Some points:
* I follow the latest WinSDK version 10.0.18362.0.
* There are two files attached with this email.
* The file name with 0001 contains the regular patch without any
undocumented things and sync-d with latest WinSDK.
* The UNDOCUMENTED.patch file contains the undocumented things. This
doesn't clash with any old definitions, only extends some enums. This is
extracted from combase.pdb file.
* IF you want to apply the undoc. patch it can be applied upon the real
0001 patch with `git apply` or `git commit --amend`.
From 16090026db212766d911ad0e388c4a593d399f65 Mon Sep 17 00:00:00 2001
From: Biswapriyo Nath <[email protected]>
Date: Wed, 28 Aug 2019 23:01:59 +0530
Subject: [PATCH] include/winternl: update header file
Signed-off-by: Biswapriyo Nath <[email protected]>
---
mingw-w64-headers/include/winternl.h | 152 +++++++++++++++++++++++++--
1 file changed, 142 insertions(+), 10 deletions(-)
diff --git a/mingw-w64-headers/include/winternl.h b/mingw-w64-headers/include/winternl.h
index acde6077..f3b8f2d4 100644
--- a/mingw-w64-headers/include/winternl.h
+++ b/mingw-w64-headers/include/winternl.h
@@ -9,7 +9,19 @@
#include <windef.h>
#ifndef NT_SUCCESS
-#define NT_SUCCESS(status) ((NTSTATUS) (status) >= 0)
+#define NT_SUCCESS(status) ((NTSTATUS) (status) >= 0)
+#endif
+
+#ifndef NT_INFORMATION
+#define NT_INFORMATION(Status) ((((ULONG)(Status)) >> 30) == 1)
+#endif
+
+#ifndef NT_WARNING
+#define NT_WARNING(Status) ((((ULONG)(Status)) >> 30) == 2)
+#endif
+
+#ifndef NT_ERROR
+#define NT_ERROR(Status) ((((ULONG)(Status)) >> 30) == 3)
#endif
#ifndef DEVICE_TYPE
@@ -143,17 +155,66 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
#endif
/* Values for the Attributes member */
- #define OBJ_INHERIT 0x00000002
- #define OBJ_PERMANENT 0x00000010
- #define OBJ_EXCLUSIVE 0x00000020
- #define OBJ_CASE_INSENSITIVE 0x00000040
- #define OBJ_OPENIF 0x00000080
- #define OBJ_OPENLINK 0x00000100
- #define OBJ_KERNEL_HANDLE 0x00000200
- #define OBJ_FORCE_ACCESS_CHECK 0x00000400
- #define OBJ_VALID_ATTRIBUTES 0x000007F2
+#define OBJ_INHERIT 0x00000002L
+#define OBJ_PERMANENT 0x00000010L
+#define OBJ_EXCLUSIVE 0x00000020L
+#define OBJ_CASE_INSENSITIVE 0x00000040L
+#define OBJ_OPENIF 0x00000080L
+#define OBJ_OPENLINK 0x00000100L
+#define OBJ_KERNEL_HANDLE 0x00000200L
+#define OBJ_FORCE_ACCESS_CHECK 0x00000400L
+#define OBJ_IGNORE_IMPERSONATED_DEVICEMAP 0x00000800L
+#define OBJ_DONT_REPARSE 0x00001000L
+#define OBJ_VALID_ATTRIBUTES 0x00001FF2L
+
+/* Define the create disposition values */
+#define FILE_SUPERSEDE 0x00000000
+#define FILE_OPEN 0x00000001
+#define FILE_CREATE 0x00000002
+#define FILE_OPEN_IF 0x00000003
+#define FILE_OVERWRITE 0x00000004
+#define FILE_OVERWRITE_IF 0x00000005
+#define FILE_MAXIMUM_DISPOSITION 0x00000005
+
+/* Define the create/open option flags */
+#define FILE_DIRECTORY_FILE 0x00000001
+#define FILE_WRITE_THROUGH 0x00000002
+#define FILE_SEQUENTIAL_ONLY 0x00000004
+#define FILE_NO_INTERMEDIATE_BUFFERING 0x00000008
+#define FILE_SYNCHRONOUS_IO_ALERT 0x00000010
+#define FILE_SYNCHRONOUS_IO_NONALERT 0x00000020
+#define FILE_NON_DIRECTORY_FILE 0x00000040
+#define FILE_CREATE_TREE_CONNECTION 0x00000080
+#define FILE_COMPLETE_IF_OPLOCKED 0x00000100
+#define FILE_NO_EA_KNOWLEDGE 0x00000200
+#define FILE_OPEN_REMOTE_INSTANCE 0x00000400
+#define FILE_RANDOM_ACCESS 0x00000800
+#define FILE_DELETE_ON_CLOSE 0x00001000
+#define FILE_OPEN_BY_FILE_ID 0x00002000
+#define FILE_OPEN_FOR_BACKUP_INTENT 0x00004000
+#define FILE_NO_COMPRESSION 0x00008000
+#if (_WIN32_WINNT >= _WIN32_WINNT_WIN7)
+#define FILE_OPEN_REQUIRING_OPLOCK 0x00010000
+#endif
+#define FILE_RESERVE_OPFILTER 0x00100000
+#define FILE_OPEN_REPARSE_POINT 0x00200000
+#define FILE_OPEN_NO_RECALL 0x00400000
+#define FILE_OPEN_FOR_FREE_SPACE_QUERY 0x00800000
+#define FILE_VALID_OPTION_FLAGS 0x00ffffff
+#define FILE_VALID_PIPE_OPTION_FLAGS 0x00000032
+#define FILE_VALID_MAILSLOT_OPTION_FLAGS 0x00000032
+#define FILE_VALID_SET_FLAGS 0x00000036
+
+/* Define the I/O status information return values for NtCreateFile/NtOpenFile */
+#define FILE_SUPERSEDED 0x00000000
+#define FILE_OPENED 0x00000001
+#define FILE_CREATED 0x00000002
+#define FILE_OVERWRITTEN 0x00000003
+#define FILE_EXISTS 0x00000004
+#define FILE_DOES_NOT_EXIST 0x00000005
/* Helper Macro */
+#ifndef InitializeObjectAttributes
#define InitializeObjectAttributes(p,n,a,r,s) { \
(p)->Length = sizeof(OBJECT_ATTRIBUTES); \
(p)->RootDirectory = (r); \
@@ -162,6 +223,7 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
(p)->SecurityDescriptor = (s); \
(p)->SecurityQualityOfService = NULL; \
}
+#endif
typedef struct _OBJECT_DATA_INFORMATION {
BOOLEAN InheritHandle;
@@ -697,6 +759,18 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
IO_COUNTERS IoCounters;
} SYSTEM_PROCESS_INFORMATION,*PSYSTEM_PROCESS_INFORMATION;
+ typedef struct _SYSTEM_THREAD_INFORMATION {
+ LARGE_INTEGER Reserved1[3];
+ ULONG Reserved2;
+ PVOID StartAddress;
+ CLIENT_ID ClientId;
+ KPRIORITY Priority;
+ LONG BasePriority;
+ ULONG Reserved3;
+ ULONG ThreadState;
+ ULONG WaitReason;
+ } SYSTEM_THREAD_INFORMATION, *PSYSTEM_THREAD_INFORMATION;
+
typedef struct _SYSTEM_REGISTRY_QUOTA_INFORMATION {
ULONG RegistryQuotaAllowed;
ULONG RegistryQuotaUsed;
@@ -822,6 +896,11 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
BYTE Reserved1[24];
} SYSTEM_INTERRUPT_INFORMATION,*PSYSTEM_INTERRUPT_INFORMATION;
+ typedef struct _SYSTEM_POLICY_INFORMATION {
+ PVOID Reserved1[2];
+ ULONG Reserved2[3];
+ } SYSTEM_POLICY_INFORMATION, *PSYSTEM_POLICY_INFORMATION;
+
typedef struct _SYSTEM_HANDLE_ENTRY {
ULONG OwnerPid;
BYTE ObjectType;
@@ -844,6 +923,14 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
UNICODE_STRING FileName;
} SYSTEM_PAGEFILE_INFORMATION, *PSYSTEM_PAGEFILE_INFORMATION;
+ typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
+ ULONG Attributes;
+ ACCESS_MASK GrantedAccess;
+ ULONG HandleCount;
+ ULONG PointerCount;
+ ULONG Reserved[10];
+ } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;
+
typedef struct __PUBLIC_OBJECT_TYPE_INFORMATION {
UNICODE_STRING TypeName;
ULONG Reserved[22];
@@ -925,6 +1012,26 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
ThreadHideFromDebugger
} THREADINFOCLASS;
+#define CODEINTEGRITY_OPTION_ENABLED 0x01
+#define CODEINTEGRITY_OPTION_TESTSIGN 0x02
+#define CODEINTEGRITY_OPTION_UMCI_ENABLED 0x04
+#define CODEINTEGRITY_OPTION_UMCI_AUDITMODE_ENABLED 0x08
+#define CODEINTEGRITY_OPTION_UMCI_EXCLUSIONPATHS_ENABLED 0x10
+#define CODEINTEGRITY_OPTION_TEST_BUILD 0x20
+#define CODEINTEGRITY_OPTION_PREPRODUCTION_BUILD 0x40
+#define CODEINTEGRITY_OPTION_DEBUGMODE_ENABLED 0x80
+#define CODEINTEGRITY_OPTION_FLIGHT_BUILD 0x100
+#define CODEINTEGRITY_OPTION_FLIGHTING_ENABLED 0x200
+#define CODEINTEGRITY_OPTION_HVCI_KMCI_ENABLED 0x400
+#define CODEINTEGRITY_OPTION_HVCI_KMCI_AUDITMODE_ENABLED 0x800
+#define CODEINTEGRITY_OPTION_HVCI_KMCI_STRICTMODE_ENABLED 0x1000
+#define CODEINTEGRITY_OPTION_HVCI_IUM_ENABLED 0x2000
+
+ typedef struct _SYSTEM_CODEINTEGRITY_INFORMATION {
+ ULONG Length;
+ ULONG CodeIntegrityOptions;
+ } SYSTEM_CODEINTEGRITY_INFORMATION, *PSYSTEM_CODEINTEGRITY_INFORMATION;
+
typedef enum _SYSTEM_INFORMATION_CLASS {
SystemBasicInformation = 0,
SystemProcessorInformation = 1,
@@ -948,15 +1055,38 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
ObjectDataInformation
} OBJECT_INFORMATION_CLASS, *POBJECT_INFORMATION_CLASS;
+#if (_WIN32_WINNT >= 0x0501)
#define INTERNAL_TS_ACTIVE_CONSOLE_ID (*((volatile ULONG*)(0x7ffe02d8)))
+#endif
#define RtlMoveMemory(Destination,Source,Length) memmove((Destination),(Source),(Length))
#define RtlFillMemory(Destination,Length,Fill) memset((Destination),(Fill),(Length))
#define RtlZeroMemory(Destination,Length) memset((Destination),0,(Length))
+ typedef struct _KEY_VALUE_ENTRY {
+ PUNICODE_STRING ValueName;
+ ULONG DataLength;
+ ULONG DataOffset;
+ ULONG Type;
+ } KEY_VALUE_ENTRY, *PKEY_VALUE_ENTRY;
+
+ typedef enum _KEY_SET_INFORMATION_CLASS {
+ KeyWriteTimeInformation,
+ KeyWow64FlagsInformation,
+ KeyControlFlagsInformation,
+ KeySetVirtualizationInformation,
+ KeySetDebugInformation,
+ KeySetHandleTagsInformation,
+ MaxKeySetInfoClass
+ } KEY_SET_INFORMATION_CLASS;
+
NTSTATUS NTAPI NtClose(HANDLE Handle);
NTSTATUS NTAPI NtCreateFile(PHANDLE FileHandle,ACCESS_MASK DesiredAccess,POBJECT_ATTRIBUTES ObjectAttributes,PIO_STATUS_BLOCK IoStatusBlock,PLARGE_INTEGER AllocationSize,ULONG FileAttributes,ULONG ShareAccess,ULONG CreateDisposition,ULONG CreateOptions,PVOID EaBuffer,ULONG EaLength);
NTSTATUS NTAPI NtOpenFile(PHANDLE FileHandle,ACCESS_MASK DesiredAccess,POBJECT_ATTRIBUTES ObjectAttributes,PIO_STATUS_BLOCK IoStatusBlock,ULONG ShareAccess,ULONG OpenOptions);
+ NTSTATUS NTAPI NtRenameKey(HANDLE KeyHandle, PUNICODE_STRING NewName);
+ NTSTATUS NTAPI NtNotifyChangeMultipleKeys(HANDLE MasterKeyHandle, ULONG Count, OBJECT_ATTRIBUTES SubordinateObjects[], HANDLE Event, PIO_APC_ROUTINE ApcRoutine, PVOID ApcContext, PIO_STATUS_BLOCK IoStatusBlock, ULONG CompletionFilter, BOOLEAN WatchTree, PVOID Buffer, ULONG BufferSize, BOOLEAN Asynchronous);
+ NTSTATUS NTAPI NtQueryMultipleValueKey(HANDLE KeyHandle, PKEY_VALUE_ENTRY ValueEntries, ULONG EntryCount, PVOID ValueBuffer, PULONG BufferLength, PULONG RequiredBufferLength);
+ NTSTATUS NTAPI NtSetInformationKey(HANDLE KeyHandle, KEY_SET_INFORMATION_CLASS KeySetInformationClass, PVOID KeySetInformation, ULONG KeySetInformationLength);
NTSTATUS NTAPI NtFsControlFile(HANDLE FileHandle,HANDLE Event,PIO_APC_ROUTINE ApcRoutine,PVOID ApcContext,PIO_STATUS_BLOCK IoStatusBlock,ULONG IoControlCode,PVOID InputBuffer,ULONG InputBufferLength,PVOID OutputBuffer,ULONG OutputBufferLength);
NTSTATUS NTAPI NtDeviceIoControlFile(HANDLE FileHandle,HANDLE Event,PIO_APC_ROUTINE ApcRoutine,PVOID ApcContext,PIO_STATUS_BLOCK IoStatusBlock,ULONG IoControlCode,PVOID InputBuffer,ULONG InputBufferLength,PVOID OutputBuffer,ULONG OutputBufferLength);
NTSTATUS NTAPI NtWaitForSingleObject(HANDLE Handle,BOOLEAN Alertable,PLARGE_INTEGER Timeout);
@@ -978,7 +1108,9 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString);
VOID NTAPI RtlFreeOemString(POEM_STRING OemString);
VOID NTAPI RtlInitString (PSTRING DestinationString,PCSZ SourceString);
+ NTSTATUS NTAPI RtlInitStringEx(PSTRING DestinationString, PCSZ SourceString);
VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString,PCSZ SourceString);
+ NTSTATUS NTAPI RtlInitAnsiStringEx(PANSI_STRING DestinationString, PCSZ SourceString);
VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString,PCWSTR SourceString);
NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString,PCANSI_STRING SourceString,BOOLEAN AllocateDestinationString);
NTSTATUS NTAPI RtlUnicodeStringToAnsiString(PANSI_STRING DestinationString,PCUNICODE_STRING SourceString,BOOLEAN AllocateDestinationString);
--
2.22.0
diff --git a/mingw-w64-headers/include/winternl.h b/mingw-w64-headers/include/winternl.h
index f3b8f2d4..6dae0e76 100644
--- a/mingw-w64-headers/include/winternl.h
+++ b/mingw-w64-headers/include/winternl.h
@@ -279,52 +279,81 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
typedef enum _FILE_INFORMATION_CLASS {
FileDirectoryInformation = 1,
- FileFullDirectoryInformation,
- FileBothDirectoryInformation,
- FileBasicInformation,
- FileStandardInformation,
- FileInternalInformation,
- FileEaInformation,
- FileAccessInformation,
- FileNameInformation,
- FileRenameInformation,
- FileLinkInformation,
- FileNamesInformation,
- FileDispositionInformation,
- FilePositionInformation,
- FileFullEaInformation,
- FileModeInformation,
- FileAlignmentInformation,
- FileAllInformation,
- FileAllocationInformation,
- FileEndOfFileInformation,
- FileAlternateNameInformation,
- FileStreamInformation,
- FilePipeInformation,
- FilePipeLocalInformation,
- FilePipeRemoteInformation,
- FileMailslotQueryInformation,
- FileMailslotSetInformation,
- FileCompressionInformation,
- FileObjectIdInformation,
- FileCompletionInformation,
- FileMoveClusterInformation,
- FileQuotaInformation,
- FileReparsePointInformation,
- FileNetworkOpenInformation,
- FileAttributeTagInformation,
- FileTrackingInformation,
- FileIdBothDirectoryInformation,
- FileIdFullDirectoryInformation,
- FileValidDataLengthInformation,
+ FileFullDirectoryInformation = 2,
+ FileBothDirectoryInformation = 3,
+ FileBasicInformation = 4,
+ FileStandardInformation = 5,
+ FileInternalInformation = 6,
+ FileEaInformation = 7,
+ FileAccessInformation = 8,
+ FileNameInformation = 9,
+ FileRenameInformation = 10,
+ FileLinkInformation = 11,
+ FileNamesInformation = 12,
+ FileDispositionInformation = 13,
+ FilePositionInformation = 14,
+ FileFullEaInformation = 15,
+ FileModeInformation = 16,
+ FileAlignmentInformation = 17,
+ FileAllInformation = 18,
+ FileAllocationInformation = 19,
+ FileEndOfFileInformation = 20,
+ FileAlternateNameInformation = 21,
+ FileStreamInformation = 22,
+ FilePipeInformation = 23,
+ FilePipeLocalInformation = 24,
+ FilePipeRemoteInformation = 25,
+ FileMailslotQueryInformation = 26,
+ FileMailslotSetInformation = 27,
+ FileCompressionInformation = 28,
+ FileObjectIdInformation = 29,
+ FileCompletionInformation = 30,
+ FileMoveClusterInformation = 31,
+ FileQuotaInformation = 32,
+ FileReparsePointInformation = 33,
+ FileNetworkOpenInformation = 34,
+ FileAttributeTagInformation = 35,
+ FileTrackingInformation = 36,
+ FileIdBothDirectoryInformation = 37,
+ FileIdFullDirectoryInformation = 38,
+ FileValidDataLengthInformation = 39,
FileShortNameInformation = 40,
+ FileIoCompletionNotificationInformation = 41,
+ FileIoStatusBlockRangeInformation = 42,
+ FileIoPriorityHintInformation = 43,
FileSfioReserveInformation = 44,
FileSfioVolumeInformation = 45,
FileHardLinkInformation = 46,
+ FileProcessIdsUsingFileInformation = 47,
FileNormalizedNameInformation = 48,
+ FileNetworkPhysicalNameInformation = 49,
FileIdGlobalTxDirectoryInformation = 50,
+ FileIsRemoteDeviceInformation = 51,
+ FileUnusedInformation = 52,
+ FileNumaNodeInformation = 53,
FileStandardLinkInformation = 54,
- FileMaximumInformation
+ FileRemoteProtocolInformation = 55,
+ FileRenameInformationBypassAccessCheck = 56,
+ FileLinkInformationBypassAccessCheck = 57,
+ FileVolumeNameInformation = 58,
+ FileIdInformation = 59,
+ FileIdExtdDirectoryInformation = 60,
+ FileReplaceCompletionInformation = 61,
+ FileHardLinkFullIdInformation = 62,
+ FileIdExtdBothDirectoryInformation = 63,
+ FileDispositionInformationEx = 64,
+ FileRenameInformationEx = 65,
+ FileRenameInformationExBypassAccessCheck = 66,
+ FileDesiredStorageClassInformation = 67,
+ FileStatInformation = 68,
+ FileMemoryPartitionInformation = 69,
+ FileStatLxInformation = 70,
+ FileCaseSensitiveInformation = 71,
+ FileLinkInformationEx = 72,
+ FileLinkInformationExBypassAccessCheck = 73,
+ FileStorageReserveIdInformation = 74,
+ FileCaseSensitiveInformationForceAccessCheck = 75,
+ FileMaximumInformation = 76,
} FILE_INFORMATION_CLASS, *PFILE_INFORMATION_CLASS;
typedef struct _FILE_DIRECTORY_INFORMATION {
@@ -447,7 +476,10 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
} FILE_ACCESS_INFORMATION, *PFILE_ACCESS_INFORMATION;
typedef struct _FILE_LINK_INFORMATION {
- BOOLEAN ReplaceIfExists;
+ __C89_NAMELESS union {
+ BOOLEAN ReplaceIfExists;
+ ULONG Flags;
+ };
HANDLE RootDirectory;
ULONG FileNameLength;
WCHAR FileName[1];
@@ -459,7 +491,10 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
} FILE_NAME_INFORMATION, *PFILE_NAME_INFORMATION;
typedef struct _FILE_RENAME_INFORMATION {
- BOOLEAN ReplaceIfExists;
+ __C89_NAMELESS union {
+ BOOLEAN ReplaceIfExists;
+ ULONG Flags;
+ };
HANDLE RootDirectory;
ULONG FileNameLength;
WCHAR FileName[1];
@@ -566,16 +601,20 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
typedef enum _FSINFOCLASS {
FileFsVolumeInformation = 1,
- FileFsLabelInformation,
- FileFsSizeInformation,
- FileFsDeviceInformation,
- FileFsAttributeInformation,
- FileFsControlInformation,
- FileFsFullSizeInformation,
- FileFsObjectIdInformation,
- FileFsDriverPathInformation,
- FileFsVolumeFlagsInformation,
- FileFsMaximumInformation
+ FileFsLabelInformation = 2,
+ FileFsSizeInformation = 3,
+ FileFsDeviceInformation = 4,
+ FileFsAttributeInformation = 5,
+ FileFsControlInformation = 6,
+ FileFsFullSizeInformation = 7,
+ FileFsObjectIdInformation = 8,
+ FileFsDriverPathInformation = 9,
+ FileFsVolumeFlagsInformation = 10,
+ FileFsSectorSizeInformation = 11,
+ FileFsDataCopyInformation = 12,
+ FileFsMetadataSizeInformation = 13,
+ FileFsFullSizeInformationEx = 14,
+ FileFsMaximumInformation = 15,
} FS_INFORMATION_CLASS, *PFS_INFORMATION_CLASS;
typedef struct _FILE_FS_VOLUME_INFORMATION {
@@ -692,14 +731,47 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
typedef enum _KWAIT_REASON {
Executive = 0,
- FreePage, PageIn, PoolAllocation, DelayExecution,
- Suspended, UserRequest, WrExecutive, WrFreePage, WrPageIn,
- WrPoolAllocation, WrDelayExecution, WrSuspended,
- WrUserRequest, WrEventPair, WrQueue, WrLpcReceive,
- WrLpcReply, WrVirtualMemory, WrPageOut, WrRendezvous,
- Spare2, Spare3, Spare4, Spare5, Spare6, WrKernel,
- MaximumWaitReason
- } KWAIT_REASON;
+ FreePage = 1,
+ PageIn = 2,
+ PoolAllocation = 3,
+ DelayExecution = 4,
+ Suspended = 5,
+ UserRequest = 6,
+ WrExecutive = 7,
+ WrFreePage = 8,
+ WrPageIn = 9,
+ WrPoolAllocation = 10,
+ WrDelayExecution = 11,
+ WrSuspended = 12,
+ WrUserRequest = 13,
+ WrSpare0 = 14,
+ WrQueue = 15,
+ WrLpcReceive = 16,
+ WrLpcReply = 17,
+ WrVirtualMemory = 18,
+ WrPageOut = 19,
+ WrRendezvous = 20,
+ WrKeyedEvent = 21,
+ WrTerminated = 22,
+ WrProcessInSwap = 23,
+ WrCpuRateControl = 24,
+ WrCalloutStack = 25,
+ WrKernel = 26,
+ WrResource = 27,
+ WrPushLock = 28,
+ WrMutex = 29,
+ WrQuantumEnd = 30,
+ WrDispatchInt = 31,
+ WrPreempted = 32,
+ WrYieldExecution = 33,
+ WrFastMutex = 34,
+ WrGuardedMutex = 35,
+ WrRundown = 36,
+ WrAlertByThreadId = 37,
+ WrDeferredPreempt = 38,
+ WrPhysicalFault = 39,
+ MaximumWaitReason = 40,
+ } KWAIT_REASON, *PKWAIT_REASON;
typedef struct _SYSTEM_THREADS
{
@@ -937,80 +1009,165 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
} PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;
typedef enum _PROCESSINFOCLASS {
- ProcessBasicInformation,
- ProcessQuotaLimits,
- ProcessIoCounters,
- ProcessVmCounters,
- ProcessTimes,
- ProcessBasePriority,
- ProcessRaisePriority,
- ProcessDebugPort,
- ProcessExceptionPort,
- ProcessAccessToken,
- ProcessLdtInformation,
- ProcessLdtSize,
- ProcessDefaultHardErrorMode,
- ProcessIoPortHandlers,
- ProcessPooledUsageAndLimits,
- ProcessWorkingSetWatch,
- ProcessUserModeIOPL,
- ProcessEnableAlignmentFaultFixup,
- ProcessPriorityClass,
- ProcessWx86Information,
- ProcessHandleCount,
- ProcessAffinityMask,
- ProcessPriorityBoost,
- ProcessDeviceMap,
- ProcessSessionInformation,
- ProcessForegroundInformation,
- ProcessWow64Information,
- ProcessImageFileName,
- ProcessLUIDDeviceMapsEnabled,
- ProcessBreakOnTermination,
- ProcessDebugObjectHandle,
- ProcessDebugFlags,
- ProcessHandleTracing,
- ProcessIoPriority,
- ProcessExecuteFlags,
- ProcessTlsInformation,
- ProcessCookie,
- ProcessImageInformation,
- ProcessCycleTime,
- ProcessPagePriority,
- ProcessInstrumentationCallback,
- ProcessThreadStackAllocation,
- ProcessWorkingSetWatchEx,
- ProcessImageFileNameWin32,
- ProcessImageFileMapping,
- ProcessAffinityUpdateMode,
- ProcessMemoryAllocationMode,
- ProcessGroupInformation,
- ProcessTokenVirtualizationEnabled,
- ProcessConsoleHostProcess,
- ProcessWindowInformation,
- MaxProcessInfoClass
- } PROCESSINFOCLASS;
+ ProcessBasicInformation = 0,
+ ProcessQuotaLimits = 1,
+ ProcessIoCounters = 2,
+ ProcessVmCounters = 3,
+ ProcessTimes = 4,
+ ProcessBasePriority = 5,
+ ProcessRaisePriority = 6,
+ ProcessDebugPort = 7,
+ ProcessExceptionPort = 8,
+ ProcessAccessToken = 9,
+ ProcessLdtInformation = 10,
+ ProcessLdtSize = 11,
+ ProcessDefaultHardErrorMode = 12,
+ ProcessIoPortHandlers = 13,
+ ProcessPooledUsageAndLimits = 14,
+ ProcessWorkingSetWatch = 15,
+ ProcessUserModeIOPL = 16,
+ ProcessEnableAlignmentFaultFixup = 17,
+ ProcessPriorityClass = 18,
+ ProcessWx86Information = 19,
+ ProcessHandleCount = 20,
+ ProcessAffinityMask = 21,
+ ProcessPriorityBoost = 22,
+ ProcessDeviceMap = 23,
+ ProcessSessionInformation = 24,
+ ProcessForegroundInformation = 25,
+ ProcessWow64Information = 26,
+ ProcessImageFileName = 27,
+ ProcessLUIDDeviceMapsEnabled = 28,
+ ProcessBreakOnTermination = 29,
+ ProcessDebugObjectHandle = 30,
+ ProcessDebugFlags = 31,
+ ProcessHandleTracing = 32,
+ ProcessIoPriority = 33,
+ ProcessExecuteFlags = 34,
+ ProcessTlsInformation = 35,
+ ProcessCookie = 36,
+ ProcessImageInformation = 37,
+ ProcessCycleTime = 38,
+ ProcessPagePriority = 39,
+ ProcessInstrumentationCallback = 40,
+ ProcessThreadStackAllocation = 41,
+ ProcessWorkingSetWatchEx = 42,
+ ProcessImageFileNameWin32 = 43,
+ ProcessImageFileMapping = 44,
+ ProcessAffinityUpdateMode = 45,
+ ProcessMemoryAllocationMode = 46,
+ ProcessGroupInformation = 47,
+ ProcessTokenVirtualizationEnabled = 48,
+ ProcessOwnerInformation = 49,
+ ProcessWindowInformation = 50,
+ ProcessHandleInformation = 51,
+ ProcessMitigationPolicy = 52,
+ ProcessDynamicFunctionTableInformation = 53,
+ ProcessHandleCheckingMode = 54,
+ ProcessKeepAliveCount = 55,
+ ProcessRevokeFileHandles = 56,
+ ProcessWorkingSetControl = 57,
+ ProcessHandleTable = 58,
+ ProcessCheckStackExtentsMode = 59,
+ ProcessCommandLineInformation = 60,
+ ProcessProtectionInformation = 61,
+ ProcessMemoryExhaustion = 62,
+ ProcessFaultInformation = 63,
+ ProcessTelemetryIdInformation = 64,
+ ProcessCommitReleaseInformation = 65,
+ ProcessDefaultCpuSetsInformation = 66,
+ ProcessAllowedCpuSetsInformation = 67,
+ ProcessReserved1Information = 66,
+ ProcessReserved2Information = 67,
+ ProcessSubsystemProcess = 68,
+ ProcessJobMemoryInformation = 69,
+ ProcessInPrivate = 70,
+ ProcessRaiseUMExceptionOnInvalidHandleClose = 71,
+ ProcessIumChallengeResponse = 72,
+ ProcessChildProcessInformation = 73,
+ ProcessHighGraphicsPriorityInformation = 74,
+ ProcessSubsystemInformation = 75,
+ ProcessEnergyValues = 76,
+ ProcessPowerThrottlingState = 77,
+ ProcessReserved3Information = 78,
+ ProcessWin32kSyscallFilterInformation = 79,
+ ProcessDisableSystemAllowedCpuSets = 80,
+ ProcessWakeInformation = 81,
+ ProcessEnergyTrackingState = 82,
+ ProcessManageWritesToExecutableMemory = 83,
+ ProcessCaptureTrustletLiveDump = 84,
+ ProcessTelemetryCoverage = 85,
+ ProcessEnclaveInformation = 86,
+ ProcessEnableReadWriteVmLogging = 87,
+ ProcessUptimeInformation = 88,
+ ProcessImageSection = 89,
+ ProcessDebugAuthInformation = 90,
+ ProcessSystemResourceManagement = 91,
+ ProcessSequenceNumber = 92,
+ ProcessLoaderDetour = 93,
+ ProcessSecurityDomainInformation = 94,
+ ProcessCombineSecurityDomainsInformation = 95,
+ ProcessEnableLogging = 96,
+ ProcessLeapSecondInformation = 97,
+ ProcessFiberShadowStackAllocation = 98,
+ ProcessFreeFiberShadowStackAllocation = 99,
+ MaxProcessInfoClass = 100,
+ } PROCESSINFOCLASS, *PPROCESSINFOCLASS;
typedef enum _THREADINFOCLASS {
- ThreadBasicInformation,
- ThreadTimes,
- ThreadPriority,
- ThreadBasePriority,
- ThreadAffinityMask,
- ThreadImpersonationToken,
- ThreadDescriptorTableEntry,
- ThreadEnableAlignmentFaultFixup,
- ThreadEventPair,
- ThreadQuerySetWin32StartAddress,
- ThreadZeroTlsCell,
- ThreadPerformanceCount,
- ThreadAmILastThread,
- ThreadIdealProcessor,
- ThreadPriorityBoost,
- ThreadSetTlsArrayAddress,
- ThreadIsIoPending,
- ThreadHideFromDebugger
- } THREADINFOCLASS;
+ ThreadBasicInformation = 0,
+ ThreadTimes = 1,
+ ThreadPriority = 2,
+ ThreadBasePriority = 3,
+ ThreadAffinityMask = 4,
+ ThreadImpersonationToken = 5,
+ ThreadDescriptorTableEntry = 6,
+ ThreadEnableAlignmentFaultFixup = 7,
+ ThreadEventPair_Reusable = 8,
+ ThreadQuerySetWin32StartAddress = 9,
+ ThreadZeroTlsCell = 10,
+ ThreadPerformanceCount = 11,
+ ThreadAmILastThread = 12,
+ ThreadIdealProcessor = 13,
+ ThreadPriorityBoost = 14,
+ ThreadSetTlsArrayAddress = 15,
+ ThreadIsIoPending = 16,
+ ThreadHideFromDebugger = 17,
+ ThreadBreakOnTermination = 18,
+ ThreadSwitchLegacyState = 19,
+ ThreadIsTerminated = 20,
+ ThreadLastSystemCall = 21,
+ ThreadIoPriority = 22,
+ ThreadCycleTime = 23,
+ ThreadPagePriority = 24,
+ ThreadActualBasePriority = 25,
+ ThreadTebInformation = 26,
+ ThreadCSwitchMon = 27,
+ ThreadCSwitchPmu = 28,
+ ThreadWow64Context = 29,
+ ThreadGroupInformation = 30,
+ ThreadUmsInformation = 31,
+ ThreadCounterProfiling = 32,
+ ThreadIdealProcessorEx = 33,
+ ThreadCpuAccountingInformation = 34,
+ ThreadSuspendCount = 35,
+ ThreadHeterogeneousCpuPolicy = 36,
+ ThreadContainerId = 37,
+ ThreadNameInformation = 38,
+ ThreadSelectedCpuSets = 39,
+ ThreadSystemThreadInformation = 40,
+ ThreadActualGroupAffinity = 41,
+ ThreadDynamicCodePolicyInfo = 42,
+ ThreadExplicitCaseSensitivity = 43,
+ ThreadWorkOnBehalfTicket = 44,
+ ThreadSubsystemInformation = 45,
+ ThreadDbgkWerReportActive = 46,
+ ThreadAttachContainer = 47,
+ ThreadManageWritesToExecutableMemory = 48,
+ ThreadPowerThrottlingState = 49,
+ ThreadWorkloadClass = 50,
+ MaxThreadInfoClass = 51,
+ } THREADINFOCLASS, *PTHREADINFOCLASS;
#define CODEINTEGRITY_OPTION_ENABLED 0x01
#define CODEINTEGRITY_OPTION_TESTSIGN 0x02
@@ -1037,23 +1194,225 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
SystemProcessorInformation = 1,
SystemPerformanceInformation = 2,
SystemTimeOfDayInformation = 3,
+ SystemPathInformation = 4,
SystemProcessInformation = 5,
+ SystemCallCountInformation = 6,
+ SystemDeviceInformation = 7,
SystemProcessorPerformanceInformation = 8,
+ SystemFlagsInformation = 9,
+ SystemCallTimeInformation = 10,
+ SystemModuleInformation = 11,
+ SystemLocksInformation = 12,
+ SystemStackTraceInformation = 13,
+ SystemPagedPoolInformation = 14,
+ SystemNonPagedPoolInformation = 15,
SystemHandleInformation = 16,
- SystemPagefileInformation = 18,
+ SystemObjectInformation = 17,
+ SystemPageFileInformation = 18,
+ SystemVdmInstemulInformation = 19,
+ SystemVdmBopInformation = 20,
+ SystemFileCacheInformation = 21,
+ SystemPoolTagInformation = 22,
SystemInterruptInformation = 23,
+ SystemDpcBehaviorInformation = 24,
+ SystemFullMemoryInformation = 25,
+ SystemLoadGdiDriverInformation = 26,
+ SystemUnloadGdiDriverInformation = 27,
+ SystemTimeAdjustmentInformation = 28,
+ SystemSummaryMemoryInformation = 29,
+ SystemMirrorMemoryInformation = 30,
+ SystemPerformanceTraceInformation = 31,
+ SystemObsolete0 = 32,
SystemExceptionInformation = 33,
+ SystemCrashDumpStateInformation = 34,
+ SystemKernelDebuggerInformation = 35,
+ SystemContextSwitchInformation = 36,
SystemRegistryQuotaInformation = 37,
- SystemLookasideInformation = 45
- } SYSTEM_INFORMATION_CLASS;
+ SystemExtendServiceTableInformation = 38,
+ SystemPrioritySeperation = 39,
+ SystemVerifierAddDriverInformation = 40,
+ SystemVerifierRemoveDriverInformation = 41,
+ SystemProcessorIdleInformation = 42,
+ SystemLegacyDriverInformation = 43,
+ SystemCurrentTimeZoneInformation = 44,
+ SystemLookasideInformation = 45,
+ SystemTimeSlipNotification = 46,
+ SystemSessionCreate = 47,
+ SystemSessionDetach = 48,
+ SystemSessionInformation = 49,
+ SystemRangeStartInformation = 50,
+ SystemVerifierInformation = 51,
+ SystemVerifierThunkExtend = 52,
+ SystemSessionProcessInformation = 53,
+ SystemLoadGdiDriverInSystemSpace = 54,
+ SystemNumaProcessorMap = 55,
+ SystemPrefetcherInformation = 56,
+ SystemExtendedProcessInformation = 57,
+ SystemRecommendedSharedDataAlignment = 58,
+ SystemComPlusPackage = 59,
+ SystemNumaAvailableMemory = 60,
+ SystemProcessorPowerInformation = 61,
+ SystemEmulationBasicInformation = 62,
+ SystemEmulationProcessorInformation = 63,
+ SystemExtendedHandleInformation = 64,
+ SystemLostDelayedWriteInformation = 65,
+ SystemBigPoolInformation = 66,
+ SystemSessionPoolTagInformation = 67,
+ SystemSessionMappedViewInformation = 68,
+ SystemHotpatchInformation = 69,
+ SystemObjectSecurityMode = 70,
+ SystemWatchdogTimerHandler = 71,
+ SystemWatchdogTimerInformation = 72,
+ SystemLogicalProcessorInformation = 73,
+ SystemWow64SharedInformationObsolete = 74,
+ SystemRegisterFirmwareTableInformationHandler = 75,
+ SystemFirmwareTableInformation = 76,
+ SystemModuleInformationEx = 77,
+ SystemVerifierTriageInformation = 78,
+ SystemSuperfetchInformation = 79,
+ SystemMemoryListInformation = 80,
+ SystemFileCacheInformationEx = 81,
+ SystemThreadPriorityClientIdInformation = 82,
+ SystemProcessorIdleCycleTimeInformation = 83,
+ SystemVerifierCancellationInformation = 84,
+ SystemProcessorPowerInformationEx = 85,
+ SystemRefTraceInformation = 86,
+ SystemSpecialPoolInformation = 87,
+ SystemProcessIdInformation = 88,
+ SystemErrorPortInformation = 89,
+ SystemBootEnvironmentInformation = 90,
+ SystemHypervisorInformation = 91,
+ SystemVerifierInformationEx = 92,
+ SystemTimeZoneInformation = 93,
+ SystemImageFileExecutionOptionsInformation = 94,
+ SystemCoverageInformation = 95,
+ SystemPrefetchPatchInformation = 96,
+ SystemVerifierFaultsInformation = 97,
+ SystemSystemPartitionInformation = 98,
+ SystemSystemDiskInformation = 99,
+ SystemProcessorPerformanceDistribution = 100,
+ SystemNumaProximityNodeInformation = 101,
+ SystemDynamicTimeZoneInformation = 102,
+ SystemCodeIntegrityInformation = 103,
+ SystemProcessorMicrocodeUpdateInformation = 104,
+ SystemProcessorBrandString = 105,
+ SystemVirtualAddressInformation = 106,
+ SystemLogicalProcessorAndGroupInformation = 107,
+ SystemProcessorCycleTimeInformation = 108,
+ SystemStoreInformation = 109,
+ SystemRegistryAppendString = 110,
+ SystemAitSamplingValue = 111,
+ SystemVhdBootInformation = 112,
+ SystemCpuQuotaInformation = 113,
+ SystemNativeBasicInformation = 114,
+ SystemErrorPortTimeouts = 115,
+ SystemLowPriorityIoInformation = 116,
+ SystemBootEntropyInformation = 117,
+ SystemVerifierCountersInformation = 118,
+ SystemPagedPoolInformationEx = 119,
+ SystemSystemPtesInformationEx = 120,
+ SystemNodeDistanceInformation = 121,
+ SystemAcpiAuditInformation = 122,
+ SystemBasicPerformanceInformation = 123,
+ SystemQueryPerformanceCounterInformation = 124,
+ SystemSessionBigPoolInformation = 125,
+ SystemBootGraphicsInformation = 126,
+ SystemScrubPhysicalMemoryInformation = 127,
+ SystemBadPageInformation = 128,
+ SystemProcessorProfileControlArea = 129,
+ SystemCombinePhysicalMemoryInformation = 130,
+ SystemEntropyInterruptTimingInformation = 131,
+ SystemConsoleInformation = 132,
+ SystemPlatformBinaryInformation = 133,
+ SystemPolicyInformation = 134,
+ SystemHypervisorProcessorCountInformation = 135,
+ SystemDeviceDataInformation = 136,
+ SystemDeviceDataEnumerationInformation = 137,
+ SystemMemoryTopologyInformation = 138,
+ SystemMemoryChannelInformation = 139,
+ SystemBootLogoInformation = 140,
+ SystemProcessorPerformanceInformationEx = 141,
+ SystemCriticalProcessErrorLogInformation = 142,
+ SystemSecureBootPolicyInformation = 143,
+ SystemPageFileInformationEx = 144,
+ SystemSecureBootInformation = 145,
+ SystemEntropyInterruptTimingRawInformation = 146,
+ SystemPortableWorkspaceEfiLauncherInformation = 147,
+ SystemFullProcessInformation = 148,
+ SystemKernelDebuggerInformationEx = 149,
+ SystemBootMetadataInformation = 150,
+ SystemSoftRebootInformation = 151,
+ SystemElamCertificateInformation = 152,
+ SystemOfflineDumpConfigInformation = 153,
+ SystemProcessorFeaturesInformation = 154,
+ SystemRegistryReconciliationInformation = 155,
+ SystemEdidInformation = 156,
+ SystemManufacturingInformation = 157,
+ SystemEnergyEstimationConfigInformation = 158,
+ SystemHypervisorDetailInformation = 159,
+ SystemProcessorCycleStatsInformation = 160,
+ SystemVmGenerationCountInformation = 161,
+ SystemTrustedPlatformModuleInformation = 162,
+ SystemKernelDebuggerFlags = 163,
+ SystemCodeIntegrityPolicyInformation = 164,
+ SystemIsolatedUserModeInformation = 165,
+ SystemHardwareSecurityTestInterfaceResultsInformation = 166,
+ SystemSingleModuleInformation = 167,
+ SystemAllowedCpuSetsInformation = 168,
+ SystemVsmProtectionInformation = 169,
+ SystemInterruptCpuSetsInformation = 170,
+ SystemSecureBootPolicyFullInformation = 171,
+ SystemCodeIntegrityPolicyFullInformation = 172,
+ SystemAffinitizedInterruptProcessorInformation = 173,
+ SystemRootSiloInformation = 174,
+ SystemCpuSetInformation = 175,
+ SystemCpuSetTagInformation = 176,
+ SystemWin32WerStartCallout = 177,
+ SystemSecureKernelProfileInformation = 178,
+ SystemCodeIntegrityPlatformManifestInformation = 179,
+ SystemInterruptSteeringInformation = 180,
+ SystemSupportedProcessorArchitectures = 181,
+ SystemMemoryUsageInformation = 182,
+ SystemCodeIntegrityCertificateInformation = 183,
+ SystemPhysicalMemoryInformation = 184,
+ SystemControlFlowTransition = 185,
+ SystemKernelDebuggingAllowed = 186,
+ SystemActivityModerationExeState = 187,
+ SystemActivityModerationUserSettings = 188,
+ SystemCodeIntegrityPoliciesFullInformation = 189,
+ SystemCodeIntegrityUnlockInformation = 190,
+ SystemIntegrityQuotaInformation = 191,
+ SystemFlushInformation = 192,
+ SystemProcessorIdleMaskInformation = 193,
+ SystemSecureDumpEncryptionInformation = 194,
+ SystemWriteConstraintInformation = 195,
+ SystemKernelVaShadowInformation = 196,
+ SystemHypervisorSharedPageInformation = 197,
+ SystemFirmwareBootPerformanceInformation = 198,
+ SystemCodeIntegrityVerificationInformation = 199,
+ SystemFirmwarePartitionInformation = 200,
+ SystemSpeculationControlInformation = 201,
+ SystemDmaGuardPolicyInformation = 202,
+ SystemEnclaveLaunchControlInformation = 203,
+ SystemWorkloadAllowedCpuSetsInformation = 204,
+ SystemCodeIntegrityUnlockModeInformation = 205,
+ SystemLeapSecondInformation = 206,
+ SystemFlags2Information = 207,
+ SystemSecurityModelInformation = 208,
+ SystemCodeIntegritySyntheticCacheInformation = 209,
+ MaxSystemInfoClass = 210,
+ } SYSTEM_INFORMATION_CLASS, *PSYSTEM_INFORMATION_CLASS;
typedef enum _OBJECT_INFORMATION_CLASS {
- ObjectBasicInformation,
- ObjectNameInformation,
- ObjectTypeInformation,
- ObjectAllInformation,
- ObjectDataInformation
- } OBJECT_INFORMATION_CLASS, *POBJECT_INFORMATION_CLASS;
+ ObjectBasicInformation = 0,
+ ObjectNameInformation = 1,
+ ObjectTypeInformation = 2,
+ ObjectTypesInformation = 3,
+ ObjectHandleFlagInformation = 4,
+ ObjectSessionInformation = 5,
+ ObjectSessionObjectInformation = 6,
+ MaxObjectInfoClass = 7,
+ } OBJECT_INFORMATION_CLASS, *POBJECT_INFORMATION_CLASS;
#if (_WIN32_WINNT >= 0x0501)
#define INTERNAL_TS_ACTIVE_CONSOLE_ID (*((volatile ULONG*)(0x7ffe02d8)))
_______________________________________________
Mingw-w64-public mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mingw-w64-public
