ntddk.inc

这是asm驱动的开发包

comment ^
Module Name:
    ntddk.inc

Abstract:
    This module defines the NT types, constants, and functions that are
    exposed to device drivers.

Author:
    Four-F (four-f@mail.ru)

Last update:
	11-Januar-2005

IMPORTANT:
	Hand made -> Bugs are very possible :(
	Your bug report is very welcome.

Comments:
    Some fields name have been changed because of collision with masm reserved words.
    All such words are prefixed with underscore ('_') symbol.
^

IFNDEF _NTDDK_
_NTDDK_ equ 1

include ntdef.inc
include ntstatus.inc

; +
; The following $IsXxx macros is not a part of original ntdddk.h

$IsImm MACRO Operand:REQ
	IF (OPATTR (Operand)) AND 00000100y
		;; Is an immediate value
        EXITM <-1>
    ELSE
        EXITM <0>
    ENDIF
ENDM

$IsMem MACRO Operand:REQ
	IF (OPATTR (Operand)) AND 00000010y
		;; Is a memory variable or has a relocatable data label
		EXITM <-1>              ;; True
	ELSE
		EXITM <0>               ;; False
	ENDIF
ENDM

$IsReg MACRO Operand:REQ
	IF (OPATTR (Operand)) AND 00010000y
		;; Is a register value
        EXITM <-1>
    ELSE
        EXITM <0>
    ENDIF
ENDM

$IsStack MACRO Operand:REQ
	IF (OPATTR (Operand)) AND 01000000y
		;; relative to SS
        EXITM <-1>
    ELSE
        EXITM <0>
    ENDIF
ENDM

$IsAddr MACRO Operand:REQ
local a
	a = 0

	IF @SizeStr(<Operand>) GT 5		
		IFIDNI <addr >, @SubStr(<Operand>, 1 , 5)
			a = 1
		ENDIF
	ENDIF

	IF a
        EXITM <-1>
    ELSE
        EXITM <0>
    ENDIF
ENDM

; The preceding $IsXxx macros is not a part of original ntdddk.h
; -

IFNDEF PDWORD
	PDWORD				typedef PTR DWORD
ENDIF

; Kernel Mutex Level Numbers (must be globallly assigned within executive)
; The third token in the name is the sub-component name that defines and
; uses the level number.

; Used by Vdm for protecting io simulation structures

MUTEX_LEVEL_VDM_IO       equ 00000001
MUTEX_LEVEL_EX_PROFILE   equ 00000040h

; The LANMAN Redirector uses the file system major function, but defines
; it's own mutex levels.  We can do this safely because we know that the
; local filesystem will never call the remote filesystem and vice versa.

MUTEX_LEVEL_RDR_FILESYS_DATABASE    equ 10100000h
MUTEX_LEVEL_RDR_FILESYS_SECURITY    equ 10100001h

; File System levels.

MUTEX_LEVEL_FILESYSTEM_RAW_VCB      equ 11000006h

; In the NT STREAMS environment, a mutex is used to serialize open, close
; and Scheduler threads executing in a subsystem-parallelized stack.

MUTEX_LEVEL_STREAMS_SUBSYS          equ 11001001h

; Mutex level used by LDT support on x86

MUTEX_LEVEL_PS_LDT                  equ 1F000000h

PsGetCurrentProcess TEXTEQU <IoGetCurrentProcess>
PsGetCurrentThread TEXTEQU <KeGetCurrentThread>

SLIST_HEADER UNION
	Alignment		QWORD				?	; ULONGLONG
	struct
		Next		SINGLE_LIST_ENTRY	<>
		Depth		WORD				?
		Sequence	WORD				?
	ends
SLIST_HEADER ENDS
PSLIST_HEADER typedef ptr SLIST_HEADER

; Kernel definitions that need to be here for forward reference purposes

; Processor modes.

KPROCESSOR_MODE typedef BYTE

;typedef enum _MODE {
	KernelMode	equ 0
	UserMode	equ 1
	MaximumMode	equ 2

; Asynchronous Procedure Call (APC) object

KAPC STRUCT		; sizeof = 030h
	_Type			SWORD		?	; 0000h  (org field name Type)
	_Size			SWORD		?	; 0002h  (org field name Size)
	Spare0			DWORD		?	; 0004h
	Thread			PVOID		?	; 0008h  PTR KTHREAD
	ApcListEntry	LIST_ENTRY <>	; 000Ch
	KernelRoutine	PVOID		?	; 0014h  KiSuspendNop
	RundownRoutine	PVOID		?	; 0018h
	NormalRoutine	PVOID		?	; 001Ch	 KiSuspendThread
	NormalContext	PVOID		?	; 0020h

	; N.B. The following two members MUST be together.

	SystemArgument1	PVOID		?	; 0024h
	SystemArgument2	PVOID		?	; 0028h
	ApcStateIndex	BYTE		?	; 002Ch
	ApcMode			BYTE		?	; 002Dh  KPROCESSOR_MODE
	Inserted		BYTE		?	; 002Eh  BOOLEAN
					db			?	; padding
KAPC ENDS
PKAPC typedef PTR KAPC

; Asynchronous Procedure Call (APC) object

; +
; Define DPC importance.
; LowImportance - Queue DPC at end of target DPC queue.
; MediumImportance - Queue DPC at end of target DPC queue.
; HighImportance - Queue DPC at front of target DPC DPC queue.
;
; If there is currently a DPC active on the target processor, or a DPC
; interrupt has already been requested on the target processor when a
; DPC is queued, then no further action is necessary. The DPC will be
; executed on the target processor when its queue entry is processed.
;
; If there is not a DPC active on the target processor and a DPC interrupt
; has not been requested on the target processor, then the exact treatment
; of the DPC is dependent on whether the host system is a UP system or an
; MP system.
;
; UP system.
;
; If the DPC is of medium or high importance, the current DPC queue depth
; is greater than the maximum target depth, or current DPC request rate is
; less the minimum target rate, then a DPC interrupt is requested on the
; host processor and the DPC will be processed when the interrupt occurs.
; Otherwise, no DPC interupt is requested and the DPC execution will be
; delayed until the DPC queue depth is greater that the target depth or the
; minimum DPC rate is less than the target rate.
;
; MP system.
;
; If the DPC is being queued to another processor and the depth of the DPC
; queue on the target processor is greater than the maximum target depth or
; the DPC is of high importance, then a DPC interrupt is requested on the
; target processor and the DPC will be processed when the interrupt occurs.
; Otherwise, the DPC execution will be delayed on the target processor until
; the DPC queue depth on the target processor is greater that the maximum
; target depth or the minimum DPC rate on the target processor is less than
; the target mimimum rate.
;
; If the DPC is being queued to the current processor and the DPC is not of
; low importance, the current DPC queue depth is greater than the maximum
; target depth, or the minimum DPC rate is less than the minimum target rate,
; then a DPC interrupt is request on the current processor and the DPV will
; be processed whne the interrupt occurs. Otherwise, no DPC interupt is
; requested and the DPC execution will be delayed until the DPC queue depth
; is greater that the target depth or the minimum DPC rate is less than the
; target rate.
; -

;typedef enum _KDPC_IMPORTANCE {
    LowImportance		equ 0
    MediumImportance	equ 1
    HighImportance		equ 2

; Deferred Procedure Call (DPC) object

KDPC STRUCT			; sizeof = 020h
	_Type			SWORD		?	; 0000h  (IO_TYPE_DPC	= 13h) (original name Type)
	Number			BYTE		?	; 0002h
	Importance		BYTE		?	; 0003h
	DpcListEntry	LIST_ENTRY <>	; 0004h
	DeferredRoutine	PVOID		?	; 000Ch
	DeferredContext	PVOID		?	; 0010h
	SystemArgument1	PVOID		?	; 0014h
	SystemArgument2	PVOID		?	; 0018h
	_Lock			PVOID		?	; 001Ch  (original Lock)
KDPC ENDS
PKDPC typedef PTR KDPC

PKIPI_CONTEXT typedef DWORD

; Define interprocessor interrupt performance counters.

KIPI_COUNTS STRUCT
	Freeze				DWORD	?
	Packet				DWORD	?
	DPC					DWORD	?
	APC					DWORD	?
	FlushSingleTb		DWORD	?
	FlushMultipleTb		DWORD	?
	FlushEntireTb		DWORD	?
	GenericCall			DWORD	?
	ChangeColor			DWORD	?
	SweepDcache			DWORD	?
	SweepIcache			DWORD	?
	SweepIcacheRange	DWORD	?
	FlushIoBuffers		DWORD	?
	GratuitousDPC		DWORD	?
KIPI_COUNTS ENDS
PKIPI_COUNTS  typedef ptr KIPI_COUNTS

; +
; I/O system definitions.
;
; Define a Memory Descriptor List (MDL)
;
; An MDL describes pages in a virtual buffer in terms of physical pages.  The
; pages associated with the buffer are described in an array that is allocated
; just after the MDL header structure itself.  In a future compiler this will
; be placed at:
;
;      ULONG Pages[];
;
; Until this declaration is permitted, however, one simply calculates the
; base of the array by adding one to the base MDL pointer:
;
;      Pages = (PULONG) (Mdl + 1);
;
; Notice that while in the context of the subject thread, the base virtual
; address of a buffer mapped by an MDL may be referenced using the following:
;
;      Mdl->StartVa | Mdl->ByteOffset
; -

MDL STRUCT			; sizeof = 01Ch
	Next			PVOID		?	; 0000h  PTR MDL
	_Size			SWORD		?	; 0004h  (original name Size)
	MdlFlags		SWORD		?	; 0006h
	Process			PVOID		?	; 0008h  PTR EPROCESS
	MappedSystemVa	PVOID		?	; 000Ch
	StartVa			PVOID		?	; 0010h
	ByteCount		DWORD		?	; 0014h
	ByteOffset		DWORD		?	; 0018h
MDL ENDS
PMDL typedef PTR MDL

MDL_MAPPED_TO_SYSTEM_VA     equ 0001h
MDL_PAGES_LOCKED            equ 0002h
MDL_SOURCE_IS_NONPAGED_POOL equ 0004h
MDL_ALLOCATED_FIXED_SIZE    equ 0008h
MDL_PARTIAL                 equ 0010h
MDL_PARTIAL_HAS_BEEN_MAPPED equ 0020h
MDL_IO_PAGE_READ            equ 0040h
MDL_WRITE_OPERATION         equ 0080h
MDL_PARENT_MAPPED_SYSTEM_VA equ 0100h
MDL_LOCK_HELD               equ 0200h
MDL_PHYSICAL_VIEW           equ 0400h
MDL_IO_SPACE                equ 0800h
MDL_NETWORK_HEADER          equ 1000h
MDL_MAPPING_CAN_FAIL        equ 2000h
MDL_ALLOCATED_MUST_SUCCEED  equ 4000h

MDL_MAPPING_FLAGS equ MDL_MAPPED_TO_SYSTEM_VA or MDL_PAGES_LOCKED or MDL_SOURCE_IS_NONPAGED_POOL or MDL_PARTIAL_HAS_BEEN_MAPPED or MDL_PARENT_MAPPED_SYSTEM_VA or MDL_LOCK_HELD or MDL_SYSTEM_VA or MDL_IO_SPACE

;  Define an access token from a programmer's viewpoint.  The structure is
;  completely opaque and the programer is only allowed to have pointers
;  to tokens.

PACCESS_TOKEN	typedef	PTR	; winnt

; Pointer to a SECURITY_DESCRIPTOR  opaque data type.

PSECURITY_DESCRIPTOR	typedef	PTR	; winnt

; Define a pointer to the Security ID data type (an opaque data type)

PSID	typedef	PTR	; winnt

ACCESS_MASK	typedef DWORD
PACCESS_MASK typedef PTR ACCESS_MASK

;  The following are masks for the predefined standard access types

DELETE                           equ 00010000h
READ_CONTROL                     equ 00020000h
WRITE_DAC                        equ 00040000h
WRITE_OWNER                      equ 00080000h
SYNCHRONIZE                      equ 00100000h

STANDARD_RIGHTS_REQUIRED         equ 000F0000h

STANDARD_RIGHTS_READ             equ READ_CONTROL
STANDARD_RIGHTS_WRITE            equ READ_CONTROL
STANDARD_RIGHTS_EXECUTE          equ READ_CONTROL

STANDARD_RIGHTS_ALL              equ 001F0000h

SPECIFIC_RIGHTS_ALL              equ 0000FFFFh

; AccessSystemAcl access type

ACCESS_SYSTEM_SECURITY           equ 01000000h

; MaximumAllowed access type

MAXIMUM_ALLOWED                  equ 02000000h

;  These are the generic rights.

GENERIC_READ                     equ 80000000h
GENERIC_WRITE                    equ 40000000h
GENERIC_EXECUTE                  equ 20000000h
GENERIC_ALL                      equ 10000000h

;  Define the generic mapping array.  This is used to denote the
;  mapping of each generic access right to a specific access mask.

GENERIC_MAPPING STRUCT				; sizeof = 010h
	GenericRead		DWORD		?	; 0000h ACCESS_MASK
	GenericWrite	DWORD		?	; 0004h ACCESS_MASK
	GenericExecute	DWORD		?	; 0008h ACCESS_MASK
	GenericAll		DWORD		?	; 000Ch ACCESS_MASK
GENERIC_MAPPING ENDS
PGENERIC_MAPPING typedef PTR GENERIC_MAPPING

;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
;:                                                                    ::
;:                        LUID_AND_ATTRIBUTES                         ::
;:                                                                    ::
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

;#include <pshpack4.h>

LUID_AND_ATTRIBUTES STRUCT		; sizeof = 0Ch
	Luid1		LUID 		<>	; 0000h
	Attributes	DWORD		?	; 0008h
LUID_AND_ATTRIBUTES ENDS
PLUID_AND_ATTRIBUTES typedef PTR LUID_AND_ATTRIBUTES

;#include <poppack.h>

; This is the *current* ACL revision

ACL_REVISION     equ 2
ACL_REVISION_DS  equ 4

; This is the history of ACL revisions.  Add a new one whenever
; ACL_REVISION is updated

ACL_REVISION1   equ 1
ACL_REVISION2   equ 2
MIN_ACL_REVISION equ ACL_REVISION2
ACL_REVISION3   equ 3
ACL_REVISION4   equ 4
MAX_ACL_REVISION equ ACL_REVISION4

ACL STRUCT		; sizeof = 08h
	AclRevision	BYTE		?	; 0000h
	Sbz1		BYTE		?	; 0001h
	AclSize		WORD		?	; 0002h
	AceCount	WORD		?	; 0004h
	Sbz2		WORD		?	; 0006h