3642 lines
92 KiB
MQL5
3642 lines
92 KiB
MQL5
//+------------------------------------------------------------------+
|
|
//| winnt.mqh |
|
|
//| Copyright 2000-2025, MetaQuotes Ltd. |
|
|
//| https://www.mql5.com |
|
|
//+------------------------------------------------------------------+
|
|
#include <WinAPI\windef.mqh>
|
|
|
|
//---
|
|
#define UNWIND_HISTORY_TABLE_SIZE 12
|
|
#define SIZE_OF_80387_REGISTERS 80
|
|
#define MAXIMUM_SUPPORTED_EXTENSION 512
|
|
#define WOW64_SIZE_OF_80387_REGISTERS 80
|
|
#define WOW64_MAXIMUM_SUPPORTED_EXTENSION 512
|
|
#define SID_HASH_SIZE 32
|
|
#define POLICY_AUDIT_SUBCATEGORY_COUNT 59
|
|
#define TOKEN_SOURCE_LENGTH 8
|
|
#define MAXIMUM_XSTATE_FEATURES 64
|
|
#define POWER_SYSTEM_MAXIMUM 7
|
|
#define NUM_DISCHARGE_POLICIES 4
|
|
#define HIBERFILE_TYPE_MAX 0x03
|
|
#define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16
|
|
#define IMAGE_SIZEOF_SHORT_NAME 8
|
|
#define IMAGE_ENCLAVE_LONG_ID_LENGTH 32
|
|
#define IMAGE_ENCLAVE_SHORT_ID_LENGTH 16
|
|
#define RTL_CORRELATION_VECTOR_STRING_LENGTH 129
|
|
|
|
//---
|
|
enum SID_NAME_USE
|
|
{
|
|
SidTypeUser=1,
|
|
SidTypeGroup,
|
|
SidTypeDomain,
|
|
SidTypeAlias,
|
|
SidTypeWellKnownGroup,
|
|
SidTypeDeletedAccount,
|
|
SidTypeInvalid,
|
|
SidTypeUnknown,
|
|
SidTypeComputer,
|
|
SidTypeLabel,
|
|
SidTypeLogonSession
|
|
};
|
|
//---
|
|
enum ACL_INFORMATION_CLASS
|
|
{
|
|
AclRevisionInformation=1,
|
|
AclSizeInformation
|
|
};
|
|
//---
|
|
enum AUDIT_EVENT_TYPE
|
|
{
|
|
AuditEventObjectAccess,
|
|
AuditEventDirectoryServiceAccess
|
|
};
|
|
//---
|
|
enum ACCESS_REASON_TYPE
|
|
{
|
|
AccessReasonNone=0x00000000,
|
|
AccessReasonAllowedAce=0x00010000,
|
|
AccessReasonDeniedAce=0x00020000,
|
|
AccessReasonAllowedParentAce=0x00030000,
|
|
AccessReasonDeniedParentAce=0x00040000,
|
|
AccessReasonNotGrantedByCape=0x00050000,
|
|
AccessReasonNotGrantedByParentCape=0x00060000,
|
|
AccessReasonNotGrantedToAppContainer=0x00070000,
|
|
AccessReasonMissingPrivilege=0x00100000,
|
|
AccessReasonFromPrivilege=0x00200000,
|
|
AccessReasonIntegrityLevel=0x00300000,
|
|
AccessReasonOwnership=0x00400000,
|
|
AccessReasonNullDacl=0x00500000,
|
|
AccessReasonEmptyDacl=0x00600000,
|
|
AccessReasonNoSD=0x00700000,
|
|
AccessReasonNoGrant=0x00800000,
|
|
AccessReasonTrustLabel=0x00900000,
|
|
AccessReasonFilterAce=0x00a00000
|
|
};
|
|
//---
|
|
enum SECURITY_IMPERSONATION_LEVEL
|
|
{
|
|
SecurityAnonymous,
|
|
SecurityIdentification,
|
|
SecurityImpersonation,
|
|
SecurityDelegation
|
|
};
|
|
//---
|
|
enum TOKEN_TYPE
|
|
{
|
|
TokenPrimary=1,
|
|
TokenImpersonation
|
|
};
|
|
//---
|
|
enum TOKEN_ELEVATION_TYPE
|
|
{
|
|
TokenElevationTypeDefault=1,
|
|
TokenElevationTypeFull,
|
|
TokenElevationTypeLimited
|
|
};
|
|
//---
|
|
enum TOKEN_INFORMATION_CLASS
|
|
{
|
|
TokenUser=1,
|
|
TokenGroups,
|
|
TokenPrivileges,
|
|
TokenOwner,
|
|
TokenPrimaryGroup,
|
|
TokenDefaultDacl,
|
|
TokenSource,
|
|
TokenType,
|
|
TokenImpersonationLevel,
|
|
TokenStatistics,
|
|
TokenRestrictedSids,
|
|
TokenSessionId,
|
|
TokenGroupsAndPrivileges,
|
|
TokenSessionReference,
|
|
TokenSandBoxInert,
|
|
TokenAuditPolicy,
|
|
TokenOrigin,
|
|
TokenElevationType,
|
|
TokenLinkedToken,
|
|
TokenElevation,
|
|
TokenHasRestrictions,
|
|
TokenAccessInformation,
|
|
TokenVirtualizationAllowed,
|
|
TokenVirtualizationEnabled,
|
|
TokenIntegrityLevel,
|
|
TokenUIAccess,
|
|
TokenMandatoryPolicy,
|
|
TokenLogonSid,
|
|
TokenIsAppContainer,
|
|
TokenCapabilities,
|
|
TokenAppContainerSid,
|
|
TokenAppContainerNumber,
|
|
TokenUserClaimAttributes,
|
|
TokenDeviceClaimAttributes,
|
|
TokenRestrictedUserClaimAttributes,
|
|
TokenRestrictedDeviceClaimAttributes,
|
|
TokenDeviceGroups,
|
|
TokenRestrictedDeviceGroups,
|
|
TokenSecurityAttributes,
|
|
TokenIsRestricted,
|
|
TokenProcessTrustLevel,
|
|
TokenPrivateNameSpace,
|
|
TokenSingletonAttributes,
|
|
TokenBnoIsolation,
|
|
TokenChildProcessFlags,
|
|
MaxTokenInfoClass
|
|
};
|
|
//---
|
|
enum MANDATORY_LEVEL
|
|
{
|
|
MandatoryLevelUntrusted=0,
|
|
MandatoryLevelLow,
|
|
MandatoryLevelMedium,
|
|
MandatoryLevelHigh,
|
|
MandatoryLevelSystem,
|
|
MandatoryLevelSecureProcess,
|
|
MandatoryLevelCount
|
|
};
|
|
//---
|
|
enum SE_IMAGE_SIGNATURE_TYPE
|
|
{
|
|
SeImageSignatureNone=0,
|
|
SeImageSignatureEmbedded,
|
|
SeImageSignatureCache,
|
|
SeImageSignatureCatalogCached,
|
|
SeImageSignatureCatalogNotCached,
|
|
SeImageSignatureCatalogHint,
|
|
SeImageSignaturePackageCatalog
|
|
};
|
|
//---
|
|
enum SE_LEARNING_MODE_DATA_TYPE
|
|
{
|
|
SeLearningModeInvalidType=0,
|
|
SeLearningModeSettings,
|
|
SeLearningModeMax
|
|
};
|
|
//---
|
|
enum HARDWARE_COUNTER_TYPE
|
|
{
|
|
PMCCounter,
|
|
MaxHardwareCounterType
|
|
};
|
|
//---
|
|
enum PROCESS_MITIGATION_POLICY
|
|
{
|
|
ProcessDEPPolicy,
|
|
ProcessASLRPolicy,
|
|
ProcessDynamicCodePolicy,
|
|
ProcessStrictHandleCheckPolicy,
|
|
ProcessSystemCallDisablePolicy,
|
|
ProcessMitigationOptionsMask,
|
|
ProcessExtensionPointDisablePolicy,
|
|
ProcessControlFlowGuardPolicy,
|
|
ProcessSignaturePolicy,
|
|
ProcessFontDisablePolicy,
|
|
ProcessImageLoadPolicy,
|
|
ProcessSystemCallFilterPolicy,
|
|
ProcessPayloadRestrictionPolicy,
|
|
ProcessChildProcessPolicy,
|
|
MaxProcessMitigationPolicy
|
|
};
|
|
//---
|
|
enum JOBOBJECT_RATE_CONTROL_TOLERANCE
|
|
{
|
|
ToleranceLow=1,
|
|
ToleranceMedium,
|
|
ToleranceHigh
|
|
};
|
|
//---
|
|
enum JOBOBJECT_RATE_CONTROL_TOLERANCE_INTERVAL
|
|
{
|
|
ToleranceIntervalShort=1,
|
|
ToleranceIntervalMedium,
|
|
ToleranceIntervalLong
|
|
};
|
|
//---
|
|
enum JOB_OBJECT_NET_RATE_CONTROL_FLAGS
|
|
{
|
|
JOB_OBJECT_NET_RATE_CONTROL_ENABLE=0x1,
|
|
JOB_OBJECT_NET_RATE_CONTROL_MAX_BANDWIDTH=0x2,
|
|
JOB_OBJECT_NET_RATE_CONTROL_DSCP_TAG=0x4,
|
|
JOB_OBJECT_NET_RATE_CONTROL_VALID_FLAGS=0x7
|
|
};
|
|
//---
|
|
enum JOB_OBJECT_IO_RATE_CONTROL_FLAGS
|
|
{
|
|
JOB_OBJECT_IO_RATE_CONTROL_ENABLE=0x1,
|
|
JOB_OBJECT_IO_RATE_CONTROL_STANDALONE_VOLUME=0x2,
|
|
JOB_OBJECT_IO_RATE_CONTROL_FORCE_UNIT_ACCESS_ALL=0x4,
|
|
JOB_OBJECT_IO_RATE_CONTROL_FORCE_UNIT_ACCESS_ON_SOFT_CAP=0x8,
|
|
JOB_OBJECT_IO_RATE_CONTROL_VALID_FLAGS=JOB_OBJECT_IO_RATE_CONTROL_ENABLE|
|
|
JOB_OBJECT_IO_RATE_CONTROL_STANDALONE_VOLUME|
|
|
JOB_OBJECT_IO_RATE_CONTROL_FORCE_UNIT_ACCESS_ALL|
|
|
JOB_OBJECT_IO_RATE_CONTROL_FORCE_UNIT_ACCESS_ON_SOFT_CAP
|
|
};
|
|
//---
|
|
enum JOBOBJECT_IO_ATTRIBUTION_CONTROL_FLAGS
|
|
{
|
|
JOBOBJECT_IO_ATTRIBUTION_CONTROL_ENABLE=0x1,
|
|
JOBOBJECT_IO_ATTRIBUTION_CONTROL_DISABLE=0x2,
|
|
JOBOBJECT_IO_ATTRIBUTION_CONTROL_VALID_FLAGS=0x3
|
|
};
|
|
//---
|
|
enum JOBOBJECTINFOCLASS
|
|
{
|
|
JobObjectBasicAccountingInformation=1,
|
|
JobObjectBasicLimitInformation,
|
|
JobObjectBasicProcessIdList,
|
|
JobObjectBasicUIRestrictions,
|
|
JobObjectSecurityLimitInformation,
|
|
JobObjectEndOfJobTimeInformation,
|
|
JobObjectAssociateCompletionPortInformation,
|
|
JobObjectBasicAndIoAccountingInformation,
|
|
JobObjectExtendedLimitInformation,
|
|
JobObjectJobSetInformation,
|
|
JobObjectGroupInformation,
|
|
JobObjectNotificationLimitInformation,
|
|
JobObjectLimitViolationInformation,
|
|
JobObjectGroupInformationEx,
|
|
JobObjectCpuRateControlInformation,
|
|
JobObjectCompletionFilter,
|
|
JobObjectCompletionCounter,
|
|
JobObjectReserved1Information=18,
|
|
JobObjectReserved2Information,
|
|
JobObjectReserved3Information,
|
|
JobObjectReserved4Information,
|
|
JobObjectReserved5Information,
|
|
JobObjectReserved6Information,
|
|
JobObjectReserved7Information,
|
|
JobObjectReserved8Information,
|
|
JobObjectReserved9Information,
|
|
JobObjectReserved10Information,
|
|
JobObjectReserved11Information,
|
|
JobObjectReserved12Information,
|
|
JobObjectReserved13Information,
|
|
JobObjectReserved14Information=31,
|
|
JobObjectNetRateControlInformation,
|
|
JobObjectNotificationLimitInformation2,
|
|
JobObjectLimitViolationInformation2,
|
|
JobObjectCreateSilo,
|
|
JobObjectSiloBasicInformation,
|
|
JobObjectReserved15Information=37,
|
|
JobObjectReserved16Information=38,
|
|
JobObjectReserved17Information=39,
|
|
JobObjectReserved18Information=40,
|
|
JobObjectReserved19Information=41,
|
|
JobObjectReserved20Information=42,
|
|
JobObjectReserved21Information=43,
|
|
JobObjectReserved22Information=44,
|
|
JobObjectReserved23Information=45,
|
|
JobObjectReserved24Information=46,
|
|
JobObjectReserved25Information=47,
|
|
MaxJobObjectInfoClass
|
|
};
|
|
//---
|
|
enum SERVERSILO_STATE
|
|
{
|
|
SERVERSILO_INITING=0,
|
|
SERVERSILO_STARTED,
|
|
SERVERSILO_SHUTTING_DOWN,
|
|
SERVERSILO_TERMINATING,
|
|
SERVERSILO_TERMINATED
|
|
};
|
|
//---
|
|
enum FIRMWARE_TYPE
|
|
{
|
|
FirmwareTypeUnknown,
|
|
FirmwareTypeBios,
|
|
FirmwareTypeUefi,
|
|
FirmwareTypeMax
|
|
};
|
|
//---
|
|
enum LOGICAL_PROCESSOR_RELATIONSHIP
|
|
{
|
|
RelationProcessorCore,
|
|
RelationNumaNode,
|
|
RelationCache,
|
|
RelationProcessorPackage,
|
|
RelationGroup,
|
|
RelationAll=0xffff
|
|
};
|
|
//---
|
|
enum PROCESSOR_CACHE_TYPE
|
|
{
|
|
CacheUnified,
|
|
CacheInstruction,
|
|
CacheData,
|
|
CacheTrace
|
|
};
|
|
//---
|
|
enum CPU_SET_INFORMATION_TYPE
|
|
{
|
|
CpuSetInformation
|
|
};
|
|
//---
|
|
enum MEM_EXTENDED_PARAMETER_TYPE
|
|
{
|
|
MemExtendedParameterInvalidType=0,
|
|
MemExtendedParameterAddressRequirements,
|
|
MemExtendedParameterNumaNode,
|
|
MemExtendedParameterPartitionHandle,
|
|
MemExtendedParameterMax
|
|
};
|
|
//---
|
|
enum SharedVirtualDiskSupportType
|
|
{
|
|
SharedVirtualDisksUnsupported=0,
|
|
SharedVirtualDisksSupported=1,
|
|
SharedVirtualDiskSnapshotsSupported=3,
|
|
SharedVirtualDiskCDPSnapshotsSupported=7
|
|
};
|
|
//---
|
|
enum SharedVirtualDiskHandleState
|
|
{
|
|
SharedVirtualDiskHandleStateNone=0,
|
|
SharedVirtualDiskHandleStateFileShared=1,
|
|
SharedVirtualDiskHandleStateHandleShared=3
|
|
};
|
|
//---
|
|
enum SYSTEM_POWER_STATE
|
|
{
|
|
PowerSystemUnspecified=0,
|
|
PowerSystemWorking=1,
|
|
PowerSystemSleeping1=2,
|
|
PowerSystemSleeping2=3,
|
|
PowerSystemSleeping3=4,
|
|
PowerSystemHibernate=5,
|
|
PowerSystemShutdown=6,
|
|
PowerSystemMaximum=7
|
|
};
|
|
//---
|
|
enum DEVICE_POWER_STATE
|
|
{
|
|
PowerDeviceUnspecified=0,
|
|
PowerDeviceD0,
|
|
PowerDeviceD1,
|
|
PowerDeviceD2,
|
|
PowerDeviceD3,
|
|
PowerDeviceMaximum
|
|
};
|
|
//---
|
|
enum MONITOR_DISPLAY_STATE
|
|
{
|
|
PowerMonitorOff=0,
|
|
PowerMonitorOn,
|
|
PowerMonitorDim
|
|
};
|
|
//---
|
|
enum USER_ACTIVITY_PRESENCE
|
|
{
|
|
PowerUserPresent=0,
|
|
PowerUserNotPresent,
|
|
PowerUserInactive,
|
|
PowerUserMaximum,
|
|
PowerUserInvalid=PowerUserMaximum
|
|
};
|
|
//---
|
|
enum POWER_REQUEST_TYPE
|
|
{
|
|
PowerRequestDisplayRequired,
|
|
PowerRequestSystemRequired,
|
|
PowerRequestAwayModeRequired,
|
|
PowerRequestExecutionRequired
|
|
};
|
|
//---
|
|
enum POWER_MONITOR_REQUEST_TYPE
|
|
{
|
|
MonitorRequestTypeOff,
|
|
MonitorRequestTypeOnAndPresent,
|
|
MonitorRequestTypeToggleOn
|
|
};
|
|
//---
|
|
enum POWER_PLATFORM_ROLE
|
|
{
|
|
PlatformRoleUnspecified=0,
|
|
PlatformRoleDesktop,
|
|
PlatformRoleMobile,
|
|
PlatformRoleWorkstation,
|
|
PlatformRoleEnterpriseServer,
|
|
PlatformRoleSOHOServer,
|
|
PlatformRoleAppliancePC,
|
|
PlatformRolePerformanceServer,
|
|
PlatformRoleSlate,
|
|
PlatformRoleMaximum
|
|
};
|
|
//---
|
|
enum HIBERFILE_BUCKET_SIZE
|
|
{
|
|
HiberFileBucket1GB=0,
|
|
HiberFileBucket2GB,
|
|
HiberFileBucket4GB,
|
|
HiberFileBucket8GB,
|
|
HiberFileBucket16GB,
|
|
HiberFileBucket32GB,
|
|
HiberFileBucketUnlimited,
|
|
HiberFileBucketMax
|
|
};
|
|
//---
|
|
enum IMAGE_AUX_SYMBOL_TYPE
|
|
{
|
|
IMAGE_AUX_SYMBOL_TYPE_TOKEN_DEF=1
|
|
};
|
|
//---
|
|
enum IMPORT_OBJECT_TYPE
|
|
{
|
|
IMPORT_OBJECT_CODE=0,
|
|
IMPORT_OBJECT_DATA=1,
|
|
IMPORT_OBJECT_CONST=2
|
|
};
|
|
//---
|
|
enum IMPORT_OBJECT_NAME_TYPE
|
|
{
|
|
IMPORT_OBJECT_ORDINAL=0,
|
|
IMPORT_OBJECT_NAME=1,
|
|
IMPORT_OBJECT_NAME_NO_PREFIX=2,
|
|
IMPORT_OBJECT_NAME_UNDECORATE=3,
|
|
IMPORT_OBJECT_NAME_EXPORTAS=4
|
|
};
|
|
//---
|
|
enum ReplacesCorHdrNumericDefines
|
|
{
|
|
COMIMAGE_FLAGS_ILONLY=0x00000001,
|
|
COMIMAGE_FLAGS_32BITREQUIRED=0x00000002,
|
|
COMIMAGE_FLAGS_IL_LIBRARY=0x00000004,
|
|
COMIMAGE_FLAGS_STRONGNAMESIGNED=0x00000008,
|
|
COMIMAGE_FLAGS_NATIVE_ENTRYPOINT=0x00000010,
|
|
COMIMAGE_FLAGS_TRACKDEBUGDATA=0x00010000,
|
|
COMIMAGE_FLAGS_32BITPREFERRED=0x00020000,
|
|
COR_VERSION_MAJOR_V2=2,
|
|
COR_VERSION_MAJOR=COR_VERSION_MAJOR_V2,
|
|
COR_VERSION_MINOR=5,
|
|
COR_DELETED_NAME_LENGTH=8,
|
|
COR_VTABLEGAP_NAME_LENGTH=8,
|
|
NATIVE_TYPE_MAX_CB=1,
|
|
COR_ILMETHOD_SECT_SMALL_MAX_DATASIZE=0xFF,
|
|
IMAGE_COR_MIH_METHODRVA=0x01,
|
|
IMAGE_COR_MIH_EHRVA=0x02,
|
|
IMAGE_COR_MIH_BASICBLOCK=0x08,
|
|
COR_VTABLE_32BIT=0x01,
|
|
COR_VTABLE_64BIT=0x02,
|
|
COR_VTABLE_FROM_UNMANAGED=0x04,
|
|
COR_VTABLE_FROM_UNMANAGED_RETAIN_APPDOMAIN=0x08,
|
|
COR_VTABLE_CALL_MOST_DERIVED=0x10,
|
|
IMAGE_COR_EATJ_THUNK_SIZE=32,
|
|
MAX_CLASS_NAME=1024,
|
|
MAX_PACKAGE_NAME=1024
|
|
};
|
|
//---
|
|
enum RTL_UMS_THREAD_INFO_CLASS
|
|
{
|
|
UmsThreadInvalidInfoClass=0,
|
|
UmsThreadUserContext,
|
|
UmsThreadPriority,
|
|
UmsThreadAffinity,
|
|
UmsThreadTeb,
|
|
UmsThreadIsSuspended,
|
|
UmsThreadIsTerminated,
|
|
UmsThreadMaxInfoClass
|
|
};
|
|
//---
|
|
enum RTL_UMS_SCHEDULER_REASON
|
|
{
|
|
UmsSchedulerStartup=0,
|
|
UmsSchedulerThreadBlocked,
|
|
UmsSchedulerThreadYield
|
|
};
|
|
//---
|
|
enum OS_DEPLOYEMENT_STATE_VALUES
|
|
{
|
|
OS_DEPLOYMENT_STANDARD=1,
|
|
OS_DEPLOYMENT_COMPACT
|
|
};
|
|
//---
|
|
enum IMAGE_POLICY_ENTRY_TYPE
|
|
{
|
|
ImagePolicyEntryTypeNone=0,
|
|
ImagePolicyEntryTypeBool,
|
|
ImagePolicyEntryTypeInt8,
|
|
ImagePolicyEntryTypeUInt8,
|
|
ImagePolicyEntryTypeInt16,
|
|
ImagePolicyEntryTypeUInt16,
|
|
ImagePolicyEntryTypeInt32,
|
|
ImagePolicyEntryTypeUInt32,
|
|
ImagePolicyEntryTypeInt64,
|
|
ImagePolicyEntryTypeUInt64,
|
|
ImagePolicyEntryTypeAnsiString,
|
|
ImagePolicyEntryTypeUnicodeString,
|
|
ImagePolicyEntryTypeOverride,
|
|
ImagePolicyEntryTypeMaximum
|
|
};
|
|
//---
|
|
enum IMAGE_POLICY_ID
|
|
{
|
|
ImagePolicyIdNone=0,
|
|
ImagePolicyIdEtw,
|
|
ImagePolicyIdDebug,
|
|
ImagePolicyIdCrashDump,
|
|
ImagePolicyIdCrashDumpKey,
|
|
ImagePolicyIdCrashDumpKeyGuid,
|
|
ImagePolicyIdParentSd,
|
|
ImagePolicyIdParentSdRev,
|
|
ImagePolicyIdSvn,
|
|
ImagePolicyIdDeviceId,
|
|
ImagePolicyIdCapability,
|
|
ImagePolicyIdScenarioId,
|
|
ImagePolicyIdMaximum
|
|
};
|
|
//---
|
|
enum HEAP_INFORMATION_CLASS
|
|
{
|
|
HeapCompatibilityInformation=0,
|
|
HeapEnableTerminationOnCorruption=1,
|
|
HeapOptimizeResources=3
|
|
};
|
|
//---
|
|
enum ACTIVATION_CONTEXT_INFO_CLASS
|
|
{
|
|
ActivationContextBasicInformation=1,
|
|
ActivationContextDetailedInformation=2,
|
|
AssemblyDetailedInformationInActivationContext=3,
|
|
FileInformationInAssemblyOfAssemblyInActivationContext=4,
|
|
RunlevelInformationInActivationContext=5,
|
|
CompatibilityInformationInActivationContext=6,
|
|
ActivationContextManifestResourceName=7,
|
|
MaxActivationContextInfoClass,
|
|
AssemblyDetailedInformationInActivationContxt=3,
|
|
FileInformationInAssemblyOfAssemblyInActivationContxt=4
|
|
};
|
|
//---
|
|
enum SERVICE_NODE_TYPE
|
|
{
|
|
DriverType=0x00000001,
|
|
FileSystemType=0x00000002,
|
|
Win32ServiceOwnProcess=0x00000010,
|
|
Win32ServiceShareProcess=0x00000020,
|
|
AdapterType=0x00000004,
|
|
RecognizerType=0x00000008
|
|
};
|
|
//---
|
|
enum SERVICE_LOAD_TYPE
|
|
{
|
|
BootLoad=0x00000000,
|
|
SystemLoad=0x00000001,
|
|
AutoLoad=0x00000002,
|
|
DemandLoad=0x00000003,
|
|
DisableLoad=0x00000004
|
|
};
|
|
//---
|
|
enum SERVICE_ERROR_TYPE
|
|
{
|
|
IgnoreError=0x00000000,
|
|
NormalError=0x00000001,
|
|
SevereError=0x00000002,
|
|
CriticalError=0x00000003
|
|
};
|
|
//---
|
|
enum TAPE_DRIVE_PROBLEM_TYPE
|
|
{
|
|
TapeDriveProblemNone,
|
|
TapeDriveReadWriteWarning,
|
|
TapeDriveReadWriteError,
|
|
TapeDriveReadWarning,
|
|
TapeDriveWriteWarning,
|
|
TapeDriveReadError,
|
|
TapeDriveWriteError,
|
|
TapeDriveHardwareError,
|
|
TapeDriveUnsupportedMedia,
|
|
TapeDriveScsiConnectionError,
|
|
TapeDriveTimetoClean,
|
|
TapeDriveCleanDriveNow,
|
|
TapeDriveMediaLifeExpired,
|
|
TapeDriveSnappedTape
|
|
};
|
|
//---
|
|
enum TRANSACTION_OUTCOME
|
|
{
|
|
TransactionOutcomeUndetermined=1,
|
|
TransactionOutcomeCommitted,
|
|
TransactionOutcomeAborted
|
|
};
|
|
//---
|
|
enum TRANSACTION_STATE
|
|
{
|
|
TransactionStateNormal=1,
|
|
TransactionStateIndoubt,
|
|
TransactionStateCommittedNotify
|
|
};
|
|
//---
|
|
enum TRANSACTION_INFORMATION_CLASS
|
|
{
|
|
TransactionBasicInformation,
|
|
TransactionPropertiesInformation,
|
|
TransactionEnlistmentInformation,
|
|
TransactionSuperiorEnlistmentInformation,
|
|
TransactionBindInformation,
|
|
TransactionDTCPrivateInformation
|
|
};
|
|
//---
|
|
enum TRANSACTIONMANAGER_INFORMATION_CLASS
|
|
{
|
|
TransactionManagerBasicInformation,
|
|
TransactionManagerLogInformation,
|
|
TransactionManagerLogPathInformation,
|
|
TransactionManagerRecoveryInformation=4,
|
|
TransactionManagerOnlineProbeInformation=3,
|
|
TransactionManagerOldestTransactionInformation=5
|
|
};
|
|
//---
|
|
enum RESOURCEMANAGER_INFORMATION_CLASS
|
|
{
|
|
ResourceManagerBasicInformation,
|
|
ResourceManagerCompletionInformation
|
|
};
|
|
//---
|
|
enum ENLISTMENT_INFORMATION_CLASS
|
|
{
|
|
EnlistmentBasicInformation,
|
|
EnlistmentRecoveryInformation,
|
|
EnlistmentCrmInformation
|
|
};
|
|
//---
|
|
enum KTMOBJECT_TYPE
|
|
{
|
|
KTMOBJECT_TRANSACTION,
|
|
KTMOBJECT_TRANSACTION_MANAGER,
|
|
KTMOBJECT_RESOURCE_MANAGER,
|
|
KTMOBJECT_ENLISTMENT,
|
|
KTMOBJECT_INVALID
|
|
};
|
|
//---
|
|
enum TP_CALLBACK_PRIORITY
|
|
{
|
|
TP_CALLBACK_PRIORITY_HIGH,
|
|
TP_CALLBACK_PRIORITY_NORMAL,
|
|
TP_CALLBACK_PRIORITY_LOW,
|
|
TP_CALLBACK_PRIORITY_INVALID,
|
|
TP_CALLBACK_PRIORITY_COUNT=TP_CALLBACK_PRIORITY_INVALID
|
|
};
|
|
//---
|
|
enum POWER_USER_PRESENCE_TYPE
|
|
{
|
|
UserNotPresent=0,
|
|
UserPresent=1,
|
|
UserUnknown=0xff
|
|
};
|
|
//---
|
|
enum POWER_MONITOR_REQUEST_REASON
|
|
{
|
|
MonitorRequestReasonUnknown,
|
|
MonitorRequestReasonPowerButton,
|
|
MonitorRequestReasonRemoteConnection,
|
|
MonitorRequestReasonScMonitorpower,
|
|
MonitorRequestReasonUserInput,
|
|
MonitorRequestReasonAcDcDisplayBurst,
|
|
MonitorRequestReasonUserDisplayBurst,
|
|
MonitorRequestReasonPoSetSystemState,
|
|
MonitorRequestReasonSetThreadExecutionState,
|
|
MonitorRequestReasonFullWake,
|
|
MonitorRequestReasonSessionUnlock,
|
|
MonitorRequestReasonScreenOffRequest,
|
|
MonitorRequestReasonIdleTimeout,
|
|
MonitorRequestReasonPolicyChange,
|
|
MonitorRequestReasonSleepButton,
|
|
MonitorRequestReasonLid,
|
|
MonitorRequestReasonBatteryCountChange,
|
|
MonitorRequestReasonGracePeriod,
|
|
MonitorRequestReasonPnP,
|
|
MonitorRequestReasonDP,
|
|
MonitorRequestReasonSxTransition,
|
|
MonitorRequestReasonSystemIdle,
|
|
MonitorRequestReasonNearProximity,
|
|
MonitorRequestReasonThermalStandby,
|
|
MonitorRequestReasonResumePdc,
|
|
MonitorRequestReasonResumeS4,
|
|
MonitorRequestReasonTerminal,
|
|
MonitorRequestReasonPdcSignal,
|
|
MonitorRequestReasonAcDcDisplayBurstSuppressed,
|
|
MonitorRequestReasonSystemStateEntered,
|
|
MonitorRequestReasonWinrt,
|
|
MonitorRequestReasonUserInputKeyboard,
|
|
MonitorRequestReasonUserInputMouse,
|
|
MonitorRequestReasonUserInputTouch,
|
|
MonitorRequestReasonUserInputPen,
|
|
MonitorRequestReasonUserInputAccelerometer,
|
|
MonitorRequestReasonUserInputHid,
|
|
MonitorRequestReasonUserInputPoUserPresent,
|
|
MonitorRequestReasonUserInputSessionSwitch,
|
|
MonitorRequestReasonUserInputInitialization,
|
|
MonitorRequestReasonPdcSignalWindowsMobilePwrNotif,
|
|
MonitorRequestReasonPdcSignalWindowsMobileShell,
|
|
MonitorRequestReasonPdcSignalHeyCortana,
|
|
MonitorRequestReasonPdcSignalHolographicShell,
|
|
MonitorRequestReasonPdcSignalFingerprint,
|
|
MonitorRequestReasonMax
|
|
};
|
|
//---
|
|
enum POWER_ACTION
|
|
{
|
|
PowerActionNone=0,
|
|
PowerActionReserved,
|
|
PowerActionSleep,
|
|
PowerActionHibernate,
|
|
PowerActionShutdown,
|
|
PowerActionShutdownReset,
|
|
PowerActionShutdownOff,
|
|
PowerActionWarmEject,
|
|
PowerActionDisplayOff
|
|
};
|
|
//---
|
|
enum ACTCTX_REQUESTED_RUN_LEVEL
|
|
{
|
|
ACTCTX_RUN_LEVEL_UNSPECIFIED=0,
|
|
ACTCTX_RUN_LEVEL_AS_INVOKER,
|
|
ACTCTX_RUN_LEVEL_HIGHEST_AVAILABLE,
|
|
ACTCTX_RUN_LEVEL_REQUIRE_ADMIN,
|
|
ACTCTX_RUN_LEVEL_NUMBERS
|
|
};
|
|
//---
|
|
enum ACTCTX_COMPATIBILITY_ELEMENT_TYPE
|
|
{
|
|
ACTCTX_COMPATIBILITY_ELEMENT_TYPE_UNKNOWN=0,
|
|
ACTCTX_COMPATIBILITY_ELEMENT_TYPE_OS,
|
|
ACTCTX_COMPATIBILITY_ELEMENT_TYPE_MITIGATION
|
|
};
|
|
//+------------------------------------------------------------------+
|
|
//| |
|
|
//+------------------------------------------------------------------+
|
|
//---
|
|
struct PROCESSOR_NUMBER
|
|
{
|
|
ushort Group;
|
|
uchar Number;
|
|
uchar Reserved;
|
|
};
|
|
//---
|
|
struct GROUP_AFFINITY
|
|
{
|
|
ulong Mask;
|
|
ushort Group;
|
|
ushort Reserved[3];
|
|
};
|
|
//---
|
|
struct FLOAT128
|
|
{
|
|
long LowPart;
|
|
long HighPart;
|
|
};
|
|
//---
|
|
struct LARGE_INTEGER
|
|
{
|
|
long QuadPart;
|
|
};
|
|
//---
|
|
struct ULARGE_INTEGER
|
|
{
|
|
ulong QuadPart;
|
|
};
|
|
//---
|
|
struct LUID
|
|
{
|
|
uint LowPart;
|
|
int HighPart;
|
|
};
|
|
//---
|
|
struct LIST_ENTRY
|
|
{
|
|
PVOID Flink;
|
|
PVOID Blink;
|
|
};
|
|
//---
|
|
struct SINGLE_LIST_ENTRY
|
|
{
|
|
PVOID Next;
|
|
};
|
|
//---
|
|
struct LIST_ENTRY32
|
|
{
|
|
uint Flink;
|
|
uint Blink;
|
|
};
|
|
//---
|
|
struct LIST_ENTRY64
|
|
{
|
|
ulong Flink;
|
|
ulong Blink;
|
|
};
|
|
//---
|
|
struct OBJECTID
|
|
{
|
|
GUID Lineage;
|
|
uint Uniquifier;
|
|
};
|
|
//---
|
|
struct M128A
|
|
{
|
|
ulong Low;
|
|
long High;
|
|
};
|
|
//---
|
|
struct XSAVE_FORMAT
|
|
{
|
|
ushort Controlushort;
|
|
ushort Statusushort;
|
|
uchar Tagushort;
|
|
uchar Reserved1;
|
|
ushort ErrorOpcode;
|
|
uint ErrorOffset;
|
|
ushort ErrorSelector;
|
|
ushort Reserved2;
|
|
uint DataOffset;
|
|
ushort DataSelector;
|
|
ushort Reserved3;
|
|
uint MxCsr;
|
|
uint MxCsr_Mask;
|
|
M128A FloatRegisters[8];
|
|
M128A XmmRegisters[16];
|
|
uchar Reserved4[96];
|
|
};
|
|
//---
|
|
struct XSAVE_AREA_HEADER
|
|
{
|
|
ulong Mask;
|
|
ulong CompactionMask;
|
|
ulong Reserved2[6];
|
|
};
|
|
//---
|
|
struct XSAVE_AREA
|
|
{
|
|
XSAVE_FORMAT LegacyState;
|
|
XSAVE_AREA_HEADER Header;
|
|
};
|
|
//---
|
|
struct XSTATE_CONTEXT
|
|
{
|
|
ulong Mask;
|
|
uint Length;
|
|
uint Reserved1;
|
|
PVOID Area;
|
|
uint Reserved2;
|
|
PVOID Buffer;
|
|
uint Reserved3;
|
|
};
|
|
//---
|
|
struct SCOPE_TABLE_AMD64
|
|
{
|
|
uint Count;
|
|
uint BeginAddress;
|
|
uint EndAddress;
|
|
uint HandlerAddress;
|
|
uint JumpTarget;
|
|
};
|
|
//---
|
|
struct UNWIND_HISTORY_TABLE_ENTRY
|
|
{
|
|
ulong ImageBase;
|
|
PVOID FunctionEntry;
|
|
};
|
|
//---
|
|
struct UNWIND_HISTORY_TABLE
|
|
{
|
|
uint Count;
|
|
uchar LocalHint;
|
|
uchar GlobalHint;
|
|
uchar Search;
|
|
uchar Once;
|
|
ulong LowAddress;
|
|
ulong HighAddress;
|
|
UNWIND_HISTORY_TABLE_ENTRY Entry[UNWIND_HISTORY_TABLE_SIZE];
|
|
};
|
|
//---
|
|
struct SCOPE_TABLE_ARM64
|
|
{
|
|
uint Count;
|
|
uint BeginAddress;
|
|
uint EndAddress;
|
|
uint HandlerAddress;
|
|
uint JumpTarget;
|
|
};
|
|
//---
|
|
struct NEON128
|
|
{
|
|
ulong Low;
|
|
long High;
|
|
};
|
|
//---
|
|
struct DISPATCHER_CONTEXT
|
|
{
|
|
uint ControlPc;
|
|
uint ImageBase;
|
|
PVOID FunctionEntry;
|
|
uint EstablisherFrame;
|
|
uint TargetPc;
|
|
PVOID ContextRecord;
|
|
PVOID LanguageHandler;
|
|
PVOID HandlerData;
|
|
PVOID HistoryTable;
|
|
uint ScopeIndex;
|
|
uchar ControlPcIsUnwound;
|
|
PVOID NonVolatileRegisters;
|
|
uint Reserved;
|
|
};
|
|
//---
|
|
struct KNONVOLATILE_CONTEXT_POINTERS
|
|
{
|
|
PVOID FloatingContext[16];
|
|
PVOID IntegerContext[16];
|
|
};
|
|
//---
|
|
struct SCOPE_TABLE_ARM
|
|
{
|
|
uint Count;
|
|
uint BeginAddress;
|
|
uint EndAddress;
|
|
uint HandlerAddress;
|
|
uint JumpTarget;
|
|
};
|
|
//---
|
|
struct DISPATCHER_CONTEXT_ARM64
|
|
{
|
|
ulong ControlPc;
|
|
ulong ImageBase;
|
|
PVOID FunctionEntry;
|
|
ulong EstablisherFrame;
|
|
ulong TargetPc;
|
|
PVOID ContextRecord;
|
|
PVOID LanguageHandler;
|
|
PVOID HandlerData;
|
|
PVOID HistoryTable;
|
|
uint ScopeIndex;
|
|
uchar ControlPcIsUnwound;
|
|
PVOID NonVolatileRegisters;
|
|
};
|
|
//---
|
|
struct KNONVOLATILE_CONTEXT_POINTERS_ARM64
|
|
{
|
|
PVOID X19;
|
|
PVOID X20;
|
|
PVOID X21;
|
|
PVOID X22;
|
|
PVOID X23;
|
|
PVOID X24;
|
|
PVOID X25;
|
|
PVOID X26;
|
|
PVOID X27;
|
|
PVOID X28;
|
|
PVOID Fp;
|
|
PVOID Lr;
|
|
PVOID D8;
|
|
PVOID D9;
|
|
PVOID D10;
|
|
PVOID D11;
|
|
PVOID D12;
|
|
PVOID D13;
|
|
PVOID D14;
|
|
PVOID D15;
|
|
};
|
|
//---
|
|
struct FLOATING_SAVE_AREA
|
|
{
|
|
uint Controlushort;
|
|
uint Statusushort;
|
|
uint Tagushort;
|
|
uint ErrorOffset;
|
|
uint ErrorSelector;
|
|
uint DataOffset;
|
|
uint DataSelector;
|
|
uchar RegisterArea[SIZE_OF_80387_REGISTERS];
|
|
uint Spare0;
|
|
};
|
|
//---
|
|
struct CONTEXT
|
|
{
|
|
ulong P1Home;
|
|
ulong P2Home;
|
|
ulong P3Home;
|
|
ulong P4Home;
|
|
ulong P5Home;
|
|
ulong P6Home;
|
|
uint ContextFlags;
|
|
uint MxCsr;
|
|
ushort SegCs;
|
|
ushort SegDs;
|
|
ushort SegEs;
|
|
ushort SegFs;
|
|
ushort SegGs;
|
|
ushort SegSs;
|
|
uint EFlags;
|
|
ulong Dr0;
|
|
ulong Dr1;
|
|
ulong Dr2;
|
|
ulong Dr3;
|
|
ulong Dr6;
|
|
ulong Dr7;
|
|
ulong Rax;
|
|
ulong Rcx;
|
|
ulong Rdx;
|
|
ulong Rbx;
|
|
ulong Rsp;
|
|
ulong Rbp;
|
|
ulong Rsi;
|
|
ulong Rdi;
|
|
ulong R8;
|
|
ulong R9;
|
|
ulong R10;
|
|
ulong R11;
|
|
ulong R12;
|
|
ulong R13;
|
|
ulong R14;
|
|
ulong R15;
|
|
ulong Rip;
|
|
M128A Header[2];
|
|
M128A Legacy[8];
|
|
M128A Xmm0;
|
|
M128A Xmm1;
|
|
M128A Xmm2;
|
|
M128A Xmm3;
|
|
M128A Xmm4;
|
|
M128A Xmm5;
|
|
M128A Xmm6;
|
|
M128A Xmm7;
|
|
M128A Xmm8;
|
|
M128A Xmm9;
|
|
M128A Xmm10;
|
|
M128A Xmm11;
|
|
M128A Xmm12;
|
|
M128A Xmm13;
|
|
M128A Xmm14;
|
|
M128A Xmm15;
|
|
M128A VectorRegister[26];
|
|
ulong VectorControl;
|
|
ulong DebugControl;
|
|
ulong LastBranchToRip;
|
|
ulong LastBranchFromRip;
|
|
ulong LastExceptionToRip;
|
|
ulong LastExceptionFromRip;
|
|
};
|
|
//---
|
|
struct WOW64_FLOATING_SAVE_AREA
|
|
{
|
|
uint Controlushort;
|
|
uint Statusushort;
|
|
uint Tagushort;
|
|
uint ErrorOffset;
|
|
uint ErrorSelector;
|
|
uint DataOffset;
|
|
uint DataSelector;
|
|
uchar RegisterArea[WOW64_SIZE_OF_80387_REGISTERS];
|
|
uint Cr0NpxState;
|
|
};
|
|
//---
|
|
struct WOW64_CONTEXT
|
|
{
|
|
uint ContextFlags;
|
|
uint Dr0;
|
|
uint Dr1;
|
|
uint Dr2;
|
|
uint Dr3;
|
|
uint Dr6;
|
|
uint Dr7;
|
|
WOW64_FLOATING_SAVE_AREA FloatSave;
|
|
uint SegGs;
|
|
uint SegFs;
|
|
uint SegEs;
|
|
uint SegDs;
|
|
uint Edi;
|
|
uint Esi;
|
|
uint Ebx;
|
|
uint Edx;
|
|
uint Ecx;
|
|
uint Eax;
|
|
uint Ebp;
|
|
uint Eip;
|
|
uint SegCs;
|
|
uint EFlags;
|
|
uint Esp;
|
|
uint SegSs;
|
|
uchar ExtendedRegisters[WOW64_MAXIMUM_SUPPORTED_EXTENSION];
|
|
};
|
|
//---
|
|
struct WOW64_LDT_ENTRY
|
|
{
|
|
uint LimitLow;
|
|
uint BaseLow;
|
|
uchar BaseMid;
|
|
uchar Flags1;
|
|
uchar Flags2;
|
|
uchar BaseHi;
|
|
};
|
|
//---
|
|
struct WOW64_DESCRIPTOR_TABLE_ENTRY
|
|
{
|
|
uint Selector;
|
|
WOW64_LDT_ENTRY Descriptor;
|
|
};
|
|
//---
|
|
struct EXCEPTION_RECORD
|
|
{
|
|
uint ExceptionCode;
|
|
uint ExceptionFlags;
|
|
PVOID ExceptionRecord;
|
|
PVOID ExceptionAddress;
|
|
uint NumberParameters;
|
|
PVOID ExceptionInformation[EXCEPTION_MAXIMUM_PARAMETERS];
|
|
};
|
|
//---
|
|
struct EXCEPTION_RECORD32
|
|
{
|
|
uint ExceptionCode;
|
|
uint ExceptionFlags;
|
|
uint ExceptionRecord;
|
|
uint ExceptionAddress;
|
|
uint NumberParameters;
|
|
uint ExceptionInformation[EXCEPTION_MAXIMUM_PARAMETERS];
|
|
};
|
|
//---
|
|
struct EXCEPTION_RECORD64
|
|
{
|
|
uint ExceptionCode;
|
|
uint ExceptionFlags;
|
|
ulong ExceptionRecord;
|
|
ulong ExceptionAddress;
|
|
uint NumberParameters;
|
|
uint __unusedAlignment;
|
|
ulong ExceptionInformation[EXCEPTION_MAXIMUM_PARAMETERS];
|
|
};
|
|
//---
|
|
struct EXCEPTION_POINTERS
|
|
{
|
|
PVOID ExceptionRecord;
|
|
PVOID ContextRecord;
|
|
};
|
|
//---
|
|
struct GENERIC_MAPPING
|
|
{
|
|
uint GenericRead;
|
|
uint GenericWrite;
|
|
uint GenericExecute;
|
|
uint GenericAll;
|
|
};
|
|
//---
|
|
struct LUID_AND_ATTRIBUTES
|
|
{
|
|
LUID Luid;
|
|
uint Attributes;
|
|
};
|
|
//---
|
|
struct SID_IDENTIFIER_AUTHORITY
|
|
{
|
|
uchar Value[6];
|
|
};
|
|
//---
|
|
//---
|
|
struct SID
|
|
{
|
|
uchar Revision;
|
|
uchar SubAuthorityCount;
|
|
SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
|
|
uint SubAuthority[ANYSIZE_ARRAY];
|
|
};
|
|
//---
|
|
struct SID_AND_ATTRIBUTES
|
|
{
|
|
SID Sid;
|
|
uint Attributes;
|
|
};
|
|
//---
|
|
struct SID_AND_ATTRIBUTES_HASH
|
|
{
|
|
uint SidCount;
|
|
PVOID SidAttr;
|
|
ulong Hash[SID_HASH_SIZE];
|
|
};
|
|
//---
|
|
struct ACL
|
|
{
|
|
uchar AclRevision;
|
|
uchar Sbz1;
|
|
ushort AclSize;
|
|
ushort AceCount;
|
|
ushort Sbz2;
|
|
};
|
|
//---
|
|
struct ACE_HEADER
|
|
{
|
|
uchar AceType;
|
|
uchar AceFlags;
|
|
ushort AceSize;
|
|
};
|
|
//---
|
|
struct ACCESS_ALLOWED_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct ACCESS_DENIED_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct SYSTEM_AUDIT_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct SYSTEM_ALARM_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct SYSTEM_RESOURCE_ATTRIBUTE_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct SYSTEM_SCOPED_POLICY_ID_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct SYSTEM_MANDATORY_LABEL_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct SYSTEM_PROCESS_TRUST_LABEL_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct SYSTEM_ACCESS_FILTER_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct ACCESS_ALLOWED_OBJECT_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint Flags;
|
|
GUID ObjectType;
|
|
GUID InheritedObjectType;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct ACCESS_DENIED_OBJECT_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint Flags;
|
|
GUID ObjectType;
|
|
GUID InheritedObjectType;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct SYSTEM_AUDIT_OBJECT_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint Flags;
|
|
GUID ObjectType;
|
|
GUID InheritedObjectType;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct SYSTEM_ALARM_OBJECT_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint Flags;
|
|
GUID ObjectType;
|
|
GUID InheritedObjectType;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct ACCESS_ALLOWED_CALLBACK_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct ACCESS_DENIED_CALLBACK_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct SYSTEM_AUDIT_CALLBACK_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct SYSTEM_ALARM_CALLBACK_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct ACCESS_ALLOWED_CALLBACK_OBJECT_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint Flags;
|
|
GUID ObjectType;
|
|
GUID InheritedObjectType;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct ACCESS_DENIED_CALLBACK_OBJECT_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint Flags;
|
|
GUID ObjectType;
|
|
GUID InheritedObjectType;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct SYSTEM_AUDIT_CALLBACK_OBJECT_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint Flags;
|
|
GUID ObjectType;
|
|
GUID InheritedObjectType;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct SYSTEM_ALARM_CALLBACK_OBJECT_ACE
|
|
{
|
|
ACE_HEADER Header;
|
|
uint Mask;
|
|
uint Flags;
|
|
GUID ObjectType;
|
|
GUID InheritedObjectType;
|
|
uint SidStart;
|
|
};
|
|
//---
|
|
struct ACL_REVISION_INFORMATION
|
|
{
|
|
uint AclRevision;
|
|
};
|
|
//---
|
|
struct ACL_SIZE_INFORMATION
|
|
{
|
|
uint AceCount;
|
|
uint AclBytesInUse;
|
|
uint AclBytesFree;
|
|
};
|
|
//---
|
|
struct SECURITY_DESCRIPTOR_RELATIVE
|
|
{
|
|
uchar Revision;
|
|
uchar Sbz1;
|
|
ushort Control;
|
|
uint Owner;
|
|
uint Group;
|
|
uint Sacl;
|
|
uint Dacl;
|
|
};
|
|
//---
|
|
struct SECURITY_DESCRIPTOR
|
|
{
|
|
uchar Revision;
|
|
uchar Sbz1;
|
|
ushort Control;
|
|
uchar offset[4];
|
|
PVOID Owner;
|
|
PVOID Group;
|
|
PVOID Sacl;
|
|
PVOID Dacl;
|
|
};
|
|
//---
|
|
struct SECURITY_OBJECT_AI_PARAMS
|
|
{
|
|
uint Size;
|
|
uint ConstraintMask;
|
|
};
|
|
//---
|
|
struct OBJECT_TYPE_LIST
|
|
{
|
|
ushort Level;
|
|
ushort Sbz;
|
|
GUID ObjectType;
|
|
};
|
|
//---
|
|
struct PRIVILEGE_SET
|
|
{
|
|
uint PrivilegeCount;
|
|
uint Control;
|
|
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY];
|
|
};
|
|
//---
|
|
struct ACCESS_REASONS
|
|
{
|
|
uint Data[32];
|
|
};
|
|
//---
|
|
struct SE_SECURITY_DESCRIPTOR
|
|
{
|
|
uint Size;
|
|
uint Flags;
|
|
PVOID SecurityDescriptor;
|
|
};
|
|
//---
|
|
struct SE_ACCESS_REQUEST
|
|
{
|
|
uint Size;
|
|
PVOID SeSecurityDescriptor;
|
|
uint DesiredAccess;
|
|
uint PreviouslyGrantedAccess;
|
|
PVOID PrincipalSelfSid;
|
|
PVOID GenericMapping;
|
|
uint ObjectTypeListCount;
|
|
PVOID ObjectTypeList;
|
|
};
|
|
//---
|
|
struct SE_ACCESS_REPLY
|
|
{
|
|
uint Size;
|
|
uint ResultListCount;
|
|
PVOID GrantedAccess;
|
|
uint AccessStatus;
|
|
PVOID AccessReason;
|
|
PVOID Privileges;
|
|
};
|
|
//---
|
|
struct TOKEN_USER
|
|
{
|
|
SID_AND_ATTRIBUTES User;
|
|
};
|
|
//---
|
|
struct SE_TOKEN_USER
|
|
{
|
|
TOKEN_USER TokenUser;
|
|
SID Sid;
|
|
};
|
|
//---
|
|
struct TOKEN_GROUPS
|
|
{
|
|
uint GroupCount;
|
|
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
|
|
};
|
|
//---
|
|
struct TOKEN_PRIVILEGES
|
|
{
|
|
uint PrivilegeCount;
|
|
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY];
|
|
};
|
|
//---
|
|
struct TOKEN_OWNER
|
|
{
|
|
PVOID Owner;
|
|
};
|
|
//---
|
|
struct TOKEN_PRIMARY_GROUP
|
|
{
|
|
PVOID PrimaryGroup;
|
|
};
|
|
//---
|
|
struct TOKEN_DEFAULT_DACL
|
|
{
|
|
PVOID DefaultDacl;
|
|
};
|
|
//---
|
|
struct TOKEN_USER_CLAIMS
|
|
{
|
|
PVOID UserClaims;
|
|
};
|
|
//---
|
|
struct TOKEN_DEVICE_CLAIMS
|
|
{
|
|
PVOID DeviceClaims;
|
|
};
|
|
//---
|
|
struct TOKEN_GROUPS_AND_PRIVILEGES
|
|
{
|
|
uint SidCount;
|
|
uint SidLength;
|
|
PVOID Sids;
|
|
uint RestrictedSidCount;
|
|
uint RestrictedSidLength;
|
|
PVOID RestrictedSids;
|
|
uint PrivilegeCount;
|
|
uint PrivilegeLength;
|
|
PVOID Privileges;
|
|
LUID AuthenticationId;
|
|
};
|
|
//---
|
|
struct TOKEN_LINKED_TOKEN
|
|
{
|
|
HANDLE LinkedToken;
|
|
};
|
|
//---
|
|
struct TOKEN_ELEVATION
|
|
{
|
|
uint TokenIsElevated;
|
|
};
|
|
//---
|
|
struct TOKEN_MANDATORY_LABEL
|
|
{
|
|
SID_AND_ATTRIBUTES Label;
|
|
};
|
|
//---
|
|
struct TOKEN_MANDATORY_POLICY
|
|
{
|
|
uint Policy;
|
|
};
|
|
//---
|
|
struct TOKEN_ACCESS_INFORMATION
|
|
{
|
|
PVOID SidHash;
|
|
PVOID RestrictedSidHash;
|
|
PVOID Privileges;
|
|
LUID AuthenticationId;
|
|
TOKEN_TYPE TokenType;
|
|
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
|
|
TOKEN_MANDATORY_POLICY MandatoryPolicy;
|
|
uint Flags;
|
|
uint AppContainerNumber;
|
|
PVOID PackageSid;
|
|
PVOID CapabilitiesHash;
|
|
PVOID TrustLevelSid;
|
|
PVOID SecurityAttributes;
|
|
};
|
|
//---
|
|
struct TOKEN_AUDIT_POLICY
|
|
{
|
|
uchar PerUserPolicy[((POLICY_AUDIT_SUBCATEGORY_COUNT)>>1)+1];
|
|
};
|
|
//---
|
|
struct TOKEN_SOURCE
|
|
{
|
|
char SourceName[TOKEN_SOURCE_LENGTH];
|
|
LUID SourceIdentifier;
|
|
};
|
|
//---
|
|
struct TOKEN_STATISTICS
|
|
{
|
|
LUID TokenId;
|
|
LUID AuthenticationId;
|
|
long ExpirationTime;
|
|
TOKEN_TYPE TokenType;
|
|
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
|
|
uint DynamicCharged;
|
|
uint DynamicAvailable;
|
|
uint GroupCount;
|
|
uint PrivilegeCount;
|
|
LUID ModifiedId;
|
|
};
|
|
//---
|
|
struct TOKEN_CONTROL
|
|
{
|
|
LUID TokenId;
|
|
LUID AuthenticationId;
|
|
LUID ModifiedId;
|
|
TOKEN_SOURCE TokenSource;
|
|
};
|
|
//---
|
|
struct TOKEN_ORIGIN
|
|
{
|
|
LUID OriginatingLogonSession;
|
|
};
|
|
//---
|
|
struct TOKEN_APPCONTAINER_INFORMATION
|
|
{
|
|
PVOID TokenAppContainer;
|
|
};
|
|
//---
|
|
struct TOKEN_SID_INFORMATION
|
|
{
|
|
PVOID Sid;
|
|
};
|
|
//---
|
|
struct TOKEN_BNO_ISOLATION_INFORMATION
|
|
{
|
|
string IsolationPrefix;
|
|
uchar IsolationEnabled;
|
|
};
|
|
//---
|
|
struct CLAIM_SECURITY_ATTRIBUTE_FQBN_VALUE
|
|
{
|
|
ulong Version;
|
|
string Name;
|
|
};
|
|
//---
|
|
struct CLAIM_SECURITY_ATTRIBUTE_OCTET_STRING_VALUE
|
|
{
|
|
PVOID pValue;
|
|
uint ValueLength;
|
|
};
|
|
//---
|
|
struct CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1
|
|
{
|
|
uint Name;
|
|
ushort ValueType;
|
|
ushort Reserved;
|
|
uint Flags;
|
|
uint ValueCount;
|
|
uint pInt64[ANYSIZE_ARRAY];
|
|
};
|
|
//---
|
|
struct Attribute
|
|
{
|
|
ushort Version;
|
|
ushort Reserved;
|
|
uint AttributeCount;
|
|
PVOID pAttributeV1;
|
|
};
|
|
//---
|
|
struct SECURITY_QUALITY_OF_SERVICE
|
|
{
|
|
uint Length;
|
|
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
|
|
uchar ContextTrackingMode;
|
|
uchar EffectiveOnly;
|
|
};
|
|
//---
|
|
struct SE_IMPERSONATION_STATE
|
|
{
|
|
PVOID Token;
|
|
uchar CopyOnOpen;
|
|
uchar EffectiveOnly;
|
|
SECURITY_IMPERSONATION_LEVEL Level;
|
|
};
|
|
//---
|
|
struct SECURITY_CAPABILITIES
|
|
{
|
|
PVOID AppContainerSid;
|
|
PVOID Capabilities;
|
|
uint CapabilityCount;
|
|
uint Reserved;
|
|
};
|
|
//---
|
|
struct JOB_SET_ARRAY
|
|
{
|
|
HANDLE JobHandle;
|
|
uint MemberLevel;
|
|
uint Flags;
|
|
};
|
|
//---
|
|
struct EXCEPTION_REGISTRATION_RECORD
|
|
{
|
|
PVOID Next;
|
|
PVOID Handler;
|
|
};
|
|
//---
|
|
struct NT_TIB
|
|
{
|
|
PVOID ExceptionList;
|
|
PVOID StackBase;
|
|
PVOID StackLimit;
|
|
PVOID SubSystemTib;
|
|
PVOID FiberData;
|
|
PVOID ArbitraryUserPointer;
|
|
PVOID Self;
|
|
};
|
|
//---
|
|
struct UMS_CREATE_THREAD_ATTRIBUTES
|
|
{
|
|
uint UmsVersion;
|
|
PVOID UmsContext;
|
|
PVOID UmsCompletionList;
|
|
};
|
|
//---
|
|
struct WOW64_ARCHITECTURE_INFORMATION
|
|
{
|
|
uint Info;
|
|
};
|
|
//---
|
|
struct QUOTA_LIMITS
|
|
{
|
|
ulong PagedPoolLimit;
|
|
ulong NonPagedPoolLimit;
|
|
ulong MinimumWorkingSetSize;
|
|
ulong MaximumWorkingSetSize;
|
|
ulong PagefileLimit;
|
|
long TimeLimit;
|
|
};
|
|
//---
|
|
struct QUOTA_LIMITS_EX
|
|
{
|
|
ulong PagedPoolLimit;
|
|
ulong NonPagedPoolLimit;
|
|
ulong MinimumWorkingSetSize;
|
|
ulong MaximumWorkingSetSize;
|
|
ulong PagefileLimit;
|
|
long TimeLimit;
|
|
ulong WorkingSetLimit;
|
|
ulong Reserved2;
|
|
ulong Reserved3;
|
|
ulong Reserved4;
|
|
uint Flags;
|
|
uint CpuRateLimit;
|
|
};
|
|
//---
|
|
struct IO_COUNTERS
|
|
{
|
|
ulong ReadOperationCount;
|
|
ulong WriteOperationCount;
|
|
ulong OtherOperationCount;
|
|
ulong ReadTransferCount;
|
|
ulong WriteTransferCount;
|
|
ulong OtherTransferCount;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_BASIC_ACCOUNTING_INFORMATION
|
|
{
|
|
long TotalUserTime;
|
|
long TotalKernelTime;
|
|
long ThisPeriodTotalUserTime;
|
|
long ThisPeriodTotalKernelTime;
|
|
uint TotalPageFaultCount;
|
|
uint TotalProcesses;
|
|
uint ActiveProcesses;
|
|
uint TotalTerminatedProcesses;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_BASIC_LIMIT_INFORMATION
|
|
{
|
|
long PerProcessUserTimeLimit;
|
|
long PerJobUserTimeLimit;
|
|
uint LimitFlags;
|
|
ulong MinimumWorkingSetSize;
|
|
ulong MaximumWorkingSetSize;
|
|
uint ActiveProcessLimit;
|
|
ulong Affinity;
|
|
uint PriorityClass;
|
|
uint SchedulingClass;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_EXTENDED_LIMIT_INFORMATION
|
|
{
|
|
JOBOBJECT_BASIC_LIMIT_INFORMATION BasicLimitInformation;
|
|
IO_COUNTERS IoInfo;
|
|
ulong ProcessMemoryLimit;
|
|
ulong JobMemoryLimit;
|
|
ulong PeakProcessMemoryUsed;
|
|
ulong PeakJobMemoryUsed;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_BASIC_PROCESS_ID_LIST
|
|
{
|
|
uint NumberOfAssignedProcesses;
|
|
uint NumberOfProcessIdsInList;
|
|
ulong ProcessIdList[1];
|
|
};
|
|
//---
|
|
struct JOBOBJECT_BASIC_UI_RESTRICTIONS
|
|
{
|
|
uint UIRestrictionsClass;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_SECURITY_LIMIT_INFORMATION
|
|
{
|
|
uint SecurityLimitFlags;
|
|
HANDLE JobToken;
|
|
PVOID SidsToDisable;
|
|
PVOID PrivilegesToDelete;
|
|
PVOID RestrictedSids;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_END_OF_JOB_TIME_INFORMATION
|
|
{
|
|
uint EndOfJobTimeAction;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_ASSOCIATE_COMPLETION_PORT
|
|
{
|
|
PVOID CompletionKey;
|
|
HANDLE CompletionPort;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_BASIC_AND_IO_ACCOUNTING_INFORMATION
|
|
{
|
|
JOBOBJECT_BASIC_ACCOUNTING_INFORMATION BasicInfo;
|
|
IO_COUNTERS IoInfo;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_JOBSET_INFORMATION
|
|
{
|
|
uint MemberLevel;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_NOTIFICATION_LIMIT_INFORMATION
|
|
{
|
|
ulong IoReadBytesLimit;
|
|
ulong IoWriteBytesLimit;
|
|
long PerJobUserTimeLimit;
|
|
ulong JobMemoryLimit;
|
|
JOBOBJECT_RATE_CONTROL_TOLERANCE RateControlTolerance;
|
|
JOBOBJECT_RATE_CONTROL_TOLERANCE_INTERVAL RateControlToleranceInterval;
|
|
uint LimitFlags;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_LIMIT_VIOLATION_INFORMATION
|
|
{
|
|
uint LimitFlags;
|
|
uint ViolationLimitFlags;
|
|
ulong IoReadBytes;
|
|
ulong IoReadBytesLimit;
|
|
ulong IoWriteBytes;
|
|
ulong IoWriteBytesLimit;
|
|
long PerJobUserTime;
|
|
long PerJobUserTimeLimit;
|
|
ulong JobMemory;
|
|
ulong JobMemoryLimit;
|
|
JOBOBJECT_RATE_CONTROL_TOLERANCE RateControlTolerance;
|
|
JOBOBJECT_RATE_CONTROL_TOLERANCE RateControlToleranceLimit;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_NET_RATE_CONTROL_INFORMATION
|
|
{
|
|
ulong MaxBandwidth;
|
|
JOB_OBJECT_NET_RATE_CONTROL_FLAGS ControlFlags;
|
|
uchar DscpTag;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_IO_RATE_CONTROL_INFORMATION_NATIVE
|
|
{
|
|
long MaxIops;
|
|
long MaxBandwidth;
|
|
long ReservationIops;
|
|
string VolumeName;
|
|
uint BaseIoSize;
|
|
JOB_OBJECT_IO_RATE_CONTROL_FLAGS ControlFlags;
|
|
ushort VolumeNameLength;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_IO_RATE_CONTROL_INFORMATION_NATIVE_V2
|
|
{
|
|
long MaxIops;
|
|
long MaxBandwidth;
|
|
long ReservationIops;
|
|
string VolumeName;
|
|
uint BaseIoSize;
|
|
JOB_OBJECT_IO_RATE_CONTROL_FLAGS ControlFlags;
|
|
ushort VolumeNameLength;
|
|
long CriticalReservationIops;
|
|
long ReservationBandwidth;
|
|
long CriticalReservationBandwidth;
|
|
long MaxTimePercent;
|
|
long ReservationTimePercent;
|
|
long CriticalReservationTimePercent;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_IO_RATE_CONTROL_INFORMATION_NATIVE_V3
|
|
{
|
|
long MaxIops;
|
|
long MaxBandwidth;
|
|
long ReservationIops;
|
|
string VolumeName;
|
|
uint BaseIoSize;
|
|
JOB_OBJECT_IO_RATE_CONTROL_FLAGS ControlFlags;
|
|
ushort VolumeNameLength;
|
|
long CriticalReservationIops;
|
|
long ReservationBandwidth;
|
|
long CriticalReservationBandwidth;
|
|
long MaxTimePercent;
|
|
long ReservationTimePercent;
|
|
long CriticalReservationTimePercent;
|
|
long SoftMaxIops;
|
|
long SoftMaxBandwidth;
|
|
long SoftMaxTimePercent;
|
|
long LimitExcessNotifyIops;
|
|
long LimitExcessNotifyBandwidth;
|
|
long LimitExcessNotifyTimePercent;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_IO_ATTRIBUTION_STATS
|
|
{
|
|
ulong IoCount;
|
|
ulong TotalNonOverlappedQueueTime;
|
|
ulong TotalNonOverlappedServiceTime;
|
|
ulong TotalSize;
|
|
};
|
|
//---
|
|
struct JOBOBJECT_IO_ATTRIBUTION_INFORMATION
|
|
{
|
|
uint ControlFlags;
|
|
JOBOBJECT_IO_ATTRIBUTION_STATS ReadStats;
|
|
JOBOBJECT_IO_ATTRIBUTION_STATS WriteStats;
|
|
};
|
|
//---
|
|
struct SILOOBJECT_BASIC_INFORMATION
|
|
{
|
|
uint SiloId;
|
|
uint SiloParentId;
|
|
uint NumberOfProcesses;
|
|
uchar IsInServerSilo;
|
|
uchar Reserved[3];
|
|
};
|
|
//---
|
|
struct SERVERSILO_BASIC_INFORMATION
|
|
{
|
|
uint ServiceSessionId;
|
|
SERVERSILO_STATE State;
|
|
uint ExitStatus;
|
|
};
|
|
//---
|
|
struct CACHE_DESCRIPTOR
|
|
{
|
|
uchar Level;
|
|
uchar Associativity;
|
|
ushort LineSize;
|
|
uint Size;
|
|
PROCESSOR_CACHE_TYPE Type;
|
|
};
|
|
//---
|
|
struct ProcessorCore
|
|
{
|
|
ulong ProcessorMask;
|
|
LOGICAL_PROCESSOR_RELATIONSHIP Relationship;
|
|
uchar Flags;
|
|
};
|
|
//---
|
|
struct PROCESSOR_RELATIONSHIP
|
|
{
|
|
uchar Flags;
|
|
uchar EfficiencyClass;
|
|
uchar Reserved[20];
|
|
ushort GroupCount;
|
|
GROUP_AFFINITY GroupMask[ANYSIZE_ARRAY];
|
|
};
|
|
//---
|
|
struct NUMA_NODE_RELATIONSHIP
|
|
{
|
|
uint NodeNumber;
|
|
uchar Reserved[20];
|
|
GROUP_AFFINITY GroupMask;
|
|
};
|
|
//---
|
|
struct CACHE_RELATIONSHIP
|
|
{
|
|
uchar Level;
|
|
uchar Associativity;
|
|
ushort LineSize;
|
|
uint CacheSize;
|
|
PROCESSOR_CACHE_TYPE Type;
|
|
uchar Reserved[20];
|
|
GROUP_AFFINITY GroupMask;
|
|
};
|
|
//---
|
|
struct PROCESSOR_GROUP_INFO
|
|
{
|
|
uchar MaximumProcessorCount;
|
|
uchar ActiveProcessorCount;
|
|
uchar Reserved[38];
|
|
ulong ActiveProcessorMask;
|
|
};
|
|
//---
|
|
struct GROUP_RELATIONSHIP
|
|
{
|
|
ushort MaximumGroupCount;
|
|
ushort ActiveGroupCount;
|
|
uchar Reserved[20];
|
|
PROCESSOR_GROUP_INFO GroupInfo[ANYSIZE_ARRAY];
|
|
};
|
|
//---
|
|
struct SYSTEM_PROCESSOR_CYCLE_TIME_INFORMATION
|
|
{
|
|
ulong CycleTime;
|
|
};
|
|
//---
|
|
struct XSTATE_FEATURE
|
|
{
|
|
uint Offset;
|
|
uint Size;
|
|
};
|
|
//---
|
|
struct XSTATE_CONFIGURATION
|
|
{
|
|
ulong EnabledFeatures;
|
|
ulong EnabledVolatileFeatures;
|
|
uint Size;
|
|
uint ControlFlags;
|
|
XSTATE_FEATURE Features[MAXIMUM_XSTATE_FEATURES];
|
|
ulong EnabledSupervisorFeatures;
|
|
ulong AlignedFeatures;
|
|
uint AllFeatureSize;
|
|
uint AllFeatures[MAXIMUM_XSTATE_FEATURES];
|
|
};
|
|
//---
|
|
struct MEMORY_BASIC_INFORMATION
|
|
{
|
|
PVOID BaseAddress;
|
|
PVOID AllocationBase;
|
|
uint AllocationProtect;
|
|
ulong RegionSize;
|
|
uint State;
|
|
uint Protect;
|
|
uint Type;
|
|
};
|
|
//---
|
|
struct MEMORY_BASIC_INFORMATION32
|
|
{
|
|
uint BaseAddress;
|
|
uint AllocationBase;
|
|
uint AllocationProtect;
|
|
uint RegionSize;
|
|
uint State;
|
|
uint Protect;
|
|
uint Type;
|
|
};
|
|
//---
|
|
struct MEMORY_BASIC_INFORMATION64
|
|
{
|
|
ulong BaseAddress;
|
|
ulong AllocationBase;
|
|
uint AllocationProtect;
|
|
uint __alignment1;
|
|
ulong RegionSize;
|
|
uint State;
|
|
uint Protect;
|
|
uint Type;
|
|
uint __alignment2;
|
|
};
|
|
//---
|
|
struct CFG_CALL_TARGET_INFO
|
|
{
|
|
ulong Offset;
|
|
ulong Flags;
|
|
};
|
|
//---
|
|
struct MEM_ADDRESS_REQUIREMENTS
|
|
{
|
|
PVOID LowestStartingAddress;
|
|
PVOID HighestEndingAddress;
|
|
ulong Alignment;
|
|
};
|
|
//---
|
|
struct ENCLAVE_CREATE_INFO_SGX
|
|
{
|
|
uchar Secs[4096];
|
|
};
|
|
//---
|
|
struct ENCLAVE_INIT_INFO_SGX
|
|
{
|
|
uchar SigStruct[1808];
|
|
uchar Reserved1[240];
|
|
uchar EInitToken[304];
|
|
uchar Reserved2[1744];
|
|
};
|
|
//---
|
|
struct ENCLAVE_CREATE_INFO_VBS
|
|
{
|
|
uint Flags;
|
|
uchar OwnerID[32];
|
|
};
|
|
//---
|
|
struct ENCLAVE_INIT_INFO_VBS
|
|
{
|
|
uint Length;
|
|
uint ThreadCount;
|
|
};
|
|
//---
|
|
struct FILE_ID_128
|
|
{
|
|
uchar Identifier[16];
|
|
};
|
|
//---
|
|
struct FILE_NOTIFY_INFORMATION
|
|
{
|
|
uint NextEntryOffset;
|
|
uint Action;
|
|
uint FileNameLength;
|
|
short FileName[1];
|
|
};
|
|
//---
|
|
struct FILE_NOTIFY_EXTENDED_INFORMATION
|
|
{
|
|
uint NextEntryOffset;
|
|
uint Action;
|
|
long CreationTime;
|
|
long LastModificationTime;
|
|
long LastChangeTime;
|
|
long LastAccessTime;
|
|
long AllocatedLength;
|
|
long FileSize;
|
|
uint FileAttributes;
|
|
uint ReparsePointTag;
|
|
long FileId;
|
|
long ParentFileId;
|
|
uint FileNameLength;
|
|
short FileName[1];
|
|
};
|
|
//---
|
|
struct GenericReparseBuffer
|
|
{
|
|
uint ReparseTag;
|
|
ushort ReparseDataLength;
|
|
ushort Reserved;
|
|
GUID ReparseGuid;
|
|
uchar DataBuffer[1];
|
|
};
|
|
//---
|
|
struct SCRUB_DATA_INPUT
|
|
{
|
|
uint Size;
|
|
uint Flags;
|
|
uint MaximumIos;
|
|
uint ObjectId[4];
|
|
uint Reserved[13];
|
|
uchar ResumeContext[816];
|
|
};
|
|
//---
|
|
struct SCRUB_PARITY_EXTENT
|
|
{
|
|
long Offset;
|
|
ulong Length;
|
|
};
|
|
//---
|
|
struct SCRUB_PARITY_EXTENT_DATA
|
|
{
|
|
ushort Size;
|
|
ushort Flags;
|
|
ushort NumberOfParityExtents;
|
|
ushort MaximumNumberOfParityExtents;
|
|
SCRUB_PARITY_EXTENT ParityExtents[ANYSIZE_ARRAY];
|
|
};
|
|
//---
|
|
struct SCRUB_DATA_OUTPUT
|
|
{
|
|
uint Size;
|
|
uint Flags;
|
|
uint Status;
|
|
ulong ErrorFileOffset;
|
|
ulong ErrorLength;
|
|
ulong NumberOfBytesRepaired;
|
|
ulong NumberOfBytesFailed;
|
|
ulong InternalFileReference;
|
|
ushort ResumeContextLength;
|
|
ushort ParityExtentDataOffset;
|
|
uint Reserved[5];
|
|
uchar ResumeContext[816];
|
|
};
|
|
//---
|
|
struct SHARED_VIRTUAL_DISK_SUPPORT
|
|
{
|
|
SharedVirtualDiskSupportType SharedVirtualDiskSupport;
|
|
SharedVirtualDiskHandleState HandleState;
|
|
};
|
|
//---
|
|
struct NETWORK_APP_INSTANCE_EA
|
|
{
|
|
GUID AppInstanceID;
|
|
uint CsvFlags;
|
|
};
|
|
//---
|
|
struct CM_POWER_DATA
|
|
{
|
|
uint PD_Size;
|
|
DEVICE_POWER_STATE PD_MostRecentPowerState;
|
|
uint PD_Capabilities;
|
|
uint PD_D1Latency;
|
|
uint PD_D2Latency;
|
|
uint PD_D3Latency;
|
|
DEVICE_POWER_STATE PD_PowerStateMapping[POWER_SYSTEM_MAXIMUM];
|
|
SYSTEM_POWER_STATE PD_DeepestSystemWake;
|
|
};
|
|
//---
|
|
struct POWER_USER_PRESENCE
|
|
{
|
|
POWER_USER_PRESENCE_TYPE UserPresence;
|
|
};
|
|
//---
|
|
struct POWER_SESSION_CONNECT
|
|
{
|
|
uchar Connected;
|
|
uchar Console;
|
|
};
|
|
//---
|
|
struct POWER_SESSION_TIMEOUTS
|
|
{
|
|
uint InputTimeout;
|
|
uint DisplayTimeout;
|
|
};
|
|
//---
|
|
struct POWER_SESSION_RIT_STATE
|
|
{
|
|
uchar Active;
|
|
uint LastInputTime;
|
|
};
|
|
//---
|
|
struct POWER_SESSION_WINLOGON
|
|
{
|
|
uint SessionId;
|
|
uchar Console;
|
|
uchar Locked;
|
|
};
|
|
//---
|
|
struct POWER_IDLE_RESILIENCY
|
|
{
|
|
uint CoalescingTimeout;
|
|
uint IdleResiliencyPeriod;
|
|
};
|
|
//---
|
|
struct POWER_MONITOR_INVOCATION
|
|
{
|
|
uchar Console;
|
|
POWER_MONITOR_REQUEST_REASON RequestReason;
|
|
};
|
|
//---
|
|
struct RESUME_PERFORMANCE
|
|
{
|
|
uint PostTimeMs;
|
|
ulong TotalResumeTimeMs;
|
|
ulong ResumeCompleteTimestamp;
|
|
};
|
|
//---
|
|
struct APPLICATIONLAUNCH_SETTING_VALUE
|
|
{
|
|
long ActivationTime;
|
|
uint Flags;
|
|
uint ButtonInstanceID;
|
|
};
|
|
//---
|
|
struct POWER_PLATFORM_INFORMATION
|
|
{
|
|
uchar AoAc;
|
|
};
|
|
//---
|
|
struct POWER_ACTION_POLICY
|
|
{
|
|
POWER_ACTION Action;
|
|
uint Flags;
|
|
uint EventCode;
|
|
};
|
|
//---
|
|
struct SYSTEM_POWER_LEVEL
|
|
{
|
|
uchar Enable;
|
|
uchar Spare[3];
|
|
uint BatteryLevel;
|
|
POWER_ACTION_POLICY PowerPolicy;
|
|
SYSTEM_POWER_STATE MinSystemState;
|
|
};
|
|
//---
|
|
struct SYSTEM_POWER_POLICY
|
|
{
|
|
uint Revision;
|
|
POWER_ACTION_POLICY PowerButton;
|
|
POWER_ACTION_POLICY SleepButton;
|
|
POWER_ACTION_POLICY LidClose;
|
|
SYSTEM_POWER_STATE LidOpenWake;
|
|
uint Reserved;
|
|
POWER_ACTION_POLICY Idle;
|
|
uint IdleTimeout;
|
|
uchar IdleSensitivity;
|
|
uchar DynamicThrottle;
|
|
uchar Spare2[2];
|
|
SYSTEM_POWER_STATE MinSleep;
|
|
SYSTEM_POWER_STATE MaxSleep;
|
|
SYSTEM_POWER_STATE ReducedLatencySleep;
|
|
uint WinLogonFlags;
|
|
uint Spare3;
|
|
uint DozeS4Timeout;
|
|
uint BroadcastCapacityResolution;
|
|
SYSTEM_POWER_LEVEL DischargePolicy[NUM_DISCHARGE_POLICIES];
|
|
uint VideoTimeout;
|
|
uchar VideoDimDisplay;
|
|
uint VideoReserved[3];
|
|
uint SpindownTimeout;
|
|
uchar OptimizeForPower;
|
|
uchar FanThrottleTolerance;
|
|
uchar ForcedThrottle;
|
|
uchar MinThrottle;
|
|
POWER_ACTION_POLICY OverThrottled;
|
|
};
|
|
//---
|
|
struct PROCESSOR_POWER_POLICY_INFO
|
|
{
|
|
uint TimeCheck;
|
|
uint DemoteLimit;
|
|
uint PromoteLimit;
|
|
uchar DemotePercent;
|
|
uchar PromotePercent;
|
|
uchar Spare[2];
|
|
uint Flags;
|
|
};
|
|
//---
|
|
struct PROCESSOR_POWER_POLICY
|
|
{
|
|
uint Revision;
|
|
uchar DynamicThrottle;
|
|
uchar Spare[3];
|
|
uint Flags;
|
|
uint PolicyCount;
|
|
PROCESSOR_POWER_POLICY_INFO Policy[3];
|
|
};
|
|
//---
|
|
struct ADMINISTRATOR_POWER_POLICY
|
|
{
|
|
SYSTEM_POWER_STATE MinSleep;
|
|
SYSTEM_POWER_STATE MaxSleep;
|
|
uint MinVideoTimeout;
|
|
uint MaxVideoTimeout;
|
|
uint MinSpindownTimeout;
|
|
uint MaxSpindownTimeout;
|
|
};
|
|
//---
|
|
struct HIBERFILE_BUCKET
|
|
{
|
|
ulong MaxPhysicalMemory;
|
|
uint PhysicalMemoryPercent[HIBERFILE_TYPE_MAX];
|
|
};
|
|
//---
|
|
struct IMAGE_DOS_HEADER
|
|
{
|
|
ushort e_magic;
|
|
ushort e_cblp;
|
|
ushort e_cp;
|
|
ushort e_crlc;
|
|
ushort e_cparhdr;
|
|
ushort e_minalloc;
|
|
ushort e_maxalloc;
|
|
ushort e_ss;
|
|
ushort e_sp;
|
|
ushort e_csum;
|
|
ushort e_ip;
|
|
ushort e_cs;
|
|
ushort e_lfarlc;
|
|
ushort e_ovno;
|
|
ushort e_res[4];
|
|
ushort e_oemid;
|
|
ushort e_oeminfo;
|
|
ushort e_res2[10];
|
|
int e_lfanew;
|
|
};
|
|
//---
|
|
struct IMAGE_OS2_HEADER
|
|
{
|
|
ushort ne_magic;
|
|
char ne_ver;
|
|
char ne_rev;
|
|
ushort ne_enttab;
|
|
ushort ne_cbenttab;
|
|
int ne_crc;
|
|
ushort ne_flags;
|
|
ushort ne_autodata;
|
|
ushort ne_heap;
|
|
ushort ne_stack;
|
|
int ne_csip;
|
|
int ne_sssp;
|
|
ushort ne_cseg;
|
|
ushort ne_cmod;
|
|
ushort ne_cbnrestab;
|
|
ushort ne_segtab;
|
|
ushort ne_rsrctab;
|
|
ushort ne_restab;
|
|
ushort ne_modtab;
|
|
ushort ne_imptab;
|
|
int ne_nrestab;
|
|
ushort ne_cmovent;
|
|
ushort ne_align;
|
|
ushort ne_cres;
|
|
uchar ne_exetyp;
|
|
uchar ne_flagsothers;
|
|
ushort ne_pretthunks;
|
|
ushort ne_psegrefbytes;
|
|
ushort ne_swaparea;
|
|
ushort ne_expver;
|
|
};
|
|
//---
|
|
struct IMAGE_VXD_HEADER
|
|
{
|
|
ushort e32_magic;
|
|
uchar e32_border;
|
|
uchar e32_ushorter;
|
|
uint e32_level;
|
|
ushort e32_cpu;
|
|
ushort e32_os;
|
|
uint e32_ver;
|
|
uint e32_mflags;
|
|
uint e32_mpages;
|
|
uint e32_startobj;
|
|
uint e32_eip;
|
|
uint e32_stackobj;
|
|
uint e32_esp;
|
|
uint e32_pagesize;
|
|
uint e32_lastpagesize;
|
|
uint e32_fixupsize;
|
|
uint e32_fixupsum;
|
|
uint e32_ldrsize;
|
|
uint e32_ldrsum;
|
|
uint e32_objtab;
|
|
uint e32_objcnt;
|
|
uint e32_objmap;
|
|
uint e32_itermap;
|
|
uint e32_rsrctab;
|
|
uint e32_rsrccnt;
|
|
uint e32_restab;
|
|
uint e32_enttab;
|
|
uint e32_dirtab;
|
|
uint e32_dircnt;
|
|
uint e32_fpagetab;
|
|
uint e32_frectab;
|
|
uint e32_impmod;
|
|
uint e32_impmodcnt;
|
|
uint e32_impproc;
|
|
uint e32_pagesum;
|
|
uint e32_datapage;
|
|
uint e32_preload;
|
|
uint e32_nrestab;
|
|
uint e32_cbnrestab;
|
|
uint e32_nressum;
|
|
uint e32_autodata;
|
|
uint e32_debuginfo;
|
|
uint e32_debuglen;
|
|
uint e32_instpreload;
|
|
uint e32_instdemand;
|
|
uint e32_heapsize;
|
|
uchar e32_res3[12];
|
|
uint e32_winresoff;
|
|
uint e32_winreslen;
|
|
ushort e32_devid;
|
|
ushort e32_ddkver;
|
|
};
|
|
//---
|
|
struct IMAGE_FILE_HEADER
|
|
{
|
|
ushort Machine;
|
|
ushort NumberOfSections;
|
|
uint TimeDateStamp;
|
|
uint PointerToSymbolTable;
|
|
uint NumberOfSymbols;
|
|
ushort SizeOfOptionalHeader;
|
|
ushort Characteristics;
|
|
};
|
|
//---
|
|
struct IMAGE_DATA_DIRECTORY
|
|
{
|
|
uint VirtualAddress;
|
|
uint Size;
|
|
};
|
|
//---
|
|
struct IMAGE_OPTIONAL_HEADER32
|
|
{
|
|
ushort Magic;
|
|
uchar MajorLinkerVersion;
|
|
uchar MinorLinkerVersion;
|
|
uint SizeOfCode;
|
|
uint SizeOfInitializedData;
|
|
uint SizeOfUninitializedData;
|
|
uint AddressOfEntryPoint;
|
|
uint BaseOfCode;
|
|
uint BaseOfData;
|
|
uint ImageBase;
|
|
uint SectionAlignment;
|
|
uint FileAlignment;
|
|
ushort MajorOperatingSystemVersion;
|
|
ushort MinorOperatingSystemVersion;
|
|
ushort MajorImageVersion;
|
|
ushort MinorImageVersion;
|
|
ushort MajorSubsystemVersion;
|
|
ushort MinorSubsystemVersion;
|
|
uint Win32VersionValue;
|
|
uint SizeOfImage;
|
|
uint SizeOfHeaders;
|
|
uint CheckSum;
|
|
ushort Subsystem;
|
|
ushort DllCharacteristics;
|
|
uint SizeOfStackReserve;
|
|
uint SizeOfStackCommit;
|
|
uint SizeOfHeapReserve;
|
|
uint SizeOfHeapCommit;
|
|
uint LoaderFlags;
|
|
uint NumberOfRvaAndSizes;
|
|
IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
|
|
};
|
|
//---
|
|
struct IMAGE_ROM_OPTIONAL_HEADER
|
|
{
|
|
ushort Magic;
|
|
uchar MajorLinkerVersion;
|
|
uchar MinorLinkerVersion;
|
|
uint SizeOfCode;
|
|
uint SizeOfInitializedData;
|
|
uint SizeOfUninitializedData;
|
|
uint AddressOfEntryPoint;
|
|
uint BaseOfCode;
|
|
uint BaseOfData;
|
|
uint BaseOfBss;
|
|
uint GprMask;
|
|
uint CprMask[4];
|
|
uint GpValue;
|
|
};
|
|
//---
|
|
struct IMAGE_OPTIONAL_HEADER64
|
|
{
|
|
ushort Magic;
|
|
uchar MajorLinkerVersion;
|
|
uchar MinorLinkerVersion;
|
|
uint SizeOfCode;
|
|
uint SizeOfInitializedData;
|
|
uint SizeOfUninitializedData;
|
|
uint AddressOfEntryPoint;
|
|
uint BaseOfCode;
|
|
ulong ImageBase;
|
|
uint SectionAlignment;
|
|
uint FileAlignment;
|
|
ushort MajorOperatingSystemVersion;
|
|
ushort MinorOperatingSystemVersion;
|
|
ushort MajorImageVersion;
|
|
ushort MinorImageVersion;
|
|
ushort MajorSubsystemVersion;
|
|
ushort MinorSubsystemVersion;
|
|
uint Win32VersionValue;
|
|
uint SizeOfImage;
|
|
uint SizeOfHeaders;
|
|
uint CheckSum;
|
|
ushort Subsystem;
|
|
ushort DllCharacteristics;
|
|
ulong SizeOfStackReserve;
|
|
ulong SizeOfStackCommit;
|
|
ulong SizeOfHeapReserve;
|
|
ulong SizeOfHeapCommit;
|
|
uint LoaderFlags;
|
|
uint NumberOfRvaAndSizes;
|
|
IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
|
|
};
|
|
//---
|
|
struct IMAGE_NT_HEADERS64
|
|
{
|
|
uint Signature;
|
|
IMAGE_FILE_HEADER FileHeader;
|
|
IMAGE_OPTIONAL_HEADER64 OptionalHeader;
|
|
};
|
|
//---
|
|
struct IMAGE_NT_HEADERS32
|
|
{
|
|
uint Signature;
|
|
IMAGE_FILE_HEADER FileHeader;
|
|
IMAGE_OPTIONAL_HEADER32 OptionalHeader;
|
|
};
|
|
//---
|
|
struct IMAGE_ROM_HEADERS
|
|
{
|
|
IMAGE_FILE_HEADER FileHeader;
|
|
IMAGE_ROM_OPTIONAL_HEADER OptionalHeader;
|
|
};
|
|
//---
|
|
struct ANON_OBJECT_HEADER
|
|
{
|
|
ushort Sig1;
|
|
ushort Sig2;
|
|
ushort Version;
|
|
ushort Machine;
|
|
uint TimeDateStamp;
|
|
GUID ClassID;
|
|
uint SizeOfData;
|
|
};
|
|
//---
|
|
struct ANON_OBJECT_HEADER_V2
|
|
{
|
|
ushort Sig1;
|
|
ushort Sig2;
|
|
ushort Version;
|
|
ushort Machine;
|
|
uint TimeDateStamp;
|
|
GUID ClassID;
|
|
uint SizeOfData;
|
|
uint Flags;
|
|
uint MetaDataSize;
|
|
uint MetaDataOffset;
|
|
};
|
|
//---
|
|
struct ANON_OBJECT_HEADER_BIGOBJ
|
|
{
|
|
ushort Sig1;
|
|
ushort Sig2;
|
|
ushort Version;
|
|
ushort Machine;
|
|
uint TimeDateStamp;
|
|
GUID ClassID;
|
|
uint SizeOfData;
|
|
uint Flags;
|
|
uint MetaDataSize;
|
|
uint MetaDataOffset;
|
|
uint NumberOfSections;
|
|
uint PointerToSymbolTable;
|
|
uint NumberOfSymbols;
|
|
};
|
|
//---
|
|
struct IMAGE_SECTION_HEADER
|
|
{
|
|
uchar Name[IMAGE_SIZEOF_SHORT_NAME];
|
|
uint PhysicalAddress;
|
|
uint VirtualAddress;
|
|
uint SizeOfRawData;
|
|
uint PointerToRawData;
|
|
uint PointerToRelocations;
|
|
uint PointerToLinenumbers;
|
|
ushort NumberOfRelocations;
|
|
ushort NumberOfLinenumbers;
|
|
uint Characteristics;
|
|
};
|
|
//---
|
|
struct IMAGE_SYMBOL
|
|
{
|
|
uchar ShortName[8];
|
|
uint Value;
|
|
short SectionNumber;
|
|
ushort Type;
|
|
uchar StorageClass;
|
|
uchar NumberOfAuxSymbols;
|
|
};
|
|
//---
|
|
struct IMAGE_SYMBOL_EX
|
|
{
|
|
uchar ShortName[8];
|
|
uint Value;
|
|
int SectionNumber;
|
|
ushort Type;
|
|
uchar StorageClass;
|
|
uchar NumberOfAuxSymbols;
|
|
};
|
|
//---
|
|
struct IMAGE_AUX_SYMBOL_TOKEN_DEF
|
|
{
|
|
uchar bAuxType;
|
|
uchar bReserved;
|
|
uint SymbolTableIndex;
|
|
uchar rgbReserved[12];
|
|
};
|
|
//---
|
|
struct IMAGE_LINENUMBER
|
|
{
|
|
uint VirtualAddress;
|
|
ushort Linenumber;
|
|
};
|
|
//---
|
|
struct IMAGE_BASE_RELOCATION
|
|
{
|
|
uint VirtualAddress;
|
|
uint SizeOfBlock;
|
|
};
|
|
//---
|
|
struct IMAGE_ARCHIVE_MEMBER_HEADER
|
|
{
|
|
uchar Name[16];
|
|
uchar Date[12];
|
|
uchar UserID[6];
|
|
uchar GroupID[6];
|
|
uchar Mode[8];
|
|
uchar Size[10];
|
|
uchar EndHeader[2];
|
|
};
|
|
//---
|
|
struct IMAGE_EXPORT_DIRECTORY
|
|
{
|
|
uint Characteristics;
|
|
uint TimeDateStamp;
|
|
ushort MajorVersion;
|
|
ushort MinorVersion;
|
|
uint Name;
|
|
uint Base;
|
|
uint NumberOfFunctions;
|
|
uint NumberOfNames;
|
|
uint AddressOfFunctions;
|
|
uint AddressOfNames;
|
|
uint AddressOfNameOrdinals;
|
|
};
|
|
//---
|
|
struct IMAGE_IMPORT_BY_NAME
|
|
{
|
|
ushort Hint;
|
|
char Name[1];
|
|
};
|
|
//---
|
|
struct IMAGE_THUNK_DATA64
|
|
{
|
|
ulong Data;
|
|
};
|
|
//---
|
|
struct IMAGE_THUNK_DATA32
|
|
{
|
|
uint Data;
|
|
};
|
|
//---
|
|
struct IMAGE_BOUND_IMPORT_DESCRIPTOR
|
|
{
|
|
uint TimeDateStamp;
|
|
ushort OffsetModuleName;
|
|
ushort NumberOfModuleForwarderRefs;
|
|
};
|
|
//---
|
|
struct IMAGE_BOUND_FORWARDER_REF
|
|
{
|
|
uint TimeDateStamp;
|
|
ushort OffsetModuleName;
|
|
ushort Reserved;
|
|
};
|
|
//---
|
|
struct IMAGE_RESOURCE_DIRECTORY
|
|
{
|
|
uint Characteristics;
|
|
uint TimeDateStamp;
|
|
ushort MajorVersion;
|
|
ushort MinorVersion;
|
|
ushort NumberOfNamedEntries;
|
|
ushort NumberOfIdEntries;
|
|
};
|
|
//---
|
|
struct IMAGE_RESOURCE_DIRECTORY_STRING
|
|
{
|
|
ushort Length;
|
|
char NameString[1];
|
|
};
|
|
//---
|
|
struct IMAGE_RESOURCE_DIR_STRING_U
|
|
{
|
|
ushort Length;
|
|
short NameString[1];
|
|
};
|
|
//---
|
|
struct IMAGE_RESOURCE_DATA_ENTRY
|
|
{
|
|
uint OffsetToData;
|
|
uint Size;
|
|
uint CodePage;
|
|
uint Reserved;
|
|
};
|
|
//---
|
|
struct IMAGE_LOAD_CONFIG_CODE_INTEGRITY
|
|
{
|
|
ushort Flags;
|
|
ushort Catalog;
|
|
uint CatalogOffset;
|
|
uint Reserved;
|
|
};
|
|
//---
|
|
struct IMAGE_DYNAMIC_RELOCATION_TABLE
|
|
{
|
|
uint Version;
|
|
uint Size;
|
|
};
|
|
//---
|
|
struct IMAGE_DYNAMIC_RELOCATION32
|
|
{
|
|
uint Symbol;
|
|
uint BaseRelocSize;
|
|
};
|
|
//---
|
|
struct IMAGE_DYNAMIC_RELOCATION64
|
|
{
|
|
ulong Symbol;
|
|
uint BaseRelocSize;
|
|
};
|
|
//---
|
|
struct IMAGE_DYNAMIC_RELOCATION32_V2
|
|
{
|
|
uint HeaderSize;
|
|
uint FixupInfoSize;
|
|
uint Symbol;
|
|
uint SymbolGroup;
|
|
uint Flags;
|
|
};
|
|
//---
|
|
struct IMAGE_DYNAMIC_RELOCATION64_V2
|
|
{
|
|
uint HeaderSize;
|
|
uint FixupInfoSize;
|
|
ulong Symbol;
|
|
uint SymbolGroup;
|
|
uint Flags;
|
|
};
|
|
//---
|
|
struct IMAGE_PROLOGUE_DYNAMIC_RELOCATION_HEADER
|
|
{
|
|
uchar PrologueByteCount;
|
|
};
|
|
//---
|
|
struct IMAGE_EPILOGUE_DYNAMIC_RELOCATION_HEADER
|
|
{
|
|
uint EpilogueCount;
|
|
uchar EpilogueByteCount;
|
|
uchar BranchDescriptorElementSize;
|
|
ushort BranchDescriptorCount;
|
|
};
|
|
//---
|
|
struct IMAGE_LOAD_CONFIG_DIRECTORY32
|
|
{
|
|
uint Size;
|
|
uint TimeDateStamp;
|
|
ushort MajorVersion;
|
|
ushort MinorVersion;
|
|
uint GlobalFlagsClear;
|
|
uint GlobalFlagsSet;
|
|
uint CriticalSectionDefaultTimeout;
|
|
uint DeCommitFreeBlockThreshold;
|
|
uint DeCommitTotalFreeThreshold;
|
|
uint LockPrefixTable;
|
|
uint MaximumAllocationSize;
|
|
uint VirtualMemoryThreshold;
|
|
uint ProcessHeapFlags;
|
|
uint ProcessAffinityMask;
|
|
ushort CSDVersion;
|
|
ushort DependentLoadFlags;
|
|
uint EditList;
|
|
uint SecurityCookie;
|
|
uint SEHandlerTable;
|
|
uint SEHandlerCount;
|
|
uint GuardCFCheckFunctionPointer;
|
|
uint GuardCFDispatchFunctionPointer;
|
|
uint GuardCFFunctionTable;
|
|
uint GuardCFFunctionCount;
|
|
uint GuardFlags;
|
|
IMAGE_LOAD_CONFIG_CODE_INTEGRITY CodeIntegrity;
|
|
uint GuardAddressTakenIatEntryTable;
|
|
uint GuardAddressTakenIatEntryCount;
|
|
uint GuardLongJumpTargetTable;
|
|
uint GuardLongJumpTargetCount;
|
|
uint DynamicValueRelocTable;
|
|
uint CHPEMetadataPointer;
|
|
uint GuardRFFailureRoutine;
|
|
uint GuardRFFailureRoutineFunctionPointer;
|
|
uint DynamicValueRelocTableOffset;
|
|
ushort DynamicValueRelocTableSection;
|
|
ushort Reserved2;
|
|
uint GuardRFVerifyStackPointerFunctionPointer;
|
|
uint HotPatchTableOffset;
|
|
uint Reserved3;
|
|
uint EnclaveConfigurationPointer;
|
|
};
|
|
//---
|
|
struct IMAGE_LOAD_CONFIG_DIRECTORY64
|
|
{
|
|
uint Size;
|
|
uint TimeDateStamp;
|
|
ushort MajorVersion;
|
|
ushort MinorVersion;
|
|
uint GlobalFlagsClear;
|
|
uint GlobalFlagsSet;
|
|
uint CriticalSectionDefaultTimeout;
|
|
ulong DeCommitFreeBlockThreshold;
|
|
ulong DeCommitTotalFreeThreshold;
|
|
ulong LockPrefixTable;
|
|
ulong MaximumAllocationSize;
|
|
ulong VirtualMemoryThreshold;
|
|
ulong ProcessAffinityMask;
|
|
uint ProcessHeapFlags;
|
|
ushort CSDVersion;
|
|
ushort DependentLoadFlags;
|
|
ulong EditList;
|
|
ulong SecurityCookie;
|
|
ulong SEHandlerTable;
|
|
ulong SEHandlerCount;
|
|
ulong GuardCFCheckFunctionPointer;
|
|
ulong GuardCFDispatchFunctionPointer;
|
|
ulong GuardCFFunctionTable;
|
|
ulong GuardCFFunctionCount;
|
|
uint GuardFlags;
|
|
IMAGE_LOAD_CONFIG_CODE_INTEGRITY CodeIntegrity;
|
|
ulong GuardAddressTakenIatEntryTable;
|
|
ulong GuardAddressTakenIatEntryCount;
|
|
ulong GuardLongJumpTargetTable;
|
|
ulong GuardLongJumpTargetCount;
|
|
ulong DynamicValueRelocTable;
|
|
ulong CHPEMetadataPointer;
|
|
ulong GuardRFFailureRoutine;
|
|
ulong GuardRFFailureRoutineFunctionPointer;
|
|
uint DynamicValueRelocTableOffset;
|
|
ushort DynamicValueRelocTableSection;
|
|
ushort Reserved2;
|
|
ulong GuardRFVerifyStackPointerFunctionPointer;
|
|
uint HotPatchTableOffset;
|
|
uint Reserved3;
|
|
ulong EnclaveConfigurationPointer;
|
|
};
|
|
//---
|
|
struct IMAGE_HOT_PATCH_INFO
|
|
{
|
|
uint Version;
|
|
uint Size;
|
|
uint SequenceNumber;
|
|
uint BaseImageList;
|
|
uint BaseImageCount;
|
|
uint BufferOffset;
|
|
};
|
|
//---
|
|
struct IMAGE_HOT_PATCH_BASE
|
|
{
|
|
uint SequenceNumber;
|
|
uint Flags;
|
|
uint OriginalTimeDateStamp;
|
|
uint OriginalCheckSum;
|
|
uint CodeIntegrityInfo;
|
|
uint CodeIntegritySize;
|
|
uint PatchTable;
|
|
uint BufferOffset;
|
|
};
|
|
//---
|
|
struct IMAGE_HOT_PATCH_HASHES
|
|
{
|
|
uchar SHA256[32];
|
|
uchar SHA1[20];
|
|
};
|
|
//---
|
|
struct IMAGE_CE_RUNTIME_FUNCTION_ENTRY
|
|
{
|
|
uint FuncStart;
|
|
uint Flags;
|
|
};
|
|
//---
|
|
struct IMAGE_ALPHA64_RUNTIME_FUNCTION_ENTRY
|
|
{
|
|
ulong BeginAddress;
|
|
ulong EndAddress;
|
|
ulong ExceptionHandler;
|
|
ulong HandlerData;
|
|
ulong PrologEndAddress;
|
|
};
|
|
//---
|
|
struct IMAGE_ALPHA_RUNTIME_FUNCTION_ENTRY
|
|
{
|
|
uint BeginAddress;
|
|
uint EndAddress;
|
|
uint ExceptionHandler;
|
|
uint HandlerData;
|
|
uint PrologEndAddress;
|
|
};
|
|
//---
|
|
struct IMAGE_ENCLAVE_CONFIG32
|
|
{
|
|
uint Size;
|
|
uint MinimumRequiredConfigSize;
|
|
uint PolicyFlags;
|
|
uint NumberOfImports;
|
|
uint ImportList;
|
|
uint ImportEntrySize;
|
|
uchar FamilyID[IMAGE_ENCLAVE_SHORT_ID_LENGTH];
|
|
uchar ImageID[IMAGE_ENCLAVE_SHORT_ID_LENGTH];
|
|
uint ImageVersion;
|
|
uint SecurityVersion;
|
|
uint EnclaveSize;
|
|
uint NumberOfThreads;
|
|
uint EnclaveFlags;
|
|
};
|
|
//---
|
|
struct IMAGE_ENCLAVE_CONFIG64
|
|
{
|
|
uint Size;
|
|
uint MinimumRequiredConfigSize;
|
|
uint PolicyFlags;
|
|
uint NumberOfImports;
|
|
uint ImportList;
|
|
uint ImportEntrySize;
|
|
uchar FamilyID[IMAGE_ENCLAVE_SHORT_ID_LENGTH];
|
|
uchar ImageID[IMAGE_ENCLAVE_SHORT_ID_LENGTH];
|
|
uint ImageVersion;
|
|
uint SecurityVersion;
|
|
ulong EnclaveSize;
|
|
uint NumberOfThreads;
|
|
uint EnclaveFlags;
|
|
};
|
|
//---
|
|
struct IMAGE_ENCLAVE_IMPORT
|
|
{
|
|
uint MatchType;
|
|
uint MinimumSecurityVersion;
|
|
uchar UniqueOrAuthorID[IMAGE_ENCLAVE_LONG_ID_LENGTH];
|
|
uchar FamilyID[IMAGE_ENCLAVE_SHORT_ID_LENGTH];
|
|
uchar ImageID[IMAGE_ENCLAVE_SHORT_ID_LENGTH];
|
|
uint ImportName;
|
|
uint Reserved;
|
|
};
|
|
//---
|
|
struct IMAGE_DEBUG_DIRECTORY
|
|
{
|
|
uint Characteristics;
|
|
uint TimeDateStamp;
|
|
ushort MajorVersion;
|
|
ushort MinorVersion;
|
|
uint Type;
|
|
uint SizeOfData;
|
|
uint AddressOfRawData;
|
|
uint PointerToRawData;
|
|
};
|
|
//---
|
|
struct IMAGE_COFF_SYMBOLS_HEADER
|
|
{
|
|
uint NumberOfSymbols;
|
|
uint LvaToFirstSymbol;
|
|
uint NumberOfLinenumbers;
|
|
uint LvaToFirstLinenumber;
|
|
uint RvaToFirstByteOfCode;
|
|
uint RvaToLastByteOfCode;
|
|
uint RvaToFirstByteOfData;
|
|
uint RvaToLastByteOfData;
|
|
};
|
|
//---
|
|
struct FPO_DATA
|
|
{
|
|
uint ulOffStart;
|
|
uint cbProcSize;
|
|
uint cdwLocals;
|
|
ushort cdwParams;
|
|
ushort data;
|
|
};
|
|
//---
|
|
struct IMAGE_DEBUG_MISC
|
|
{
|
|
uint DataType;
|
|
uint Length;
|
|
uchar Unicode;
|
|
uchar Reserved[3];
|
|
uchar Data[1];
|
|
};
|
|
//---
|
|
struct IMAGE_FUNCTION_ENTRY
|
|
{
|
|
uint StartingAddress;
|
|
uint EndingAddress;
|
|
uint EndOfPrologue;
|
|
};
|
|
//---
|
|
struct IMAGE_SEPARATE_DEBUG_HEADER
|
|
{
|
|
ushort Signature;
|
|
ushort Flags;
|
|
ushort Machine;
|
|
ushort Characteristics;
|
|
uint TimeDateStamp;
|
|
uint CheckSum;
|
|
uint ImageBase;
|
|
uint SizeOfImage;
|
|
uint NumberOfSections;
|
|
uint ExportedNamesSize;
|
|
uint DebugDirectorySize;
|
|
uint SectionAlignment;
|
|
uint Reserved[2];
|
|
};
|
|
//---
|
|
struct NON_PAGED_DEBUG_INFO
|
|
{
|
|
ushort Signature;
|
|
ushort Flags;
|
|
uint Size;
|
|
ushort Machine;
|
|
ushort Characteristics;
|
|
uint TimeDateStamp;
|
|
uint CheckSum;
|
|
uint SizeOfImage;
|
|
ulong ImageBase;
|
|
};
|
|
//---
|
|
struct IMAGE_ARCHITECTURE_HEADER
|
|
{
|
|
int mask;
|
|
uint FirstEntryRVA;
|
|
};
|
|
//---
|
|
struct IMAGE_ARCHITECTURE_ENTRY
|
|
{
|
|
uint FixupInstRVA;
|
|
uint NewInst;
|
|
};
|
|
//---
|
|
struct SLIST_ENTRY
|
|
{
|
|
PVOID Next;
|
|
};
|
|
//---
|
|
struct RTL_BARRIER
|
|
{
|
|
uint Reserved1;
|
|
uint Reserved2;
|
|
ulong Reserved3[2];
|
|
uint Reserved4;
|
|
uint Reserved5;
|
|
};
|
|
//---
|
|
struct MESSAGE_RESOURCE_ENTRY
|
|
{
|
|
ushort Length;
|
|
ushort Flags;
|
|
uchar Text[1];
|
|
};
|
|
//---
|
|
struct MESSAGE_RESOURCE_BLOCK
|
|
{
|
|
uint LowId;
|
|
uint HighId;
|
|
uint OffsetToEntries;
|
|
};
|
|
//---
|
|
struct MESSAGE_RESOURCE_DATA
|
|
{
|
|
uint NumberOfBlocks;
|
|
MESSAGE_RESOURCE_BLOCK Blocks[1];
|
|
};
|
|
//---
|
|
struct OSVERSIONINFOW
|
|
{
|
|
uint dwOSVersionInfoSize;
|
|
uint dwMajorVersion;
|
|
uint dwMinorVersion;
|
|
uint dwBuildNumber;
|
|
uint dwPlatformId;
|
|
ushort szCSDVersion[128];
|
|
};
|
|
//---
|
|
struct OSVERSIONINFOEXW
|
|
{
|
|
uint dwOSVersionInfoSize;
|
|
uint dwMajorVersion;
|
|
uint dwMinorVersion;
|
|
uint dwBuildNumber;
|
|
uint dwPlatformId;
|
|
short szCSDVersion[128];
|
|
ushort wServicePackMajor;
|
|
ushort wServicePackMinor;
|
|
ushort wSuiteMask;
|
|
uchar wProductType;
|
|
uchar wReserved;
|
|
};
|
|
//---
|
|
struct NV_MEMORY_RANGE
|
|
{
|
|
PVOID BaseAddress;
|
|
ulong Length;
|
|
};
|
|
//---
|
|
struct CORRELATION_VECTOR
|
|
{
|
|
char Version;
|
|
char Vector[RTL_CORRELATION_VECTOR_STRING_LENGTH];
|
|
};
|
|
//---
|
|
struct CUSTOM_SYSTEM_EVENT_TRIGGER_CONFIG
|
|
{
|
|
uint Size;
|
|
const string TriggerId;
|
|
};
|
|
//---
|
|
struct IMAGE_POLICY_ENTRY
|
|
{
|
|
IMAGE_POLICY_ENTRY_TYPE Type;
|
|
IMAGE_POLICY_ID PolicyId;
|
|
PVOID Value;
|
|
};
|
|
//---
|
|
struct IMAGE_POLICY_METADATA
|
|
{
|
|
uchar Version;
|
|
uchar Reserved0[7];
|
|
ulong ApplicationId;
|
|
IMAGE_POLICY_ENTRY Policies[];
|
|
};
|
|
//---
|
|
struct RTL_CRITICAL_SECTION_DEBUG
|
|
{
|
|
ushort Type;
|
|
ushort CreatorBackTraceIndex;
|
|
PVOID CriticalSection;
|
|
LIST_ENTRY ProcessLocksList;
|
|
uint EntryCount;
|
|
uint ContentionCount;
|
|
uint Flags;
|
|
ushort CreatorBackTraceIndexHigh;
|
|
ushort Spareushort;
|
|
};
|
|
//---
|
|
struct RTL_CRITICAL_SECTION
|
|
{
|
|
PVOID DebugInfo;
|
|
int LockCount;
|
|
int RecursionCount;
|
|
HANDLE OwningThread;
|
|
HANDLE LockSemaphore;
|
|
ulong SpinCount;
|
|
};
|
|
//---
|
|
struct RTL_SRWLOCK
|
|
{
|
|
PVOID Ptr;
|
|
};
|
|
//---
|
|
struct RTL_CONDITION_VARIABLE
|
|
{
|
|
PVOID Ptr;
|
|
};
|
|
//---
|
|
struct HEAP_OPTIMIZE_RESOURCES_INFORMATION
|
|
{
|
|
uint Version;
|
|
uint Flags;
|
|
};
|
|
//---
|
|
struct ACTIVATION_CONTEXT_QUERY_INDEX
|
|
{
|
|
uint ulAssemblyIndex;
|
|
uint ulFileIndexInAssembly;
|
|
};
|
|
//---
|
|
struct ASSEMBLY_FILE_DETAILED_INFORMATION
|
|
{
|
|
uint ulFlags;
|
|
uint ulFilenameLength;
|
|
uint ulPathLength;
|
|
const string lpFileName;
|
|
const string lpFilePath;
|
|
};
|
|
//---
|
|
struct ACTIVATION_CONTEXT_ASSEMBLY_DETAILED_INFORMATION
|
|
{
|
|
uint ulFlags;
|
|
uint ulEncodedAssemblyIdentityLength;
|
|
uint ulManifestPathType;
|
|
uint ulManifestPathLength;
|
|
long liManifestLastWriteTime;
|
|
uint ulPolicyPathType;
|
|
uint ulPolicyPathLength;
|
|
long liPolicyLastWriteTime;
|
|
uint ulMetadataSatelliteRosterIndex;
|
|
uint ulManifestVersionMajor;
|
|
uint ulManifestVersionMinor;
|
|
uint ulPolicyVersionMajor;
|
|
uint ulPolicyVersionMinor;
|
|
uint ulAssemblyDirectoryNameLength;
|
|
const string lpAssemblyEncodedAssemblyIdentity;
|
|
const string lpAssemblyManifestPath;
|
|
const string lpAssemblyPolicyPath;
|
|
const string lpAssemblyDirectoryName;
|
|
uint ulFileCount;
|
|
};
|
|
//---
|
|
struct ACTIVATION_CONTEXT_RUN_LEVEL_INFORMATION
|
|
{
|
|
uint ulFlags;
|
|
ACTCTX_REQUESTED_RUN_LEVEL RunLevel;
|
|
uint UiAccess;
|
|
};
|
|
//---
|
|
struct COMPATIBILITY_CONTEXT_ELEMENT
|
|
{
|
|
GUID Id;
|
|
ACTCTX_COMPATIBILITY_ELEMENT_TYPE Type;
|
|
};
|
|
//---
|
|
struct ACTIVATION_CONTEXT_COMPATIBILITY_INFORMATION
|
|
{
|
|
uint ElementCount;
|
|
COMPATIBILITY_CONTEXT_ELEMENT Elements[];
|
|
};
|
|
//---
|
|
struct SUPPORTED_OS_INFO
|
|
{
|
|
ushort MajorVersion;
|
|
ushort MinorVersion;
|
|
};
|
|
//---
|
|
struct ACTIVATION_CONTEXT_DETAILED_INFORMATION
|
|
{
|
|
uint dwFlags;
|
|
uint ulFormatVersion;
|
|
uint ulAssemblyCount;
|
|
uint ulRootManifestPathType;
|
|
uint ulRootManifestPathChars;
|
|
uint ulRootConfigurationPathType;
|
|
uint ulRootConfigurationPathChars;
|
|
uint ulAppDirPathType;
|
|
uint ulAppDirPathChars;
|
|
const string lpRootManifestPath;
|
|
const string lpRootConfigurationPath;
|
|
const string lpAppDirPath;
|
|
};
|
|
//---
|
|
struct HARDWARE_COUNTER_DATA
|
|
{
|
|
HARDWARE_COUNTER_TYPE Type;
|
|
uint Reserved;
|
|
ulong Value;
|
|
};
|
|
//---
|
|
struct PERFORMANCE_DATA
|
|
{
|
|
ushort Size;
|
|
uchar Version;
|
|
uchar HwCountersCount;
|
|
uint ContextSwitchCount;
|
|
ulong WaitReasonBitMap;
|
|
ulong CycleTime;
|
|
uint RetryCount;
|
|
uint Reserved;
|
|
HARDWARE_COUNTER_DATA HwCounters[MAX_HW_COUNTERS];
|
|
};
|
|
//---
|
|
struct EVENTLOGRECORD
|
|
{
|
|
uint Length;
|
|
uint Reserved;
|
|
uint RecordNumber;
|
|
uint TimeGenerated;
|
|
uint TimeWritten;
|
|
uint EventID;
|
|
ushort EventType;
|
|
ushort NumStrings;
|
|
ushort EventCategory;
|
|
ushort ReservedFlags;
|
|
uint ClosingRecordNumber;
|
|
uint StringOffset;
|
|
uint UserSidLength;
|
|
uint UserSidOffset;
|
|
uint DataLength;
|
|
uint DataOffset;
|
|
};
|
|
//---
|
|
struct TAPE_ERASE
|
|
{
|
|
uint Type;
|
|
uchar Immediate;
|
|
};
|
|
//---
|
|
struct TAPE_PREPARE
|
|
{
|
|
uint Operation;
|
|
uchar Immediate;
|
|
};
|
|
//---
|
|
struct TAPE_WRITE_MARKS
|
|
{
|
|
uint Type;
|
|
uint Count;
|
|
uchar Immediate;
|
|
};
|
|
//---
|
|
struct TAPE_GET_POSITION
|
|
{
|
|
uint Type;
|
|
uint Partition;
|
|
long Offset;
|
|
};
|
|
//---
|
|
struct TAPE_SET_POSITION
|
|
{
|
|
uint Method;
|
|
uint Partition;
|
|
long Offset;
|
|
uchar Immediate;
|
|
};
|
|
//---
|
|
struct TAPE_GET_DRIVE_PARAMETERS
|
|
{
|
|
uchar ECC;
|
|
uchar Compression;
|
|
uchar DataPadding;
|
|
uchar ReportSetmarks;
|
|
uint DefaultBlockSize;
|
|
uint MaximumBlockSize;
|
|
uint MinimumBlockSize;
|
|
uint MaximumPartitionCount;
|
|
uint FeaturesLow;
|
|
uint FeaturesHigh;
|
|
uint EOTWarningZoneSize;
|
|
};
|
|
//---
|
|
struct TAPE_SET_DRIVE_PARAMETERS
|
|
{
|
|
uchar ECC;
|
|
uchar Compression;
|
|
uchar DataPadding;
|
|
uchar ReportSetmarks;
|
|
uint EOTWarningZoneSize;
|
|
};
|
|
//---
|
|
struct TAPE_GET_MEDIA_PARAMETERS
|
|
{
|
|
long Capacity;
|
|
long Remaining;
|
|
uint BlockSize;
|
|
uint PartitionCount;
|
|
uchar WriteProtected;
|
|
};
|
|
//---
|
|
struct TAPE_SET_MEDIA_PARAMETERS
|
|
{
|
|
uint BlockSize;
|
|
};
|
|
//---
|
|
struct TAPE_CREATE_PARTITION
|
|
{
|
|
uint Method;
|
|
uint Count;
|
|
uint Size;
|
|
};
|
|
//---
|
|
struct TAPE_WMI_OPERATIONS
|
|
{
|
|
uint Method;
|
|
uint DataBufferSize;
|
|
PVOID DataBuffer;
|
|
};
|
|
//---
|
|
struct TRANSACTION_BASIC_INFORMATION
|
|
{
|
|
GUID TransactionId;
|
|
uint State;
|
|
uint Outcome;
|
|
};
|
|
//---
|
|
struct TRANSACTIONMANAGER_BASIC_INFORMATION
|
|
{
|
|
GUID TmIdentity;
|
|
long VirtualClock;
|
|
};
|
|
//---
|
|
struct TRANSACTIONMANAGER_LOG_INFORMATION
|
|
{
|
|
GUID LogIdentity;
|
|
};
|
|
//---
|
|
struct TRANSACTIONMANAGER_LOGPATH_INFORMATION
|
|
{
|
|
uint LogPathLength;
|
|
short LogPath[1];
|
|
};
|
|
//---
|
|
struct TRANSACTIONMANAGER_RECOVERY_INFORMATION
|
|
{
|
|
ulong LastRecoveredLsn;
|
|
};
|
|
//---
|
|
struct TRANSACTIONMANAGER_OLDEST_INFORMATION
|
|
{
|
|
GUID OldestTransactionGuid;
|
|
};
|
|
//---
|
|
struct TRANSACTION_PROPERTIES_INFORMATION
|
|
{
|
|
uint IsolationLevel;
|
|
uint IsolationFlags;
|
|
long Timeout;
|
|
uint Outcome;
|
|
uint DescriptionLength;
|
|
short Description[1];
|
|
};
|
|
//---
|
|
struct TRANSACTION_BIND_INFORMATION
|
|
{
|
|
HANDLE TmHandle;
|
|
};
|
|
//---
|
|
struct TRANSACTION_ENLISTMENT_PAIR
|
|
{
|
|
GUID EnlistmentId;
|
|
GUID ResourceManagerId;
|
|
};
|
|
//---
|
|
struct TRANSACTION_ENLISTMENTS_INFORMATION
|
|
{
|
|
uint NumberOfEnlistments;
|
|
TRANSACTION_ENLISTMENT_PAIR EnlistmentPair[1];
|
|
};
|
|
//---
|
|
struct TRANSACTION_SUPERIOR_ENLISTMENT_INFORMATION
|
|
{
|
|
TRANSACTION_ENLISTMENT_PAIR SuperiorEnlistmentPair;
|
|
};
|
|
//---
|
|
struct RESOURCEMANAGER_BASIC_INFORMATION
|
|
{
|
|
GUID ResourceManagerId;
|
|
uint DescriptionLength;
|
|
short Description[1];
|
|
};
|
|
//---
|
|
struct RESOURCEMANAGER_COMPLETION_INFORMATION
|
|
{
|
|
HANDLE IoCompletionPortHandle;
|
|
ulong CompletionKey;
|
|
};
|
|
//---
|
|
struct ENLISTMENT_BASIC_INFORMATION
|
|
{
|
|
GUID EnlistmentId;
|
|
GUID TransactionId;
|
|
GUID ResourceManagerId;
|
|
};
|
|
//---
|
|
struct ENLISTMENT_CRM_INFORMATION
|
|
{
|
|
GUID CrmTransactionManagerId;
|
|
GUID CrmResourceManagerId;
|
|
GUID CrmEnlistmentId;
|
|
};
|
|
//---
|
|
struct TRANSACTION_LIST_ENTRY
|
|
{
|
|
GUID UOW;
|
|
};
|
|
//---
|
|
struct TRANSACTION_LIST_INFORMATION
|
|
{
|
|
uint NumberOfTransactions;
|
|
TRANSACTION_LIST_ENTRY TransactionInformation[1];
|
|
};
|
|
//---
|
|
struct KTMOBJECT_CURSOR
|
|
{
|
|
GUID LastQuery;
|
|
uint ObjectIdCount;
|
|
GUID ObjectIds[1];
|
|
};
|
|
//---
|
|
struct TP_POOL_STACK_INFORMATION
|
|
{
|
|
ulong StackReserve;
|
|
ulong StackCommit;
|
|
};
|
|
//---
|
|
struct TP_CALLBACK_ENVIRON_V3
|
|
{
|
|
uint Version;
|
|
PVOID Pool;
|
|
PVOID CleanupGroup;
|
|
PVOID CleanupGroupCancelCallback;
|
|
PVOID RaceDll;
|
|
PVOID ActivationContext;
|
|
PVOID FinalizationCallback;
|
|
uint Flags;
|
|
TP_CALLBACK_PRIORITY CallbackPriority;
|
|
uint Size;
|
|
};
|
|
//---
|
|
struct SYSTEM_LOGICAL_PROCESSOR_INFORMATION
|
|
{
|
|
ulong ProcessorMask;
|
|
LOGICAL_PROCESSOR_RELATIONSHIP Relationship;
|
|
uchar offset[4];
|
|
ulong Reserved[2];
|
|
};
|
|
//---
|
|
struct SYSTEM_LOGICAL_PROCESSOR_INFORMATION_EX
|
|
{
|
|
LOGICAL_PROCESSOR_RELATIONSHIP Relationship;
|
|
uint Size;
|
|
uchar info[72];
|
|
};
|
|
//---
|
|
struct SYSTEM_CPU_SET_INFORMATION
|
|
{
|
|
uint Size;
|
|
CPU_SET_INFORMATION_TYPE Type;
|
|
uint Id;
|
|
ushort Group;
|
|
uchar LogicalProcessorIndex;
|
|
uchar CoreIndex;
|
|
uchar LastLevelCacheIndex;
|
|
uchar NumaNodeIndex;
|
|
uchar EfficiencyClass;
|
|
uchar AllFlags;
|
|
uint Reserved;
|
|
ulong AllocationTag;
|
|
};
|
|
//+------------------------------------------------------------------+
|
|
//| |
|
|
//+------------------------------------------------------------------+
|
|
#import "kernel32.dll"
|
|
ushort RtlCaptureStackBackTrace(uint frames_to_skip,uint frames_to_capture,PVOID &back_trace[],uint &back_trace_hash);
|
|
ulong RtlCompareMemory(const uchar &source1[],const uchar &source2[],ulong length);
|
|
ulong VerSetConditionMask(ulong condition_mask,uint type_mask,uchar condition);
|
|
#import
|
|
|
|
#import "Win32k.sys"
|
|
void RtlCaptureContext(PVOID context_record);
|
|
void RtlUnwind(PVOID target_frame,PVOID target_ip,EXCEPTION_RECORD &exception_record,PVOID return_value);
|
|
PVOID RtlLookupFunctionEntry(ulong control_pc,PVOID image_base,UNWIND_HISTORY_TABLE &history_table);
|
|
void RtlUnwindEx(PVOID target_frame,PVOID target_ip,EXCEPTION_RECORD &exception_record,PVOID return_value,PVOID context_record,UNWIND_HISTORY_TABLE &history_table);
|
|
PVOID RtlVirtualUnwind(uint handler_type,ulong image_base,ulong control_pc,PVOID function_entry,PVOID context_record,PVOID &handler_data,PVOID establisher_frame,KNONVOLATILE_CONTEXT_POINTERS &context_pointers);
|
|
PVOID RtlLookupFunctionEntry(ulong control_pc,uint &image_base,UNWIND_HISTORY_TABLE &history_table);
|
|
void RtlUnwindEx(PVOID target_frame,PVOID target_ip,EXCEPTION_RECORD &exception_record,PVOID return_value,PVOID context_record,UNWIND_HISTORY_TABLE &history_table);
|
|
PVOID RtlVirtualUnwind(uint handler_type,uint image_base,uint control_pc,PVOID function_entry,PVOID context_record,PVOID &handler_data,uint &establisher_frame,KNONVOLATILE_CONTEXT_POINTERS &context_pointers);
|
|
PVOID RtlLookupFunctionEntry(ulong control_pc,PVOID image_base,UNWIND_HISTORY_TABLE &history_table);
|
|
void RtlUnwindEx(PVOID target_frame,PVOID target_ip,EXCEPTION_RECORD &exception_record,PVOID return_value,PVOID context_record,UNWIND_HISTORY_TABLE &history_table);
|
|
PVOID RtlVirtualUnwind(uint handler_type,ulong image_base,ulong control_pc,PVOID function_entry,PVOID context_record,PVOID &handler_data,PVOID establisher_frame,KNONVOLATILE_CONTEXT_POINTERS &context_pointers);
|
|
void RtlUnwindEx(PVOID target_frame,PVOID target_ip,EXCEPTION_RECORD &exception_record,PVOID return_value,PVOID context_record,PVOID history_table);
|
|
PVOID RtlPcToFileHeader(PVOID pc_value,PVOID &base_of_image);
|
|
#import
|
|
//+------------------------------------------------------------------+
|