize  /*OPTIONAL*/,
  /*IN OUT*/ PVOID  ConnectData  /*OPTIONAL*/,
  /*IN OUT*/ PULONG  ConnectDataLength  /*OPTIONAL*/);

NTOSAPI
NTSTATUS
NTAPI
ZwConnectPort(
  /*OUT*/ PHANDLE  PortHandle,
  /*IN*/ PUNICODE_STRING  PortName,
  /*IN*/ PSECURITY_QUALITY_OF_SERVICE  SecurityQos,
  /*IN OUT*/ PLPC_SECTION_WRITE  WriteSection  /*OPTIONAL*/,
  /*IN OUT*/ PLPC_SECTION_READ  ReadSection  /*OPTIONAL*/,
  /*OUT*/ PULONG  MaxMessageSize  /*OPTIONAL*/,
  /*IN OUT*/ PVOID  ConnectData  /*OPTIONAL*/,
  /*IN OUT*/ PULONG  ConnectDataLength  /*OPTIONAL*/);

NTOSAPI
NTSTATUS
NTAPI
ZwConnectPort(
  /*OUT*/ PHANDLE  PortHandle,
  /*IN*/ PUNICODE_STRING  PortName,
  /*IN*/ PSECURITY_QUALITY_OF_SERVICE  SecurityQos,
  /*IN OUT*/ PLPC_SECTION_WRITE  WriteSection  /*OPTIONAL*/,
  /*IN OUT*/ PLPC_SECTION_READ  ReadSection  /*OPTIONAL*/,
  /*OUT*/ PULONG  MaxMessageSize  /*OPTIONAL*/,
  /*IN OUT*/ PVOID  ConnectData  /*OPTIONAL*/,
  /*IN OUT*/ PULONG  ConnectDataLength  /*OPTIONAL*/);

NTOSAPI