ntddk.inc

这是asm驱动的开发包

ACL ENDS
PACL typedef PTR ACL

; Current security descriptor revision value

SECURITY_DESCRIPTOR_REVISION	equ 1
SECURITY_DESCRIPTOR_REVISION1	equ 1

; Privilege attributes

SE_PRIVILEGE_ENABLED_BY_DEFAULT equ 00000001
SE_PRIVILEGE_ENABLED            equ 00000002
SE_PRIVILEGE_USED_FOR_ACCESS    equ 80000000h

; Privilege Set Control flags

PRIVILEGE_SET_ALL_NECESSARY    equ 1

; -
;  Privilege Set - This is defined for a privilege set of one.
;                  If more than one privilege is needed, then this structure
;                  will need to be allocated with more space.
;
;  Note: don't change this structure without fixing the INITIAL_PRIVILEGE_SET
;  structure (defined in se.h)
; -

PRIVILEGE_SET STRUCT		; sizeof = 014h
	PrivilegeCount	DWORD		?	; 0000h
	Control			DWORD		?	; 0004h
	Privilege		LUID_AND_ATTRIBUTES	1 dup(<>)	; 0008h
PRIVILEGE_SET ENDS
PPRIVILEGE_SET typedef PTR PRIVILEGE_SET

; These must be converted to LUIDs before use.

SE_MIN_WELL_KNOWN_PRIVILEGE       equ 2
SE_CREATE_TOKEN_PRIVILEGE         equ 2
SE_ASSIGNPRIMARYTOKEN_PRIVILEGE   equ 3
SE_LOCK_MEMORY_PRIVILEGE          equ 4
SE_INCREASE_QUOTA_PRIVILEGE       equ 5

; Unsolicited Input is obsolete and unused.

SE_UNSOLICITED_INPUT_PRIVILEGE    equ 6

SE_MACHINE_ACCOUNT_PRIVILEGE      equ 6
SE_TCB_PRIVILEGE                  equ 7
SE_SECURITY_PRIVILEGE             equ 8
SE_TAKE_OWNERSHIP_PRIVILEGE       equ 9
SE_LOAD_DRIVER_PRIVILEGE          equ 10
SE_SYSTEM_PROFILE_PRIVILEGE       equ 11
SE_SYSTEMTIME_PRIVILEGE           equ 12
SE_PROF_SINGLE_PROCESS_PRIVILEGE  equ 13
SE_INC_BASE_PRIORITY_PRIVILEGE    equ 14
SE_CREATE_PAGEFILE_PRIVILEGE      equ 15
SE_CREATE_PERMANENT_PRIVILEGE     equ 16
SE_BACKUP_PRIVILEGE               equ 17
SE_RESTORE_PRIVILEGE              equ 18
SE_SHUTDOWN_PRIVILEGE             equ 19
SE_DEBUG_PRIVILEGE                equ 20
SE_AUDIT_PRIVILEGE                equ 21
SE_SYSTEM_ENVIRONMENT_PRIVILEGE   equ 22
SE_CHANGE_NOTIFY_PRIVILEGE        equ 23
SE_REMOTE_SHUTDOWN_PRIVILEGE      equ 24
SE_UNDOCK_PRIVILEGE               equ 25
SE_SYNC_AGENT_PRIVILEGE           equ 26
SE_ENABLE_DELEGATION_PRIVILEGE    equ 27
SE_MAX_WELL_KNOWN_PRIVILEGE       equ SE_ENABLE_DELEGATION_PRIVILEGE

; +
; Impersonation Level
;
; Impersonation level is represented by a pair of bits in Windows.
; If a new impersonation level is added or lowest value is changed from
; 0 to something else, fix the Windows CreateFile call.
; -

;typedef enum _SECURITY_IMPERSONATION_LEVEL {
    SecurityAnonymous		equ 0
    SecurityIdentification	equ 1
    SecurityImpersonation	equ 2
    SecurityDelegation		equ 3

SECURITY_MAX_IMPERSONATION_LEVEL	equ SecurityDelegation

DEFAULT_IMPERSONATION_LEVEL			equ SecurityImpersonation

; Security Tracking Mode

SECURITY_DYNAMIC_TRACKING      equ TRUE)
SECURITY_STATIC_TRACKING       equ FALSE

SECURITY_CONTEXT_TRACKING_MODE  typedef BOOLEAN
PSECURITY_CONTEXT_TRACKING_MODE typedef PTR SECURITY_CONTEXT_TRACKING_MODE

; Quality Of Service

SECURITY_QUALITY_OF_SERVICE STRUCT		; sizeof = 0Ch
	_Length				DWORD		?	; 0000h  (org name Length)
	ImpersonationLevel	SDWORD		?	; 0004h  enum SECURITY_IMPERSONATION_LEVEL
	ContextTrackingMode	BYTE		?	; 0008h  SECURITY_CONTEXT_TRACKING_MODE
	EffectiveOnly		BYTE		?	; 0009h  BOOLEAN
						db	2 dup(?)	; padding
SECURITY_QUALITY_OF_SERVICE ENDS
PSECURITY_QUALITY_OF_SERVICE typedef PTR SECURITY_QUALITY_OF_SERVICE

; Used to represent information related to a thread impersonation

SE_IMPERSONATION_STATE STRUCT
	Token			PVOID	?	; 0000h  PACCESS_TOKEN
	CopyOnOpen		BYTE	?	; 0004h  BOOLEAN
	EffectiveOnly	BYTE	?	; 0005h  BOOLEAN
					db 2 dup(?)	; padding
	Level			SDWORD	?	; 0008  enum SECURITY_IMPERSONATION_LEVEL
SE_IMPERSONATION_STATE ENDS
PSE_IMPERSONATION_STATE typedef PTR SE_IMPERSONATION_STATE

SECURITY_INFORMATION  typedef DWORD
PSECURITY_INFORMATION typedef PTR SECURITY_INFORMATION

OWNER_SECURITY_INFORMATION       equ 00000001
GROUP_SECURITY_INFORMATION       equ 00000002
DACL_SECURITY_INFORMATION        equ 00000004
SACL_SECURITY_INFORMATION        equ 00000008

PROTECTED_DACL_SECURITY_INFORMATION     equ 80000000h
PROTECTED_SACL_SECURITY_INFORMATION     equ 40000000h
UNPROTECTED_DACL_SECURITY_INFORMATION   equ 20000000h
UNPROTECTED_SACL_SECURITY_INFORMATION   equ 10000000h

LOW_PRIORITY			equ 0	; Lowest thread priority level
LOW_REALTIME_PRIORITY	equ 16	; Lowest realtime priority level
HIGH_PRIORITY			equ 31	; Highest thread priority level
MAXIMUM_PRIORITY		equ 32	; Number of thread priority levels
; begin_winnt
MAXIMUM_WAIT_OBJECTS	equ 64	; Maximum number of wait objects

MAXIMUM_SUSPEND_COUNT	equ MAXCHAR	; Maximum times thread can be suspended
; end_winnt

; Thread affinity

KAFFINITY	typedef	DWORD
PKAFFINITY	typedef PTR KAFFINITY

; Thread priority

KPRIORITY	typedef SDWORD

; Spin Lock

KSPIN_LOCK	typedef DWORD	; ULONG_PTR
PKSPIN_LOCK	typedef PTR DWORD

;  Doubly-linked list manipulation routines.  Implemented as macros
;  but logically these are procedures.

; VOID InitializeListHead( PLIST_ENTRY ListHead );

InitializeListHead MACRO ListHead:REQ
local a
	IF $IsAddr(ListHead)
		a SUBSTR <ListHead>, 6
		IF $IsStack(a)				;; Is relative to SS
			lea eax, a
		ELSE
			mov eax, offset a
		ENDIF
	ELSEIF $IsReg(ListHead)
		IFDIFI <ListHead>, <eax>	;; don't move eax onto itself
			mov eax, ListHead
		ENDIF
	ELSEIF $IsStack(ListHead)
		mov eax, ListHead
	ELSE
		.ERR
	ENDIF
	; (LIST_ENTRY PTR [eax]).Flink = (LIST_ENTRY PTR [eax]).Blink = eax
	mov (LIST_ENTRY PTR [eax]).Flink, eax
	mov (LIST_ENTRY PTR [eax]).Blink, eax
ENDM

;  BOOLEAN IsListEmpty( PLIST_ENTRY ListHead );

IsListEmpty MACRO ListHead:REQ
local a
	IF $IsAddr(ListHead)
		a SUBSTR <ListHead>, 6
		IF $IsStack(a)				;; Is relative to SS
			lea eax, a
		ELSE
			mov eax, offset a
		ENDIF
	ELSEIF $IsReg(ListHead)
		IFDIFI <ListHead>, <eax>	;; don't move eax onto itself
			mov eax, ListHead
		ENDIF
	ELSEIF $IsStack(ListHead)
		mov eax, ListHead
	ELSE
		.ERR
	ENDIF
	.if [LIST_ENTRY PTR [eax]].Flink == eax
		xor eax, eax
		inc eax						;; return TRUE
	.else
		xor eax, eax				;; return FALSE
	.endif
ENDM

$IsListEmpty MACRO ListHead:REQ
local a
	IF $IsAddr(ListHead)
		a SUBSTR <ListHead>, 6
		IF $IsStack(a)				;; Is relative to SS
			lea eax, a
		ELSE
			mov eax, offset a
		ENDIF
	ELSEIF $IsReg(ListHead)
		IFDIFI <ListHead>, <eax>	;; don't move eax onto itself
			mov eax, ListHead
		ENDIF
	ELSEIF $IsStack(ListHead)
		mov eax, ListHead
	ELSE
		.ERR
	ENDIF
	.if [LIST_ENTRY PTR [eax]].Flink == eax
		xor eax, eax
		inc eax						;; return TRUE
	.else
		xor eax, eax				;; return FALSE
	.endif
	EXITM <eax>
ENDM

;  VOID RemoveEntryList( PLIST_ENTRY Entry );

RemoveEntryList MACRO Entry:REQ
local a
	IF $IsAddr(Entry)
		a SUBSTR <Entry>, 6
		IF $IsStack(a)				;; Is relative to SS
			lea eax, a
		ELSE
			mov eax, offset a
		ENDIF
	ELSEIF $IsReg(Entry)
		IFDIFI <Entry>, <eax>		;; don't move eax onto itself
			mov eax, Entry
		ENDIF
	ELSEIF $IsStack(Entry)
		mov eax, Entry
	ELSE
		.ERR
	ENDIF

	mov ecx, (LIST_ENTRY PTR [eax]).Flink
	mov eax, (LIST_ENTRY PTR [eax]).Blink

	mov (LIST_ENTRY PTR [eax]).Flink, ecx
	mov (LIST_ENTRY PTR [ecx]).Blink, eax
ENDM

;  PLIST_ENTRY RemoveHeadList( PLIST_ENTRY ListHead );

RemoveHeadList MACRO ListHead:REQ
local a
	IF $IsAddr(ListHead)
		a SUBSTR <ListHead>, 6
		IF $IsStack(a)				;; Is relative to SS
			lea eax, a
		ELSE
			mov eax, offset a
		ENDIF
	ELSEIF $IsReg(ListHead)
		IFDIFI <ListHead>, <eax>	;; don't move eax onto itself
			mov eax, ListHead
		ENDIF
	ELSEIF $IsStack(ListHead)
		mov eax, ListHead
	ELSE
		.ERR
	ENDIF
	mov ecx, (LIST_ENTRY PTR [eax]).Flink
	push ecx

	mov ecx, (LIST_ENTRY PTR [ecx]).Flink
	mov (LIST_ENTRY PTR [eax]).Flink, ecx

	mov (LIST_ENTRY PTR [ecx]).Blink, eax

	pop eax
ENDM

$RemoveHeadList MACRO ListHead:REQ
local a
	IF $IsAddr(ListHead)
		a SUBSTR <ListHead>, 6
		IF $IsStack(a)				;; Is relative to SS
			lea eax, a
		ELSE
			mov eax, offset a
		ENDIF
	ELSEIF $IsReg(ListHead)
		IFDIFI <ListHead>, <eax>	;; don't move eax onto itself
			mov eax, ListHead
		ENDIF
	ELSEIF $IsStack(ListHead)
		mov eax, ListHead
	ELSE
		.ERR
	ENDIF
	mov ecx, (LIST_ENTRY PTR [eax]).Flink
	push ecx

	mov ecx, (LIST_ENTRY PTR [ecx]).Flink
	mov (LIST_ENTRY PTR [eax]).Flink, ecx

	mov (LIST_ENTRY PTR [ecx]).Blink, eax

	pop eax
	EXITM <eax>
ENDM

;  PLIST_ENTRY RemoveTailList( PLIST_ENTRY ListHead );

RemoveTailList MACRO ListHead:REQ
local a
	IF $IsAddr(ListHead)
		a SUBSTR <ListHead>, 6
		IF $IsStack(a)				;; Is relative to SS
			lea eax, a
		ELSE
			mov eax, offset a
		ENDIF
	ELSEIF $IsReg(ListHead)
		IFDIFI <ListHead>, <eax>	;; don't move eax onto itself
			mov eax, ListHead
		ENDIF
	ELSEIF $IsStack(ListHead)
		mov eax, ListHead
	ELSE
		.ERR
	ENDIF
	mov ecx, (LIST_ENTRY PTR [eax]).Blink
	push ecx

	mov ecx, (LIST_ENTRY PTR [ecx]).Blink
	mov (LIST_ENTRY PTR [eax]).Blink, ecx

	mov (LIST_ENTRY PTR [ecx]).Flink, eax

	pop eax
ENDM

$RemoveTailList MACRO ListHead:REQ
local a
	IF $IsAddr(ListHead)
		a SUBSTR <ListHead>, 6
		IF $IsStack(a)				;; Is relative to SS
			lea eax, a
		ELSE
			mov eax, offset a
		ENDIF
	ELSEIF $IsReg(ListHead)
		IFDIFI <ListHead>, <eax>	;; don't move eax onto itself
			mov eax, ListHead
		ENDIF
	ELSEIF $IsStack(ListHead)
		mov eax, ListHead
	ELSE
		.ERR
	ENDIF
	mov ecx, (LIST_ENTRY PTR [eax]).Blink
	push ecx

	mov ecx, (LIST_ENTRY PTR [ecx]).Blink
	mov (LIST_ENTRY PTR [eax]).Blink, ecx

	mov (LIST_ENTRY PTR [ecx]).Flink, eax

	pop eax
	EXITM <eax>
ENDM


;  VOID InsertTailList( PLIST_ENTRY ListHead, PLIST_ENTRY Entry );

InsertTailList MACRO ListHead:REQ, Entry:REQ
local h, e, reax
	reax = 0
	IF $IsAddr(ListHead)
		h SUBSTR <ListHead>, 6
		IF $IsStack(h)				;; Is relative to SS
			lea eax, h
			reax = 1				;; no more eax
		ELSE
			mov eax, offset h
			reax = 1				;; no more eax
		ENDIF
	ELSEIF $IsReg(ListHead)
		IFDIFI <ListHead>, <eax>	;; don't move eax onto itself
			mov eax, ListHead
			reax = 1				;; no more eax
		ENDIF
	ELSEIF $IsStack(ListHead)
		mov eax, ListHead
		reax = 1					;; no more eax