]> git.proxmox.com Git - rustc.git/blame - vendor/ntapi/src/ntexapi.rs
projects / rustc.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
New upstream version 1.64.0+dfsg1
[rustc.git] / vendor / ntapi / src / ntexapi.rs
CommitLineData
923072b8
FG		 1use core::mem::uninitialized;
2use core::ptr::read_volatile;
3#[cfg(target_arch = "x86")]
4use core::sync::atomic::spin_loop_hint;
5use crate::ntapi_base::{CLIENT_ID, KPRIORITY, KSYSTEM_TIME, PRTL_ATOM, RTL_ATOM};
6use crate::ntioapi::{BUS_DATA_TYPE, FILE_IO_COMPLETION_INFORMATION, INTERFACE_TYPE};
7use crate::ntkeapi::{KPROFILE_SOURCE, KTHREAD_STATE, KWAIT_REASON};
8use crate::ntldr::RTL_PROCESS_MODULE_INFORMATION_EX;
9use crate::ntpebteb::PTEB;
10use crate::ntpoapi::COUNTED_REASON_CONTEXT;
11use winapi::shared::basetsd::{KAFFINITY, PULONG64, PULONG_PTR, SIZE_T, ULONG64, ULONG_PTR};
12use winapi::shared::evntrace::PROFILE_SOURCE_INFO;
13use winapi::shared::guiddef::{GUID, LPGUID};
14use winapi::shared::ntdef::{
15 BOOLEAN, CCHAR, EVENT_TYPE, HANDLE, LANGID, LARGE_INTEGER, LCID, LOGICAL, LONG, LONGLONG,
16 NTSTATUS, NT_PRODUCT_TYPE, PBOOLEAN, PCHAR, PCWNF_STATE_NAME, PGROUP_AFFINITY, PHANDLE,
17 PHYSICAL_ADDRESS, PLARGE_INTEGER, PLCID, PLONG, PLUID, POBJECT_ATTRIBUTES, PUCHAR,
18 PULARGE_INTEGER, PULONG, PUNICODE_STRING, PUSHORT, PVOID, PWNF_STATE_NAME, PWSTR, TIMER_TYPE,
19 UCHAR, ULARGE_INTEGER, ULONG, ULONGLONG, UNICODE_STRING, USHORT, VOID, WCHAR, WNF_STATE_NAME,
20};
21use winapi::um::winnt::{
22 ACCESS_MASK, ANYSIZE_ARRAY, FIRMWARE_TYPE, GENERIC_MAPPING, PSECURITY_DESCRIPTOR,
23 STANDARD_RIGHTS_REQUIRED, SYNCHRONIZE, XSTATE_CONFIGURATION,
24};
25use crate::winapi_local::um::winnt::UInt32x32To64;
26EXTERN!{extern "system" {
27 fn NtDelayExecution(
28 Alertable: BOOLEAN,
29 DelayInterval: PLARGE_INTEGER,
30 ) -> NTSTATUS;
31 fn NtQuerySystemEnvironmentValue(
32 VariableName: PUNICODE_STRING,
33 VariableValue: PWSTR,
34 ValueLength: USHORT,
35 ReturnLength: PUSHORT,
36 ) -> NTSTATUS;
37 fn NtSetSystemEnvironmentValue(
38 VariableName: PUNICODE_STRING,
39 VariableValue: PUNICODE_STRING,
40 ) -> NTSTATUS;
41 fn NtQuerySystemEnvironmentValueEx(
42 VariableName: PUNICODE_STRING,
43 VendorGuid: LPGUID,
44 Value: PVOID,
45 ValueLength: PULONG,
46 Attributes: PULONG,
47 ) -> NTSTATUS;
48 fn NtSetSystemEnvironmentValueEx(
49 VariableName: PUNICODE_STRING,
50 VendorGuid: LPGUID,
51 Value: PVOID,
52 ValueLength: ULONG,
53 Attributes: ULONG,
54 ) -> NTSTATUS;
55 fn NtEnumerateSystemEnvironmentValuesEx(
56 InformationClass: ULONG,
57 Buffer: PVOID,
58 BufferLength: PULONG,
59 ) -> NTSTATUS;
60}}
61STRUCT!{struct BOOT_ENTRY {
62 Version: ULONG,
63 Length: ULONG,
64 Id: ULONG,
65 Attributes: ULONG,
66 FriendlyNameOffset: ULONG,
67 BootFilePathOffset: ULONG,
68 OsOptionsLength: ULONG,
69 OsOptions: [UCHAR; 1],
70}}
71pub type PBOOT_ENTRY = *mut BOOT_ENTRY;
72STRUCT!{struct BOOT_ENTRY_LIST {
73 NextEntryOffset: ULONG,
74 BootEntry: BOOT_ENTRY,
75}}
76pub type PBOOT_ENTRY_LIST = *mut BOOT_ENTRY_LIST;
77STRUCT!{struct BOOT_OPTIONS {
78 Version: ULONG,
79 Length: ULONG,
80 Timeout: ULONG,
81 CurrentBootEntryId: ULONG,
82 NextBootEntryId: ULONG,
83 HeadlessRedirection: [WCHAR; 1],
84}}
85pub type PBOOT_OPTIONS = *mut BOOT_OPTIONS;
86STRUCT!{struct FILE_PATH {
87 Version: ULONG,
88 Length: ULONG,
89 Type: ULONG,
90 FilePath: [UCHAR; 1],
91}}
92pub type PFILE_PATH = *mut FILE_PATH;
93STRUCT!{struct EFI_DRIVER_ENTRY {
94 Version: ULONG,
95 Length: ULONG,
96 Id: ULONG,
97 FriendlyNameOffset: ULONG,
98 DriverFilePathOffset: ULONG,
99}}
100pub type PEFI_DRIVER_ENTRY = *mut EFI_DRIVER_ENTRY;
101STRUCT!{struct EFI_DRIVER_ENTRY_LIST {
102 NextEntryOffset: ULONG,
103 DriverEntry: EFI_DRIVER_ENTRY,
104}}
105pub type PEFI_DRIVER_ENTRY_LIST = *mut EFI_DRIVER_ENTRY_LIST;
106EXTERN!{extern "system" {
107 fn NtAddBootEntry(
108 BootEntry: PBOOT_ENTRY,
109 Id: PULONG,
110 ) -> NTSTATUS;
111 fn NtDeleteBootEntry(
112 Id: ULONG,
113 ) -> NTSTATUS;
114 fn NtModifyBootEntry(
115 BootEntry: PBOOT_ENTRY,
116 ) -> NTSTATUS;
117 fn NtEnumerateBootEntries(
118 Buffer: PVOID,
119 BufferLength: PULONG,
120 ) -> NTSTATUS;
121 fn NtQueryBootEntryOrder(
122 Ids: PULONG,
123 Count: PULONG,
124 ) -> NTSTATUS;
125 fn NtSetBootEntryOrder(
126 Ids: PULONG,
127 Count: ULONG,
128 ) -> NTSTATUS;
129 fn NtQueryBootOptions(
130 BootOptions: PBOOT_OPTIONS,
131 BootOptionsLength: PULONG,
132 ) -> NTSTATUS;
133 fn NtSetBootOptions(
134 BootOptions: PBOOT_OPTIONS,
135 FieldsToChange: ULONG,
136 ) -> NTSTATUS;
137 fn NtTranslateFilePath(
138 InputFilePath: PFILE_PATH,
139 OutputType: ULONG,
140 OutputFilePath: PFILE_PATH,
141 OutputFilePathLength: PULONG,
142 ) -> NTSTATUS;
143 fn NtAddDriverEntry(
144 DriverEntry: PEFI_DRIVER_ENTRY,
145 Id: PULONG,
146 ) -> NTSTATUS;
147 fn NtDeleteDriverEntry(
148 Id: ULONG,
149 ) -> NTSTATUS;
150 fn NtModifyDriverEntry(
151 DriverEntry: PEFI_DRIVER_ENTRY,
152 ) -> NTSTATUS;
153 fn NtEnumerateDriverEntries(
154 Buffer: PVOID,
155 BufferLength: PULONG,
156 ) -> NTSTATUS;
157 fn NtQueryDriverEntryOrder(
158 Ids: PULONG,
159 Count: PULONG,
160 ) -> NTSTATUS;
161 fn NtSetDriverEntryOrder(
162 Ids: PULONG,
163 Count: ULONG,
164 ) -> NTSTATUS;
165}}
166ENUM!{enum FILTER_BOOT_OPTION_OPERATION {
167 FilterBootOptionOperationOpenSystemStore = 0,
168 FilterBootOptionOperationSetElement = 1,
169 FilterBootOptionOperationDeleteElement = 2,
170 FilterBootOptionOperationMax = 3,
171}}
172EXTERN!{extern "system" {
173 fn NtFilterBootOption(
174 FilterOperation: FILTER_BOOT_OPTION_OPERATION,
175 ObjectType: ULONG,
176 ElementType: ULONG,
177 Data: PVOID,
178 DataSize: ULONG,
179 ) -> NTSTATUS;
180}}
181pub const EVENT_QUERY_STATE: u32 = 0x0001;
182ENUM!{enum EVENT_INFORMATION_CLASS {
183 EventBasicInformation = 0,
184}}
185STRUCT!{struct EVENT_BASIC_INFORMATION {
186 EventType: EVENT_TYPE,
187 EventState: LONG,
188}}
189pub type PEVENT_BASIC_INFORMATION = *mut EVENT_BASIC_INFORMATION;
190EXTERN!{extern "system" {
191 fn NtCreateEvent(
192 EventHandle: PHANDLE,
193 DesiredAccess: ACCESS_MASK,
194 ObjectAttributes: POBJECT_ATTRIBUTES,
195 EventType: EVENT_TYPE,
196 InitialState: BOOLEAN,
197 ) -> NTSTATUS;
198 fn NtOpenEvent(
199 EventHandle: PHANDLE,
200 DesiredAccess: ACCESS_MASK,
201 ObjectAttributes: POBJECT_ATTRIBUTES,
202 ) -> NTSTATUS;
203 fn NtSetEvent(
204 EventHandle: HANDLE,
205 PreviousState: PLONG,
206 ) -> NTSTATUS;
207 fn NtSetEventBoostPriority(
208 EventHandle: HANDLE,
209 ) -> NTSTATUS;
210 fn NtClearEvent(
211 EventHandle: HANDLE,
212 ) -> NTSTATUS;
213 fn NtResetEvent(
214 EventHandle: HANDLE,
215 PreviousState: PLONG,
216 ) -> NTSTATUS;
217 fn NtPulseEvent(
218 EventHandle: HANDLE,
219 PreviousState: PLONG,
220 ) -> NTSTATUS;
221 fn NtQueryEvent(
222 EventHandle: HANDLE,
223 EventInformationClass: EVENT_INFORMATION_CLASS,
224 EventInformation: PVOID,
225 EventInformationLength: ULONG,
226 ReturnLength: PULONG,
227 ) -> NTSTATUS;
228}}
229pub const EVENT_PAIR_ALL_ACCESS: ACCESS_MASK = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE;
230EXTERN!{extern "system" {
231 fn NtCreateEventPair(
232 EventPairHandle: PHANDLE,
233 DesiredAccess: ACCESS_MASK,
234 ObjectAttributes: POBJECT_ATTRIBUTES,
235 ) -> NTSTATUS;
236 fn NtOpenEventPair(
237 EventPairHandle: PHANDLE,
238 DesiredAccess: ACCESS_MASK,
239 ObjectAttributes: POBJECT_ATTRIBUTES,
240 ) -> NTSTATUS;
241 fn NtSetLowEventPair(
242 EventPairHandle: HANDLE,
243 ) -> NTSTATUS;
244 fn NtSetHighEventPair(
245 EventPairHandle: HANDLE,
246 ) -> NTSTATUS;
247 fn NtWaitLowEventPair(
248 EventPairHandle: HANDLE,
249 ) -> NTSTATUS;
250 fn NtWaitHighEventPair(
251 EventPairHandle: HANDLE,
252 ) -> NTSTATUS;
253 fn NtSetLowWaitHighEventPair(
254 EventPairHandle: HANDLE,
255 ) -> NTSTATUS;
256 fn NtSetHighWaitLowEventPair(
257 EventPairHandle: HANDLE,
258 ) -> NTSTATUS;
259}}
260ENUM!{enum MUTANT_INFORMATION_CLASS {
261 MutantBasicInformation = 0,
262 MutantOwnerInformation = 1,
263}}
264STRUCT!{struct MUTANT_BASIC_INFORMATION {
265 CurrentCount: LONG,
266 OwnedByCaller: BOOLEAN,
267 AbandonedState: BOOLEAN,
268}}
269pub type PMUTANT_BASIC_INFORMATION = *mut MUTANT_BASIC_INFORMATION;
270STRUCT!{struct MUTANT_OWNER_INFORMATION {
271 ClientId: CLIENT_ID,
272}}
273pub type PMUTANT_OWNER_INFORMATION = *mut MUTANT_OWNER_INFORMATION;
274EXTERN!{extern "system" {
275 fn NtCreateMutant(
276 MutantHandle: PHANDLE,
277 DesiredAccess: ACCESS_MASK,
278 ObjectAttributes: POBJECT_ATTRIBUTES,
279 InitialOwner: BOOLEAN,
280 ) -> NTSTATUS;
281 fn NtOpenMutant(
282 MutantHandle: PHANDLE,
283 DesiredAccess: ACCESS_MASK,
284 ObjectAttributes: POBJECT_ATTRIBUTES,
285 ) -> NTSTATUS;
286 fn NtReleaseMutant(
287 MutantHandle: HANDLE,
288 PreviousCount: PLONG,
289 ) -> NTSTATUS;
290 fn NtQueryMutant(
291 MutantHandle: HANDLE,
292 MutantInformationClass: MUTANT_INFORMATION_CLASS,
293 MutantInformation: PVOID,
294 MutantInformationLength: ULONG,
295 ReturnLength: PULONG,
296 ) -> NTSTATUS;
297}}
298pub const SEMAPHORE_QUERY_STATE: u32 = 0x0001;
299ENUM!{enum SEMAPHORE_INFORMATION_CLASS {
300 SemaphoreBasicInformation = 0,
301}}
302STRUCT!{struct SEMAPHORE_BASIC_INFORMATION {
303 CurrentCount: LONG,
304 MaximumCount: LONG,
305}}
306pub type PSEMAPHORE_BASIC_INFORMATION = *mut SEMAPHORE_BASIC_INFORMATION;
307EXTERN!{extern "system" {
308 fn NtCreateSemaphore(
309 SemaphoreHandle: PHANDLE,
310 DesiredAccess: ACCESS_MASK,
311 ObjectAttributes: POBJECT_ATTRIBUTES,
312 InitialCount: LONG,
313 MaximumCount: LONG,
314 ) -> NTSTATUS;
315 fn NtOpenSemaphore(
316 SemaphoreHandle: PHANDLE,
317 DesiredAccess: ACCESS_MASK,
318 ObjectAttributes: POBJECT_ATTRIBUTES,
319 ) -> NTSTATUS;
320 fn NtReleaseSemaphore(
321 SemaphoreHandle: HANDLE,
322 ReleaseCount: LONG,
323 PreviousCount: PLONG,
324 ) -> NTSTATUS;
325 fn NtQuerySemaphore(
326 SemaphoreHandle: HANDLE,
327 SemaphoreInformationClass: SEMAPHORE_INFORMATION_CLASS,
328 SemaphoreInformation: PVOID,
329 SemaphoreInformationLength: ULONG,
330 ReturnLength: PULONG,
331 ) -> NTSTATUS;
332}}
333ENUM!{enum TIMER_INFORMATION_CLASS {
334 TimerBasicInformation = 0,
335}}
336STRUCT!{struct TIMER_BASIC_INFORMATION {
337 RemainingTime: LARGE_INTEGER,
338 TimerState: BOOLEAN,
339}}
340pub type PTIMER_BASIC_INFORMATION = *mut TIMER_BASIC_INFORMATION;
341FN!{stdcall PTIMER_APC_ROUTINE(
342 TimerContext: PVOID,
343 TimerLowValue: ULONG,
344 TimerHighValue: LONG,
345) -> ()}
346ENUM!{enum TIMER_SET_INFORMATION_CLASS {
347 TimerSetCoalescableTimer = 0,
348 MaxTimerInfoClass = 1,
349}}
350STRUCT!{struct TIMER_SET_COALESCABLE_TIMER_INFO {
351 DueTime: LARGE_INTEGER,
352 TimerApcRoutine: PTIMER_APC_ROUTINE,
353 TimerContext: PVOID,
354 WakeContext: *mut COUNTED_REASON_CONTEXT,
355 Period: ULONG,
356 TolerableDelay: ULONG,
357 PreviousState: PBOOLEAN,
358}}
359pub type PTIMER_SET_COALESCABLE_TIMER_INFO = *mut TIMER_SET_COALESCABLE_TIMER_INFO;
360EXTERN!{extern "system" {
361 fn NtCreateTimer(
362 TimerHandle: PHANDLE,
363 DesiredAccess: ACCESS_MASK,
364 ObjectAttributes: POBJECT_ATTRIBUTES,
365 TimerType: TIMER_TYPE,
366 ) -> NTSTATUS;
367 fn NtOpenTimer(
368 TimerHandle: PHANDLE,
369 DesiredAccess: ACCESS_MASK,
370 ObjectAttributes: POBJECT_ATTRIBUTES,
371 ) -> NTSTATUS;
372 fn NtSetTimer(
373 TimerHandle: HANDLE,
374 DueTime: PLARGE_INTEGER,
375 TimerApcRoutine: PTIMER_APC_ROUTINE,
376 TimerContext: PVOID,
377 ResumeTimer: BOOLEAN,
378 Period: LONG,
379 PreviousState: PBOOLEAN,
380 ) -> NTSTATUS;
381 fn NtSetTimerEx(
382 TimerHandle: HANDLE,
383 TimerSetInformationClass: TIMER_SET_INFORMATION_CLASS,
384 TimerSetInformation: PVOID,
385 TimerSetInformationLength: ULONG,
386 ) -> NTSTATUS;
387 fn NtCancelTimer(
388 TimerHandle: HANDLE,
389 CurrentState: PBOOLEAN,
390 ) -> NTSTATUS;
391 fn NtQueryTimer(
392 TimerHandle: HANDLE,
393 TimerInformationClass: TIMER_INFORMATION_CLASS,
394 TimerInformation: PVOID,
395 TimerInformationLength: ULONG,
396 ReturnLength: PULONG,
397 ) -> NTSTATUS;
398 fn NtCreateIRTimer(
399 TimerHandle: PHANDLE,
400 DesiredAccess: ACCESS_MASK,
401 ) -> NTSTATUS;
402 fn NtSetIRTimer(
403 TimerHandle: HANDLE,
404 DueTime: PLARGE_INTEGER,
405 ) -> NTSTATUS;
406}}
407STRUCT!{struct T2_SET_PARAMETERS {
408 Version: ULONG,
409 Reserved: ULONG,
410 NoWakeTolerance: LONGLONG,
411}}
412pub type PT2_SET_PARAMETERS = *mut T2_SET_PARAMETERS;
413pub type PT2_CANCEL_PARAMETERS = PVOID;
414EXTERN!{extern "system" {
415 fn NtCreateTimer2(
416 TimerHandle: PHANDLE,
417 Reserved1: PVOID,
418 Reserved2: PVOID,
419 Attributes: ULONG,
420 DesiredAccess: ACCESS_MASK,
421 ) -> NTSTATUS;
422 fn NtSetTimer2(
423 TimerHandle: HANDLE,
424 DueTime: PLARGE_INTEGER,
425 Period: PLARGE_INTEGER,
426 Parameters: PT2_SET_PARAMETERS,
427 ) -> NTSTATUS;
428 fn NtCancelTimer2(
429 TimerHandle: HANDLE,
430 Parameters: PT2_CANCEL_PARAMETERS,
431 ) -> NTSTATUS;
432}}
433pub const PROFILE_CONTROL: u32 = 0x0001;
434pub const PROFILE_ALL_ACCESS: u32 = STANDARD_RIGHTS_REQUIRED | PROFILE_CONTROL;
435EXTERN!{extern "system" {
436 fn NtCreateProfile(
437 ProfileHandle: PHANDLE,
438 Process: HANDLE,
439 ProfileBase: PVOID,
440 ProfileSize: SIZE_T,
441 BucketSize: ULONG,
442 Buffer: PULONG,
443 BufferSize: ULONG,
444 ProfileSource: KPROFILE_SOURCE,
445 Affinity: KAFFINITY,
446 ) -> NTSTATUS;
447 fn NtCreateProfileEx(
448 ProfileHandle: PHANDLE,
449 Process: HANDLE,
450 ProfileBase: PVOID,
451 ProfileSize: SIZE_T,
452 BucketSize: ULONG,
453 Buffer: PULONG,
454 BufferSize: ULONG,
455 ProfileSource: KPROFILE_SOURCE,
456 GroupCount: USHORT,
457 GroupAffinity: PGROUP_AFFINITY,
458 ) -> NTSTATUS;
459 fn NtStartProfile(
460 ProfileHandle: HANDLE,
461 ) -> NTSTATUS;
462 fn NtStopProfile(
463 ProfileHandle: HANDLE,
464 ) -> NTSTATUS;
465 fn NtQueryIntervalProfile(
466 ProfileSource: KPROFILE_SOURCE,
467 Interval: PULONG,
468 ) -> NTSTATUS;
469 fn NtSetIntervalProfile(
470 Interval: ULONG,
471 Source: KPROFILE_SOURCE,
472 ) -> NTSTATUS;
473}}
474pub const KEYEDEVENT_WAIT: ULONG = 0x0001;
475pub const KEYEDEVENT_WAKE: ULONG = 0x0002;
476pub const KEYEDEVENT_ALL_ACCESS: ACCESS_MASK =
477 STANDARD_RIGHTS_REQUIRED | KEYEDEVENT_WAIT | KEYEDEVENT_WAKE;
478EXTERN!{extern "system" {
479 fn NtCreateKeyedEvent(
480 KeyedEventHandle: PHANDLE,
481 DesiredAccess: ACCESS_MASK,
482 ObjectAttributes: POBJECT_ATTRIBUTES,
483 Flags: ULONG,
484 ) -> NTSTATUS;
485 fn NtOpenKeyedEvent(
486 KeyedEventHandle: PHANDLE,
487 DesiredAccess: ACCESS_MASK,
488 ObjectAttributes: POBJECT_ATTRIBUTES,
489 ) -> NTSTATUS;
490 fn NtReleaseKeyedEvent(
491 KeyedEventHandle: HANDLE,
492 KeyValue: PVOID,
493 Alertable: BOOLEAN,
494 Timeout: PLARGE_INTEGER,
495 ) -> NTSTATUS;
496 fn NtWaitForKeyedEvent(
497 KeyedEventHandle: HANDLE,
498 KeyValue: PVOID,
499 Alertable: BOOLEAN,
500 Timeout: PLARGE_INTEGER,
501 ) -> NTSTATUS;
502 fn NtUmsThreadYield(
503 SchedulerParam: PVOID,
504 ) -> NTSTATUS;
505}}
506ENUM!{enum WNF_STATE_NAME_LIFETIME {
507 WnfWellKnownStateName = 0,
508 WnfPermanentStateName = 1,
509 WnfPersistentStateName = 2,
510 WnfTemporaryStateName = 3,
511}}
512ENUM!{enum WNF_STATE_NAME_INFORMATION {
513 WnfInfoStateNameExist = 0,
514 WnfInfoSubscribersPresent = 1,
515 WnfInfoIsQuiescent = 2,
516}}
517ENUM!{enum WNF_DATA_SCOPE {
518 WnfDataScopeSystem = 0,
519 WnfDataScopeSession = 1,
520 WnfDataScopeUser = 2,
521 WnfDataScopeProcess = 3,
522 WnfDataScopeMachine = 4,
523}}
524STRUCT!{struct WNF_TYPE_ID {
525 TypeId: GUID,
526}}
527pub type PWNF_TYPE_ID = *mut WNF_TYPE_ID;
528pub type PCWNF_TYPE_ID = *const WNF_TYPE_ID;
529pub type PWNF_CHANGE_STAMP = *mut ULONG;
530pub type WNF_CHANGE_STAMP = ULONG;
531STRUCT!{struct WNF_DELIVERY_DESCRIPTOR {
532 SubscriptionId: ULONGLONG,
533 StateName: WNF_STATE_NAME,
534 ChangeStamp: WNF_CHANGE_STAMP,
535 StateDataSize: ULONG,
536 EventMask: ULONG,
537 TypeId: WNF_TYPE_ID,
538 StateDataOffset: ULONG,
539}}
540pub type PWNF_DELIVERY_DESCRIPTOR = *mut WNF_DELIVERY_DESCRIPTOR;
541EXTERN!{extern "system" {
542 fn NtCreateWnfStateName(
543 StateName: PWNF_STATE_NAME,
544 NameLifetime: WNF_STATE_NAME_LIFETIME,
545 DataScope: WNF_DATA_SCOPE,
546 PersistData: BOOLEAN,
547 TypeId: PCWNF_TYPE_ID,
548 MaximumStateSize: ULONG,
549 SecurityDescriptor: PSECURITY_DESCRIPTOR,
550 ) -> NTSTATUS;
551 fn NtDeleteWnfStateName(
552 StateName: PCWNF_STATE_NAME,
553 ) -> NTSTATUS;
554 fn NtUpdateWnfStateData(
555 StateName: PCWNF_STATE_NAME,
556 Buffer: *const VOID,
557 Length: ULONG,
558 TypeId: PCWNF_TYPE_ID,
559 ExplicitScope: *const VOID,
560 MatchingChangeStamp: WNF_CHANGE_STAMP,
561 CheckStamp: LOGICAL,
562 ) -> NTSTATUS;
563 fn NtDeleteWnfStateData(
564 StateName: PCWNF_STATE_NAME,
565 ExplicitScope: *const VOID,
566 ) -> NTSTATUS;
567 fn NtQueryWnfStateData(
568 StateName: PCWNF_STATE_NAME,
569 TypeId: PCWNF_TYPE_ID,
570 ExplicitScope: *const VOID,
571 ChangeStamp: PWNF_CHANGE_STAMP,
572 Buffer: PVOID,
573 BufferSize: PULONG,
574 ) -> NTSTATUS;
575 fn NtQueryWnfStateNameInformation(
576 StateName: PCWNF_STATE_NAME,
577 NameInfoClass: WNF_STATE_NAME_INFORMATION,
578 ExplicitScope: *const VOID,
579 InfoBuffer: PVOID,
580 InfoBufferSize: ULONG,
581 ) -> NTSTATUS;
582 fn NtSubscribeWnfStateChange(
583 StateName: PCWNF_STATE_NAME,
584 ChangeStamp: WNF_CHANGE_STAMP,
585 EventMask: ULONG,
586 SubscriptionId: PULONG64,
587 ) -> NTSTATUS;
588 fn NtUnsubscribeWnfStateChange(
589 StateName: PCWNF_STATE_NAME,
590 ) -> NTSTATUS;
591 fn NtGetCompleteWnfStateSubscription(
592 OldDescriptorStateName: PWNF_STATE_NAME,
593 OldSubscriptionId: *mut ULONG64,
594 OldDescriptorEventMask: ULONG,
595 OldDescriptorStatus: ULONG,
596 NewDeliveryDescriptor: PWNF_DELIVERY_DESCRIPTOR,
597 DescriptorSize: ULONG,
598 ) -> NTSTATUS;
599 fn NtSetWnfProcessNotificationEvent(
600 NotificationEvent: HANDLE,
601 ) -> NTSTATUS;
602}}
603pub const WORKER_FACTORY_RELEASE_WORKER: u32 = 0x0001;
604pub const WORKER_FACTORY_WAIT: u32 = 0x0002;
605pub const WORKER_FACTORY_SET_INFORMATION: u32 = 0x0004;
606pub const WORKER_FACTORY_QUERY_INFORMATION: u32 = 0x0008;
607pub const WORKER_FACTORY_READY_WORKER: u32 = 0x0010;
608pub const WORKER_FACTORY_SHUTDOWN: u32 = 0x0020;
609pub const WORKER_FACTORY_ALL_ACCESS: ACCESS_MASK = STANDARD_RIGHTS_REQUIRED
610 | WORKER_FACTORY_RELEASE_WORKER | WORKER_FACTORY_WAIT | WORKER_FACTORY_SET_INFORMATION
611 | WORKER_FACTORY_QUERY_INFORMATION | WORKER_FACTORY_READY_WORKER | WORKER_FACTORY_SHUTDOWN;
612ENUM!{enum WORKERFACTORYINFOCLASS {
613 WorkerFactoryTimeout = 0,
614 WorkerFactoryRetryTimeout = 1,
615 WorkerFactoryIdleTimeout = 2,
616 WorkerFactoryBindingCount = 3,
617 WorkerFactoryThreadMinimum = 4,
618 WorkerFactoryThreadMaximum = 5,
619 WorkerFactoryPaused = 6,
620 WorkerFactoryBasicInformation = 7,
621 WorkerFactoryAdjustThreadGoal = 8,
622 WorkerFactoryCallbackType = 9,
623 WorkerFactoryStackInformation = 10,
624 WorkerFactoryThreadBasePriority = 11,
625 WorkerFactoryTimeoutWaiters = 12,
626 WorkerFactoryFlags = 13,
627 WorkerFactoryThreadSoftMaximum = 14,
628 MaxWorkerFactoryInfoClass = 15,
629}}
630pub type PWORKERFACTORYINFOCLASS = *mut WORKERFACTORYINFOCLASS;
631STRUCT!{struct WORKER_FACTORY_BASIC_INFORMATION {
632 Timeout: LARGE_INTEGER,
633 RetryTimeout: LARGE_INTEGER,
634 IdleTimeout: LARGE_INTEGER,
635 Paused: BOOLEAN,
636 TimerSet: BOOLEAN,
637 QueuedToExWorker: BOOLEAN,
638 MayCreate: BOOLEAN,
639 CreateInProgress: BOOLEAN,
640 InsertedIntoQueue: BOOLEAN,
641 Shutdown: BOOLEAN,
642 BindingCount: ULONG,
643 ThreadMinimum: ULONG,
644 ThreadMaximum: ULONG,
645 PendingWorkerCount: ULONG,
646 WaitingWorkerCount: ULONG,
647 TotalWorkerCount: ULONG,
648 ReleaseCount: ULONG,
649 InfiniteWaitGoal: LONGLONG,
650 StartRoutine: PVOID,
651 StartParameter: PVOID,
652 ProcessId: HANDLE,
653 StackReserve: SIZE_T,
654 StackCommit: SIZE_T,
655 LastThreadCreationStatus: NTSTATUS,
656}}
657pub type PWORKER_FACTORY_BASIC_INFORMATION = *mut WORKER_FACTORY_BASIC_INFORMATION;
658EXTERN!{extern "system" {
659 fn NtCreateWorkerFactory(
660 WorkerFactoryHandleReturn: PHANDLE,
661 DesiredAccess: ACCESS_MASK,
662 ObjectAttributes: POBJECT_ATTRIBUTES,
663 CompletionPortHandle: HANDLE,
664 WorkerProcessHandle: HANDLE,
665 StartRoutine: PVOID,
666 StartParameter: PVOID,
667 MaxThreadCount: ULONG,
668 StackReserve: SIZE_T,
669 StackCommit: SIZE_T,
670 ) -> NTSTATUS;
671 fn NtQueryInformationWorkerFactory(
672 WorkerFactoryHandle: HANDLE,
673 WorkerFactoryInformationClass: WORKERFACTORYINFOCLASS,
674 WorkerFactoryInformation: PVOID,
675 WorkerFactoryInformationLength: ULONG,
676 ReturnLength: PULONG,
677 ) -> NTSTATUS;
678 fn NtSetInformationWorkerFactory(
679 WorkerFactoryHandle: HANDLE,
680 WorkerFactoryInformationClass: WORKERFACTORYINFOCLASS,
681 WorkerFactoryInformation: PVOID,
682 WorkerFactoryInformationLength: ULONG,
683 ) -> NTSTATUS;
684 fn NtShutdownWorkerFactory(
685 WorkerFactoryHandle: HANDLE,
686 PendingWorkerCount: *mut LONG,
687 ) -> NTSTATUS;
688 fn NtReleaseWorkerFactoryWorker(
689 WorkerFactoryHandle: HANDLE,
690 ) -> NTSTATUS;
691 fn NtWorkerFactoryWorkerReady(
692 WorkerFactoryHandle: HANDLE,
693 ) -> NTSTATUS;
694 fn NtWaitForWorkViaWorkerFactory(
695 WorkerFactoryHandle: HANDLE,
696 MiniPacket: *mut FILE_IO_COMPLETION_INFORMATION,
697 ) -> NTSTATUS;
698 fn NtQuerySystemTime(
699 SystemTime: PLARGE_INTEGER,
700 ) -> NTSTATUS;
701 fn NtSetSystemTime(
702 SystemTime: PLARGE_INTEGER,
703 PreviousTime: PLARGE_INTEGER,
704 ) -> NTSTATUS;
705 fn NtQueryTimerResolution(
706 MaximumTime: PULONG,
707 MinimumTime: PULONG,
708 CurrentTime: PULONG,
709 ) -> NTSTATUS;
710 fn NtSetTimerResolution(
711 DesiredTime: ULONG,
712 SetResolution: BOOLEAN,
713 ActualTime: PULONG,
714 ) -> NTSTATUS;
715 fn NtQueryPerformanceCounter(
716 PerformanceCounter: PLARGE_INTEGER,
717 PerformanceFrequency: PLARGE_INTEGER,
718 ) -> NTSTATUS;
719 fn NtAllocateLocallyUniqueId(
720 Luid: PLUID,
721 ) -> NTSTATUS;
722 fn NtSetUuidSeed(
723 Seed: PCHAR,
724 ) -> NTSTATUS;
725 fn NtAllocateUuids(
726 Time: PULARGE_INTEGER,
727 Range: PULONG,
728 Sequence: PULONG,
729 Seed: PCHAR,
730 ) -> NTSTATUS;
731}}
732ENUM!{enum SYSTEM_INFORMATION_CLASS {
733 SystemBasicInformation = 0,
734 SystemProcessorInformation = 1,
735 SystemPerformanceInformation = 2,
736 SystemTimeOfDayInformation = 3,
737 SystemPathInformation = 4,
738 SystemProcessInformation = 5,
739 SystemCallCountInformation = 6,
740 SystemDeviceInformation = 7,
741 SystemProcessorPerformanceInformation = 8,
742 SystemFlagsInformation = 9,
743 SystemCallTimeInformation = 10,
744 SystemModuleInformation = 11,
745 SystemLocksInformation = 12,
746 SystemStackTraceInformation = 13,
747 SystemPagedPoolInformation = 14,
748 SystemNonPagedPoolInformation = 15,
749 SystemHandleInformation = 16,
750 SystemObjectInformation = 17,
751 SystemPageFileInformation = 18,
752 SystemVdmInstemulInformation = 19,
753 SystemVdmBopInformation = 20,
754 SystemFileCacheInformation = 21,
755 SystemPoolTagInformation = 22,
756 SystemInterruptInformation = 23,
757 SystemDpcBehaviorInformation = 24,
758 SystemFullMemoryInformation = 25,
759 SystemLoadGdiDriverInformation = 26,
760 SystemUnloadGdiDriverInformation = 27,
761 SystemTimeAdjustmentInformation = 28,
762 SystemSummaryMemoryInformation = 29,
763 SystemMirrorMemoryInformation = 30,
764 SystemPerformanceTraceInformation = 31,
765 SystemObsolete0 = 32,
766 SystemExceptionInformation = 33,
767 SystemCrashDumpStateInformation = 34,
768 SystemKernelDebuggerInformation = 35,
769 SystemContextSwitchInformation = 36,
770 SystemRegistryQuotaInformation = 37,
771 SystemExtendServiceTableInformation = 38,
772 SystemPrioritySeperation = 39,
773 SystemVerifierAddDriverInformation = 40,
774 SystemVerifierRemoveDriverInformation = 41,
775 SystemProcessorIdleInformation = 42,
776 SystemLegacyDriverInformation = 43,
777 SystemCurrentTimeZoneInformation = 44,
778 SystemLookasideInformation = 45,
779 SystemTimeSlipNotification = 46,
780 SystemSessionCreate = 47,
781 SystemSessionDetach = 48,
782 SystemSessionInformation = 49,
783 SystemRangeStartInformation = 50,
784 SystemVerifierInformation = 51,
785 SystemVerifierThunkExtend = 52,
786 SystemSessionProcessInformation = 53,
787 SystemLoadGdiDriverInSystemSpace = 54,
788 SystemNumaProcessorMap = 55,
789 SystemPrefetcherInformation = 56,
790 SystemExtendedProcessInformation = 57,
791 SystemRecommendedSharedDataAlignment = 58,
792 SystemComPlusPackage = 59,
793 SystemNumaAvailableMemory = 60,
794 SystemProcessorPowerInformation = 61,
795 SystemEmulationBasicInformation = 62,
796 SystemEmulationProcessorInformation = 63,
797 SystemExtendedHandleInformation = 64,
798 SystemLostDelayedWriteInformation = 65,
799 SystemBigPoolInformation = 66,
800 SystemSessionPoolTagInformation = 67,
801 SystemSessionMappedViewInformation = 68,
802 SystemHotpatchInformation = 69,
803 SystemObjectSecurityMode = 70,
804 SystemWatchdogTimerHandler = 71,
805 SystemWatchdogTimerInformation = 72,
806 SystemLogicalProcessorInformation = 73,
807 SystemWow64SharedInformationObsolete = 74,
808 SystemRegisterFirmwareTableInformationHandler = 75,
809 SystemFirmwareTableInformation = 76,
810 SystemModuleInformationEx = 77,
811 SystemVerifierTriageInformation = 78,
812 SystemSuperfetchInformation = 79,
813 SystemMemoryListInformation = 80,
814 SystemFileCacheInformationEx = 81,
815 SystemThreadPriorityClientIdInformation = 82,
816 SystemProcessorIdleCycleTimeInformation = 83,
817 SystemVerifierCancellationInformation = 84,
818 SystemProcessorPowerInformationEx = 85,
819 SystemRefTraceInformation = 86,
820 SystemSpecialPoolInformation = 87,
821 SystemProcessIdInformation = 88,
822 SystemErrorPortInformation = 89,
823 SystemBootEnvironmentInformation = 90,
824 SystemHypervisorInformation = 91,
825 SystemVerifierInformationEx = 92,
826 SystemTimeZoneInformation = 93,
827 SystemImageFileExecutionOptionsInformation = 94,
828 SystemCoverageInformation = 95,
829 SystemPrefetchPatchInformation = 96,
830 SystemVerifierFaultsInformation = 97,
831 SystemSystemPartitionInformation = 98,
832 SystemSystemDiskInformation = 99,
833 SystemProcessorPerformanceDistribution = 100,
834 SystemNumaProximityNodeInformation = 101,
835 SystemDynamicTimeZoneInformation = 102,
836 SystemCodeIntegrityInformation = 103,
837 SystemProcessorMicrocodeUpdateInformation = 104,
838 SystemProcessorBrandString = 105,
839 SystemVirtualAddressInformation = 106,
840 SystemLogicalProcessorAndGroupInformation = 107,
841 SystemProcessorCycleTimeInformation = 108,
842 SystemStoreInformation = 109,
843 SystemRegistryAppendString = 110,
844 SystemAitSamplingValue = 111,
845 SystemVhdBootInformation = 112,
846 SystemCpuQuotaInformation = 113,
847 SystemNativeBasicInformation = 114,
848 SystemSpare1 = 115,
849 SystemLowPriorityIoInformation = 116,
850 SystemTpmBootEntropyInformation = 117,
851 SystemVerifierCountersInformation = 118,
852 SystemPagedPoolInformationEx = 119,
853 SystemSystemPtesInformationEx = 120,
854 SystemNodeDistanceInformation = 121,
855 SystemAcpiAuditInformation = 122,
856 SystemBasicPerformanceInformation = 123,
857 SystemQueryPerformanceCounterInformation = 124,
858 SystemSessionBigPoolInformation = 125,
859 SystemBootGraphicsInformation = 126,
860 SystemScrubPhysicalMemoryInformation = 127,
861 SystemBadPageInformation = 128,
862 SystemProcessorProfileControlArea = 129,
863 SystemCombinePhysicalMemoryInformation = 130,
864 SystemEntropyInterruptTimingCallback = 131,
865 SystemConsoleInformation = 132,
866 SystemPlatformBinaryInformation = 133,
867 SystemThrottleNotificationInformation = 134,
868 SystemHypervisorProcessorCountInformation = 135,
869 SystemDeviceDataInformation = 136,
870 SystemDeviceDataEnumerationInformation = 137,
871 SystemMemoryTopologyInformation = 138,
872 SystemMemoryChannelInformation = 139,
873 SystemBootLogoInformation = 140,
874 SystemProcessorPerformanceInformationEx = 141,
875 SystemSpare0 = 142,
876 SystemSecureBootPolicyInformation = 143,
877 SystemPageFileInformationEx = 144,
878 SystemSecureBootInformation = 145,
879 SystemEntropyInterruptTimingRawInformation = 146,
880 SystemPortableWorkspaceEfiLauncherInformation = 147,
881 SystemFullProcessInformation = 148,
882 SystemKernelDebuggerInformationEx = 149,
883 SystemBootMetadataInformation = 150,
884 SystemSoftRebootInformation = 151,
885 SystemElamCertificateInformation = 152,
886 SystemOfflineDumpConfigInformation = 153,
887 SystemProcessorFeaturesInformation = 154,
888 SystemRegistryReconciliationInformation = 155,
889 SystemEdidInformation = 156,
890 SystemManufacturingInformation = 157,
891 SystemEnergyEstimationConfigInformation = 158,
892 SystemHypervisorDetailInformation = 159,
893 SystemProcessorCycleStatsInformation = 160,
894 SystemVmGenerationCountInformation = 161,
895 SystemTrustedPlatformModuleInformation = 162,
896 SystemKernelDebuggerFlags = 163,
897 SystemCodeIntegrityPolicyInformation = 164,
898 SystemIsolatedUserModeInformation = 165,
899 SystemHardwareSecurityTestInterfaceResultsInformation = 166,
900 SystemSingleModuleInformation = 167,
901 SystemAllowedCpuSetsInformation = 168,
902 SystemVsmProtectionInformation = 169,
903 SystemInterruptCpuSetsInformation = 170,
904 SystemSecureBootPolicyFullInformation = 171,
905 SystemCodeIntegrityPolicyFullInformation = 172,
906 SystemAffinitizedInterruptProcessorInformation = 173,
907 SystemRootSiloInformation = 174,
908 SystemCpuSetInformation = 175,
909 SystemCpuSetTagInformation = 176,
910 SystemWin32WerStartCallout = 177,
911 SystemSecureKernelProfileInformation = 178,
912 SystemCodeIntegrityPlatformManifestInformation = 179,
913 SystemInterruptSteeringInformation = 180,
914 SystemSupportedProcessorArchitectures = 181,
915 SystemMemoryUsageInformation = 182,
916 SystemCodeIntegrityCertificateInformation = 183,
917 SystemPhysicalMemoryInformation = 184,
918 SystemControlFlowTransition = 185,
919 SystemKernelDebuggingAllowed = 186,
920 SystemActivityModerationExeState = 187,
921 SystemActivityModerationUserSettings = 188,
922 SystemCodeIntegrityPoliciesFullInformation = 189,
923 SystemCodeIntegrityUnlockInformation = 190,
924 SystemIntegrityQuotaInformation = 191,
925 SystemFlushInformation = 192,
926 SystemProcessorIdleMaskInformation = 193,
927 SystemSecureDumpEncryptionInformation = 194,
928 SystemWriteConstraintInformation = 195,
929 SystemKernelVaShadowInformation = 196,
930 SystemHypervisorSharedPageInformation = 197,
931 SystemFirmwareBootPerformanceInformation = 198,
932 SystemCodeIntegrityVerificationInformation = 199,
933 SystemFirmwarePartitionInformation = 200,
934 SystemSpeculationControlInformation = 201,
935 SystemDmaGuardPolicyInformation = 202,
936 SystemEnclaveLaunchControlInformation = 203,
937 SystemWorkloadAllowedCpuSetsInformation = 204,
938 SystemCodeIntegrityUnlockModeInformation = 205,
939 SystemLeapSecondInformation = 206,
940 SystemFlags2Information = 207,
941 MaxSystemInfoClass = 208,
942}}
943STRUCT!{struct SYSTEM_BASIC_INFORMATION {
944 Reserved: ULONG,
945 TimerResolution: ULONG,
946 PageSize: ULONG,
947 NumberOfPhysicalPages: ULONG,
948 LowestPhysicalPageNumber: ULONG,
949 HighestPhysicalPageNumber: ULONG,
950 AllocationGranularity: ULONG,
951 MinimumUserModeAddress: ULONG_PTR,
952 MaximumUserModeAddress: ULONG_PTR,
953 ActiveProcessorsAffinityMask: ULONG_PTR,
954 NumberOfProcessors: CCHAR,
955}}
956pub type PSYSTEM_BASIC_INFORMATION = *mut SYSTEM_BASIC_INFORMATION;
957STRUCT!{struct SYSTEM_PROCESSOR_INFORMATION {
958 ProcessorArchitecture: USHORT,
959 ProcessorLevel: USHORT,
960 ProcessorRevision: USHORT,
961 MaximumProcessors: USHORT,
962 ProcessorFeatureBits: ULONG,
963}}
964pub type PSYSTEM_PROCESSOR_INFORMATION = *mut SYSTEM_PROCESSOR_INFORMATION;
965STRUCT!{struct SYSTEM_PERFORMANCE_INFORMATION {
966 IdleProcessTime: LARGE_INTEGER,
967 IoReadTransferCount: LARGE_INTEGER,
968 IoWriteTransferCount: LARGE_INTEGER,
969 IoOtherTransferCount: LARGE_INTEGER,
970 IoReadOperationCount: ULONG,
971 IoWriteOperationCount: ULONG,
972 IoOtherOperationCount: ULONG,
973 AvailablePages: ULONG,
974 CommittedPages: ULONG,
975 CommitLimit: ULONG,
976 PeakCommitment: ULONG,
977 PageFaultCount: ULONG,
978 CopyOnWriteCount: ULONG,
979 TransitionCount: ULONG,
980 CacheTransitionCount: ULONG,
981 DemandZeroCount: ULONG,
982 PageReadCount: ULONG,
983 PageReadIoCount: ULONG,
984 CacheReadCount: ULONG,
985 CacheIoCount: ULONG,
986 DirtyPagesWriteCount: ULONG,
987 DirtyWriteIoCount: ULONG,
988 MappedPagesWriteCount: ULONG,
989 MappedWriteIoCount: ULONG,
990 PagedPoolPages: ULONG,
991 NonPagedPoolPages: ULONG,
992 PagedPoolAllocs: ULONG,
993 PagedPoolFrees: ULONG,
994 NonPagedPoolAllocs: ULONG,
995 NonPagedPoolFrees: ULONG,
996 FreeSystemPtes: ULONG,
997 ResidentSystemCodePage: ULONG,
998 TotalSystemDriverPages: ULONG,
999 TotalSystemCodePages: ULONG,
1000 NonPagedPoolLookasideHits: ULONG,
1001 PagedPoolLookasideHits: ULONG,
1002 AvailablePagedPoolPages: ULONG,
1003 ResidentSystemCachePage: ULONG,
1004 ResidentPagedPoolPage: ULONG,
1005 ResidentSystemDriverPage: ULONG,
1006 CcFastReadNoWait: ULONG,
1007 CcFastReadWait: ULONG,
1008 CcFastReadResourceMiss: ULONG,
1009 CcFastReadNotPossible: ULONG,
1010 CcFastMdlReadNoWait: ULONG,
1011 CcFastMdlReadWait: ULONG,
1012 CcFastMdlReadResourceMiss: ULONG,
1013 CcFastMdlReadNotPossible: ULONG,
1014 CcMapDataNoWait: ULONG,
1015 CcMapDataWait: ULONG,
1016 CcMapDataNoWaitMiss: ULONG,
1017 CcMapDataWaitMiss: ULONG,
1018 CcPinMappedDataCount: ULONG,
1019 CcPinReadNoWait: ULONG,
1020 CcPinReadWait: ULONG,
1021 CcPinReadNoWaitMiss: ULONG,
1022 CcPinReadWaitMiss: ULONG,
1023 CcCopyReadNoWait: ULONG,
1024 CcCopyReadWait: ULONG,
1025 CcCopyReadNoWaitMiss: ULONG,
1026 CcCopyReadWaitMiss: ULONG,
1027 CcMdlReadNoWait: ULONG,
1028 CcMdlReadWait: ULONG,
1029 CcMdlReadNoWaitMiss: ULONG,
1030 CcMdlReadWaitMiss: ULONG,
1031 CcReadAheadIos: ULONG,
1032 CcLazyWriteIos: ULONG,
1033 CcLazyWritePages: ULONG,
1034 CcDataFlushes: ULONG,
1035 CcDataPages: ULONG,
1036 ContextSwitches: ULONG,
1037 FirstLevelTbFills: ULONG,
1038 SecondLevelTbFills: ULONG,
1039 SystemCalls: ULONG,
1040 CcTotalDirtyPages: ULONGLONG,
1041 CcDirtyPageThreshold: ULONGLONG,
1042 ResidentAvailablePages: LONGLONG,
1043 SharedCommittedPages: ULONGLONG,
1044}}
1045pub type PSYSTEM_PERFORMANCE_INFORMATION = *mut SYSTEM_PERFORMANCE_INFORMATION;
1046STRUCT!{struct SYSTEM_TIMEOFDAY_INFORMATION {
1047 BootTime: LARGE_INTEGER,
1048 CurrentTime: LARGE_INTEGER,
1049 TimeZoneBias: LARGE_INTEGER,
1050 TimeZoneId: ULONG,
1051 Reserved: ULONG,
1052 BootTimeBias: ULONGLONG,
1053 SleepTimeBias: ULONGLONG,
1054}}
1055pub type PSYSTEM_TIMEOFDAY_INFORMATION = *mut SYSTEM_TIMEOFDAY_INFORMATION;
1056STRUCT!{struct SYSTEM_THREAD_INFORMATION {
1057 KernelTime: LARGE_INTEGER,
1058 UserTime: LARGE_INTEGER,
1059 CreateTime: LARGE_INTEGER,
1060 WaitTime: ULONG,
1061 StartAddress: PVOID,
1062 ClientId: CLIENT_ID,
1063 Priority: KPRIORITY,
1064 BasePriority: LONG,
1065 ContextSwitches: ULONG,
1066 ThreadState: KTHREAD_STATE,
1067 WaitReason: KWAIT_REASON,
1068}}
1069pub type PSYSTEM_THREAD_INFORMATION = *mut SYSTEM_THREAD_INFORMATION;
1070STRUCT!{struct SYSTEM_EXTENDED_THREAD_INFORMATION {
1071 ThreadInfo: SYSTEM_THREAD_INFORMATION,
1072 StackBase: PVOID,
1073 StackLimit: PVOID,
1074 Win32StartAddress: PVOID,
1075 TebBase: PTEB,
1076 Reserved2: ULONG_PTR,
1077 Reserved3: ULONG_PTR,
1078 Reserved4: ULONG_PTR,
1079}}
1080pub type PSYSTEM_EXTENDED_THREAD_INFORMATION = *mut SYSTEM_EXTENDED_THREAD_INFORMATION;
1081STRUCT!{struct SYSTEM_PROCESS_INFORMATION {
1082 NextEntryOffset: ULONG,
1083 NumberOfThreads: ULONG,
1084 WorkingSetPrivateSize: LARGE_INTEGER,
1085 HardFaultCount: ULONG,
1086 NumberOfThreadsHighWatermark: ULONG,
1087 CycleTime: ULONGLONG,
1088 CreateTime: LARGE_INTEGER,
1089 UserTime: LARGE_INTEGER,
1090 KernelTime: LARGE_INTEGER,
1091 ImageName: UNICODE_STRING,
1092 BasePriority: KPRIORITY,
1093 UniqueProcessId: HANDLE,
1094 InheritedFromUniqueProcessId: HANDLE,
1095 HandleCount: ULONG,
1096 SessionId: ULONG,
1097 UniqueProcessKey: ULONG_PTR,
1098 PeakVirtualSize: SIZE_T,
1099 VirtualSize: SIZE_T,
1100 PageFaultCount: ULONG,
1101 PeakWorkingSetSize: SIZE_T,
1102 WorkingSetSize: SIZE_T,
1103 QuotaPeakPagedPoolUsage: SIZE_T,
1104 QuotaPagedPoolUsage: SIZE_T,
1105 QuotaPeakNonPagedPoolUsage: SIZE_T,
1106 QuotaNonPagedPoolUsage: SIZE_T,
1107 PagefileUsage: SIZE_T,
1108 PeakPagefileUsage: SIZE_T,
1109 PrivatePageCount: SIZE_T,
1110 ReadOperationCount: LARGE_INTEGER,
1111 WriteOperationCount: LARGE_INTEGER,
1112 OtherOperationCount: LARGE_INTEGER,
1113 ReadTransferCount: LARGE_INTEGER,
1114 WriteTransferCount: LARGE_INTEGER,
1115 OtherTransferCount: LARGE_INTEGER,
1116 Threads: [SYSTEM_THREAD_INFORMATION; 1],
1117}}
1118pub type PSYSTEM_PROCESS_INFORMATION = *mut SYSTEM_PROCESS_INFORMATION;
1119STRUCT!{struct SYSTEM_CALL_COUNT_INFORMATION {
1120 Length: ULONG,
1121 NumberOfTables: ULONG,
1122}}
1123pub type PSYSTEM_CALL_COUNT_INFORMATION = *mut SYSTEM_CALL_COUNT_INFORMATION;
1124STRUCT!{struct SYSTEM_DEVICE_INFORMATION {
1125 NumberOfDisks: ULONG,
1126 NumberOfFloppies: ULONG,
1127 NumberOfCdRoms: ULONG,
1128 NumberOfTapes: ULONG,
1129 NumberOfSerialPorts: ULONG,
1130 NumberOfParallelPorts: ULONG,
1131}}
1132pub type PSYSTEM_DEVICE_INFORMATION = *mut SYSTEM_DEVICE_INFORMATION;
1133STRUCT!{struct SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION {
1134 IdleTime: LARGE_INTEGER,
1135 KernelTime: LARGE_INTEGER,
1136 UserTime: LARGE_INTEGER,
1137 DpcTime: LARGE_INTEGER,
1138 InterruptTime: LARGE_INTEGER,
1139 InterruptCount: ULONG,
1140}}
1141pub type PSYSTEM_PROCESSOR_PERFORMANCE_INFORMATION = *mut SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION;
1142STRUCT!{struct SYSTEM_FLAGS_INFORMATION {
1143 Flags: ULONG,
1144}}
1145pub type PSYSTEM_FLAGS_INFORMATION = *mut SYSTEM_FLAGS_INFORMATION;
1146STRUCT!{struct SYSTEM_CALL_TIME_INFORMATION {
1147 Length: ULONG,
1148 TotalCalls: ULONG,
1149 TimeOfCalls: [LARGE_INTEGER; 1],
1150}}
1151pub type PSYSTEM_CALL_TIME_INFORMATION = *mut SYSTEM_CALL_TIME_INFORMATION;
1152STRUCT!{struct RTL_PROCESS_LOCK_INFORMATION {
1153 Address: PVOID,
1154 Type: USHORT,
1155 CreatorBackTraceIndex: USHORT,
1156 OwningThread: HANDLE,
1157 LockCount: LONG,
1158 ContentionCount: ULONG,
1159 EntryCount: ULONG,
1160 RecursionCount: LONG,
1161 NumberOfWaitingShared: ULONG,
1162 NumberOfWaitingExclusive: ULONG,
1163}}
1164pub type PRTL_PROCESS_LOCK_INFORMATION = *mut RTL_PROCESS_LOCK_INFORMATION;
1165STRUCT!{struct RTL_PROCESS_LOCKS {
1166 NumberOfLocks: ULONG,
1167 Locks: [RTL_PROCESS_LOCK_INFORMATION; 1],
1168}}
1169pub type PRTL_PROCESS_LOCKS = *mut RTL_PROCESS_LOCKS;
1170STRUCT!{struct RTL_PROCESS_BACKTRACE_INFORMATION {
1171 SymbolicBackTrace: PCHAR,
1172 TraceCount: ULONG,
1173 Index: USHORT,
1174 Depth: USHORT,
1175 BackTrace: [PVOID; 32],
1176}}
1177pub type PRTL_PROCESS_BACKTRACE_INFORMATION = *mut RTL_PROCESS_BACKTRACE_INFORMATION;
1178STRUCT!{struct RTL_PROCESS_BACKTRACES {
1179 CommittedMemory: ULONG,
1180 ReservedMemory: ULONG,
1181 NumberOfBackTraceLookups: ULONG,
1182 NumberOfBackTraces: ULONG,
1183 BackTraces: [RTL_PROCESS_BACKTRACE_INFORMATION; 1],
1184}}
1185pub type PRTL_PROCESS_BACKTRACES = *mut RTL_PROCESS_BACKTRACES;
1186STRUCT!{struct SYSTEM_HANDLE_TABLE_ENTRY_INFO {
1187 UniqueProcessId: USHORT,
1188 CreatorBackTraceIndex: USHORT,
1189 ObjectTypeIndex: UCHAR,
1190 HandleAttributes: UCHAR,
1191 HandleValue: USHORT,
1192 Object: PVOID,
1193 GrantedAccess: ULONG,
1194}}
1195pub type PSYSTEM_HANDLE_TABLE_ENTRY_INFO = *mut SYSTEM_HANDLE_TABLE_ENTRY_INFO;
1196STRUCT!{struct SYSTEM_HANDLE_INFORMATION {
1197 NumberOfHandles: ULONG,
1198 Handles: [SYSTEM_HANDLE_TABLE_ENTRY_INFO; 1],
1199}}
1200pub type PSYSTEM_HANDLE_INFORMATION = *mut SYSTEM_HANDLE_INFORMATION;
1201STRUCT!{struct SYSTEM_OBJECTTYPE_INFORMATION {
1202 NextEntryOffset: ULONG,
1203 NumberOfObjects: ULONG,
1204 NumberOfHandles: ULONG,
1205 TypeIndex: ULONG,
1206 InvalidAttributes: ULONG,
1207 GenericMapping: GENERIC_MAPPING,
1208 ValidAccessMask: ULONG,
1209 PoolType: ULONG,
1210 SecurityRequired: BOOLEAN,
1211 WaitableObject: BOOLEAN,
1212 TypeName: UNICODE_STRING,
1213}}
1214pub type PSYSTEM_OBJECTTYPE_INFORMATION = *mut SYSTEM_OBJECTTYPE_INFORMATION;
1215STRUCT!{struct SYSTEM_OBJECT_INFORMATION {
1216 NextEntryOffset: ULONG,
1217 Object: PVOID,
1218 CreatorUniqueProcess: HANDLE,
1219 CreatorBackTraceIndex: USHORT,
1220 Flags: USHORT,
1221 PointerCount: LONG,
1222 HandleCount: LONG,
1223 PagedPoolCharge: ULONG,
1224 NonPagedPoolCharge: ULONG,
1225 ExclusiveProcessId: HANDLE,
1226 SecurityDescriptor: PVOID,
1227 NameInfo: UNICODE_STRING,
1228}}
1229pub type PSYSTEM_OBJECT_INFORMATION = *mut SYSTEM_OBJECT_INFORMATION;
1230STRUCT!{struct SYSTEM_PAGEFILE_INFORMATION {
1231 NextEntryOffset: ULONG,
1232 TotalSize: ULONG,
1233 TotalInUse: ULONG,
1234 PeakUsage: ULONG,
1235 PageFileName: UNICODE_STRING,
1236}}
1237pub type PSYSTEM_PAGEFILE_INFORMATION = *mut SYSTEM_PAGEFILE_INFORMATION;
1238pub const MM_WORKING_SET_MAX_HARD_ENABLE: ULONG = 0x1;
1239pub const MM_WORKING_SET_MAX_HARD_DISABLE: ULONG = 0x2;
1240pub const MM_WORKING_SET_MIN_HARD_ENABLE: ULONG = 0x4;
1241pub const MM_WORKING_SET_MIN_HARD_DISABLE: ULONG = 0x8;
1242STRUCT!{struct SYSTEM_FILECACHE_INFORMATION {
1243 CurrentSize: SIZE_T,
1244 PeakSize: SIZE_T,
1245 PageFaultCount: ULONG,
1246 MinimumWorkingSet: SIZE_T,
1247 MaximumWorkingSet: SIZE_T,
1248 CurrentSizeIncludingTransitionInPages: SIZE_T,
1249 PeakSizeIncludingTransitionInPages: SIZE_T,
1250 TransitionRePurposeCount: ULONG,
1251 Flags: ULONG,
1252}}
1253pub type PSYSTEM_FILECACHE_INFORMATION = *mut SYSTEM_FILECACHE_INFORMATION;
1254STRUCT!{struct SYSTEM_BASIC_WORKING_SET_INFORMATION {
1255 CurrentSize: SIZE_T,
1256 PeakSize: SIZE_T,
1257 PageFaultCount: ULONG,
1258}}
1259pub type PSYSTEM_BASIC_WORKING_SET_INFORMATION = *mut SYSTEM_BASIC_WORKING_SET_INFORMATION;
1260UNION!{union SYSTEM_POOLTAG_u {
1261 Tag: [UCHAR; 4],
1262 TagUlong: ULONG,
1263}}
1264STRUCT!{struct SYSTEM_POOLTAG {
1265 u: SYSTEM_POOLTAG_u,
1266 PagedAllocs: ULONG,
1267 PagedFrees: ULONG,
1268 PagedUsed: SIZE_T,
1269 NonPagedAllocs: ULONG,
1270 NonPagedFrees: ULONG,
1271 NonPagedUsed: SIZE_T,
1272}}
1273pub type PSYSTEM_POOLTAG = *mut SYSTEM_POOLTAG;
1274STRUCT!{struct SYSTEM_POOLTAG_INFORMATION {
1275 Count: ULONG,
1276 TagInfo: [SYSTEM_POOLTAG; 1],
1277}}
1278pub type PSYSTEM_POOLTAG_INFORMATION = *mut SYSTEM_POOLTAG_INFORMATION;
1279STRUCT!{struct SYSTEM_INTERRUPT_INFORMATION {
1280 ContextSwitches: ULONG,
1281 DpcCount: ULONG,
1282 DpcRate: ULONG,
1283 TimeIncrement: ULONG,
1284 DpcBypassCount: ULONG,
1285 ApcBypassCount: ULONG,
1286}}
1287pub type PSYSTEM_INTERRUPT_INFORMATION = *mut SYSTEM_INTERRUPT_INFORMATION;
1288STRUCT!{struct SYSTEM_DPC_BEHAVIOR_INFORMATION {
1289 Spare: ULONG,
1290 DpcQueueDepth: ULONG,
1291 MinimumDpcRate: ULONG,
1292 AdjustDpcThreshold: ULONG,
1293 IdealDpcRate: ULONG,
1294}}
1295pub type PSYSTEM_DPC_BEHAVIOR_INFORMATION = *mut SYSTEM_DPC_BEHAVIOR_INFORMATION;
1296STRUCT!{struct SYSTEM_QUERY_TIME_ADJUST_INFORMATION {
1297 TimeAdjustment: ULONG,
1298 TimeIncrement: ULONG,
1299 Enable: BOOLEAN,
1300}}
1301pub type PSYSTEM_QUERY_TIME_ADJUST_INFORMATION = *mut SYSTEM_QUERY_TIME_ADJUST_INFORMATION;
1302STRUCT!{struct SYSTEM_QUERY_TIME_ADJUST_INFORMATION_PRECISE {
1303 TimeAdjustment: ULONGLONG,
1304 TimeIncrement: ULONGLONG,
1305 Enable: BOOLEAN,
1306}}
1307pub type PSYSTEM_QUERY_TIME_ADJUST_INFORMATION_PRECISE =
1308 *mut SYSTEM_QUERY_TIME_ADJUST_INFORMATION_PRECISE;
1309STRUCT!{struct SYSTEM_SET_TIME_ADJUST_INFORMATION {
1310 TimeAdjustment: ULONG,
1311 Enable: BOOLEAN,
1312}}
1313pub type PSYSTEM_SET_TIME_ADJUST_INFORMATION = *mut SYSTEM_SET_TIME_ADJUST_INFORMATION;
1314STRUCT!{struct SYSTEM_SET_TIME_ADJUST_INFORMATION_PRECISE {
1315 TimeAdjustment: ULONGLONG,
1316 Enable: BOOLEAN,
1317}}
1318pub type PSYSTEM_SET_TIME_ADJUST_INFORMATION_PRECISE =
1319 *mut SYSTEM_SET_TIME_ADJUST_INFORMATION_PRECISE;
1320ENUM!{enum EVENT_TRACE_INFORMATION_CLASS {
1321 EventTraceKernelVersionInformation = 0,
1322 EventTraceGroupMaskInformation = 1,
1323 EventTracePerformanceInformation = 2,
1324 EventTraceTimeProfileInformation = 3,
1325 EventTraceSessionSecurityInformation = 4,
1326 EventTraceSpinlockInformation = 5,
1327 EventTraceStackTracingInformation = 6,
1328 EventTraceExecutiveResourceInformation = 7,
1329 EventTraceHeapTracingInformation = 8,
1330 EventTraceHeapSummaryTracingInformation = 9,
1331 EventTracePoolTagFilterInformation = 10,
1332 EventTracePebsTracingInformation = 11,
1333 EventTraceProfileConfigInformation = 12,
1334 EventTraceProfileSourceListInformation = 13,
1335 EventTraceProfileEventListInformation = 14,
1336 EventTraceProfileCounterListInformation = 15,
1337 EventTraceStackCachingInformation = 16,
1338 EventTraceObjectTypeFilterInformation = 17,
1339 EventTraceSoftRestartInformation = 18,
1340 EventTraceLastBranchConfigurationInformation = 19,
1341 EventTraceLastBranchEventListInformation = 20,
1342 EventTraceProfileSourceAddInformation = 21,
1343 EventTraceProfileSourceRemoveInformation = 22,
1344 EventTraceProcessorTraceConfigurationInformation = 23,
1345 EventTraceProcessorTraceEventListInformation = 24,
1346 EventTraceCoverageSamplerInformation = 25,
1347 MaxEventTraceInfoClass = 26,
1348}}
1349STRUCT!{struct EVENT_TRACE_VERSION_INFORMATION {
1350 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1351 EventTraceKernelVersion: ULONG,
1352}}
1353pub type PEVENT_TRACE_VERSION_INFORMATION = *mut EVENT_TRACE_VERSION_INFORMATION;
1354STRUCT!{struct PERFINFO_GROUPMASK {
1355 Masks: [ULONG; 8],
1356}}
1357pub type PPERFINFO_GROUPMASK = *mut PERFINFO_GROUPMASK;
1358STRUCT!{struct EVENT_TRACE_GROUPMASK_INFORMATION {
1359 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1360 TraceHandle: HANDLE,
1361 EventTraceGroupMasks: PERFINFO_GROUPMASK,
1362}}
1363pub type PEVENT_TRACE_GROUPMASK_INFORMATION = *mut EVENT_TRACE_GROUPMASK_INFORMATION;
1364STRUCT!{struct EVENT_TRACE_PERFORMANCE_INFORMATION {
1365 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1366 LogfileBytesWritten: LARGE_INTEGER,
1367}}
1368pub type PEVENT_TRACE_PERFORMANCE_INFORMATION = *mut EVENT_TRACE_PERFORMANCE_INFORMATION;
1369STRUCT!{struct EVENT_TRACE_TIME_PROFILE_INFORMATION {
1370 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1371 ProfileInterval: ULONG,
1372}}
1373pub type PEVENT_TRACE_TIME_PROFILE_INFORMATION = *mut EVENT_TRACE_TIME_PROFILE_INFORMATION;
1374STRUCT!{struct EVENT_TRACE_SESSION_SECURITY_INFORMATION {
1375 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1376 SecurityInformation: ULONG,
1377 TraceHandle: HANDLE,
1378 SecurityDescriptor: [UCHAR; 1],
1379}}
1380pub type PEVENT_TRACE_SESSION_SECURITY_INFORMATION = *mut EVENT_TRACE_SESSION_SECURITY_INFORMATION;
1381STRUCT!{struct EVENT_TRACE_SPINLOCK_INFORMATION {
1382 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1383 SpinLockSpinThreshold: ULONG,
1384 SpinLockAcquireSampleRate: ULONG,
1385 SpinLockContentionSampleRate: ULONG,
1386 SpinLockHoldThreshold: ULONG,
1387}}
1388pub type PEVENT_TRACE_SPINLOCK_INFORMATION = *mut EVENT_TRACE_SPINLOCK_INFORMATION;
1389STRUCT!{struct EVENT_TRACE_SYSTEM_EVENT_INFORMATION {
1390 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1391 TraceHandle: HANDLE,
1392 HookId: [ULONG; 1],
1393}}
1394pub type PEVENT_TRACE_SYSTEM_EVENT_INFORMATION = *mut EVENT_TRACE_SYSTEM_EVENT_INFORMATION;
1395STRUCT!{struct EVENT_TRACE_EXECUTIVE_RESOURCE_INFORMATION {
1396 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1397 ReleaseSamplingRate: ULONG,
1398 ContentionSamplingRate: ULONG,
1399 NumberOfExcessiveTimeouts: ULONG,
1400}}
1401pub type PEVENT_TRACE_EXECUTIVE_RESOURCE_INFORMATION =
1402 *mut EVENT_TRACE_EXECUTIVE_RESOURCE_INFORMATION;
1403STRUCT!{struct EVENT_TRACE_HEAP_TRACING_INFORMATION {
1404 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1405 ProcessId: ULONG,
1406}}
1407pub type PEVENT_TRACE_HEAP_TRACING_INFORMATION = *mut EVENT_TRACE_HEAP_TRACING_INFORMATION;
1408STRUCT!{struct EVENT_TRACE_TAG_FILTER_INFORMATION {
1409 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1410 TraceHandle: HANDLE,
1411 Filter: [ULONG; 1],
1412}}
1413pub type PEVENT_TRACE_TAG_FILTER_INFORMATION = *mut EVENT_TRACE_TAG_FILTER_INFORMATION;
1414STRUCT!{struct EVENT_TRACE_PROFILE_COUNTER_INFORMATION {
1415 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1416 TraceHandle: HANDLE,
1417 ProfileSource: [ULONG; 1],
1418}}
1419pub type PEVENT_TRACE_PROFILE_COUNTER_INFORMATION = *mut EVENT_TRACE_PROFILE_COUNTER_INFORMATION;
1420STRUCT!{struct EVENT_TRACE_PROFILE_LIST_INFORMATION {
1421 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1422 Spare: ULONG,
1423 Profile: [*mut PROFILE_SOURCE_INFO; 1],
1424}}
1425pub type PEVENT_TRACE_PROFILE_LIST_INFORMATION = *mut EVENT_TRACE_PROFILE_LIST_INFORMATION;
1426STRUCT!{struct EVENT_TRACE_STACK_CACHING_INFORMATION {
1427 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1428 TraceHandle: HANDLE,
1429 Enabled: BOOLEAN,
1430 Reserved: [UCHAR; 3],
1431 CacheSize: ULONG,
1432 BucketCount: ULONG,
1433}}
1434pub type PEVENT_TRACE_STACK_CACHING_INFORMATION = *mut EVENT_TRACE_STACK_CACHING_INFORMATION;
1435STRUCT!{struct EVENT_TRACE_SOFT_RESTART_INFORMATION {
1436 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1437 TraceHandle: HANDLE,
1438 PersistTraceBuffers: BOOLEAN,
1439 FileName: [WCHAR; 1],
1440}}
1441pub type PEVENT_TRACE_SOFT_RESTART_INFORMATION = *mut EVENT_TRACE_SOFT_RESTART_INFORMATION;
1442STRUCT!{struct EVENT_TRACE_PROFILE_ADD_INFORMATION {
1443 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1444 PerfEvtEventSelect: BOOLEAN,
1445 PerfEvtUnitSelect: BOOLEAN,
1446 PerfEvtType: ULONG,
1447 CpuInfoHierarchy: [ULONG; 3],
1448 InitialInterval: ULONG,
1449 AllowsHalt: BOOLEAN,
1450 Persist: BOOLEAN,
1451 ProfileSourceDescription: [WCHAR; 1],
1452}}
1453pub type PEVENT_TRACE_PROFILE_ADD_INFORMATION = *mut EVENT_TRACE_PROFILE_ADD_INFORMATION;
1454STRUCT!{struct EVENT_TRACE_PROFILE_REMOVE_INFORMATION {
1455 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1456 ProfileSource: KPROFILE_SOURCE,
1457 CpuInfoHierarchy: [ULONG; 3],
1458}}
1459pub type PEVENT_TRACE_PROFILE_REMOVE_INFORMATION = *mut EVENT_TRACE_PROFILE_REMOVE_INFORMATION;
1460STRUCT!{struct EVENT_TRACE_COVERAGE_SAMPLER_INFORMATION {
1461 EventTraceInformationClass: EVENT_TRACE_INFORMATION_CLASS,
1462 CoverageSamplerInformationClass: BOOLEAN,
1463 MajorVersion: UCHAR,
1464 MinorVersion: UCHAR,
1465 Reserved: UCHAR,
1466 SamplerHandle: HANDLE,
1467}}
1468pub type PEVENT_TRACE_COVERAGE_SAMPLER_INFORMATION = *mut EVENT_TRACE_COVERAGE_SAMPLER_INFORMATION;
1469STRUCT!{struct SYSTEM_EXCEPTION_INFORMATION {
1470 AlignmentFixupCount: ULONG,
1471 ExceptionDispatchCount: ULONG,
1472 FloatingEmulationCount: ULONG,
1473 ByteWordEmulationCount: ULONG,
1474}}
1475pub type PSYSTEM_EXCEPTION_INFORMATION = *mut SYSTEM_EXCEPTION_INFORMATION;
1476STRUCT!{struct SYSTEM_KERNEL_DEBUGGER_INFORMATION {
1477 KernelDebuggerEnabled: BOOLEAN,
1478 KernelDebuggerNotPresent: BOOLEAN,
1479}}
1480pub type PSYSTEM_KERNEL_DEBUGGER_INFORMATION = *mut SYSTEM_KERNEL_DEBUGGER_INFORMATION;
1481STRUCT!{struct SYSTEM_CONTEXT_SWITCH_INFORMATION {
1482 ContextSwitches: ULONG,
1483 FindAny: ULONG,
1484 FindLast: ULONG,
1485 FindIdeal: ULONG,
1486 IdleAny: ULONG,
1487 IdleCurrent: ULONG,
1488 IdleLast: ULONG,
1489 IdleIdeal: ULONG,
1490 PreemptAny: ULONG,
1491 PreemptCurrent: ULONG,
1492 PreemptLast: ULONG,
1493 SwitchToIdle: ULONG,
1494}}
1495pub type PSYSTEM_CONTEXT_SWITCH_INFORMATION = *mut SYSTEM_CONTEXT_SWITCH_INFORMATION;
1496STRUCT!{struct SYSTEM_REGISTRY_QUOTA_INFORMATION {
1497 RegistryQuotaAllowed: ULONG,
1498 RegistryQuotaUsed: ULONG,
1499 PagedPoolSize: SIZE_T,
1500}}
1501pub type PSYSTEM_REGISTRY_QUOTA_INFORMATION = *mut SYSTEM_REGISTRY_QUOTA_INFORMATION;
1502STRUCT!{struct SYSTEM_PROCESSOR_IDLE_INFORMATION {
1503 IdleTime: ULONGLONG,
1504 C1Time: ULONGLONG,
1505 C2Time: ULONGLONG,
1506 C3Time: ULONGLONG,
1507 C1Transitions: ULONG,
1508 C2Transitions: ULONG,
1509 C3Transitions: ULONG,
1510 Padding: ULONG,
1511}}
1512pub type PSYSTEM_PROCESSOR_IDLE_INFORMATION = *mut SYSTEM_PROCESSOR_IDLE_INFORMATION;
1513STRUCT!{struct SYSTEM_LEGACY_DRIVER_INFORMATION {
1514 VetoType: ULONG,
1515 VetoList: UNICODE_STRING,
1516}}
1517pub type PSYSTEM_LEGACY_DRIVER_INFORMATION = *mut SYSTEM_LEGACY_DRIVER_INFORMATION;
1518STRUCT!{struct SYSTEM_LOOKASIDE_INFORMATION {
1519 CurrentDepth: USHORT,
1520 MaximumDepth: USHORT,
1521 TotalAllocates: ULONG,
1522 AllocateMisses: ULONG,
1523 TotalFrees: ULONG,
1524 FreeMisses: ULONG,
1525 Type: ULONG,
1526 Tag: ULONG,
1527 Size: ULONG,
1528}}
1529pub type PSYSTEM_LOOKASIDE_INFORMATION = *mut SYSTEM_LOOKASIDE_INFORMATION;
1530STRUCT!{struct SYSTEM_RANGE_START_INFORMATION {
1531 SystemRangeStart: PVOID,
1532}}
1533pub type PSYSTEM_RANGE_START_INFORMATION = *mut SYSTEM_RANGE_START_INFORMATION;
1534STRUCT!{struct SYSTEM_VERIFIER_INFORMATION {
1535 NextEntryOffset: ULONG,
1536 Level: ULONG,
1537 DriverName: UNICODE_STRING,
1538 RaiseIrqls: ULONG,
1539 AcquireSpinLocks: ULONG,
1540 SynchronizeExecutions: ULONG,
1541 AllocationsAttempted: ULONG,
1542 AllocationsSucceeded: ULONG,
1543 AllocationsSucceededSpecialPool: ULONG,
1544 AllocationsWithNoTag: ULONG,
1545 TrimRequests: ULONG,
1546 Trims: ULONG,
1547 AllocationsFailed: ULONG,
1548 AllocationsFailedDeliberately: ULONG,
1549 Loads: ULONG,
1550 Unloads: ULONG,
1551 UnTrackedPool: ULONG,
1552 CurrentPagedPoolAllocations: ULONG,
1553 CurrentNonPagedPoolAllocations: ULONG,
1554 PeakPagedPoolAllocations: ULONG,
1555 PeakNonPagedPoolAllocations: ULONG,
1556 PagedPoolUsageInBytes: SIZE_T,
1557 NonPagedPoolUsageInBytes: SIZE_T,
1558 PeakPagedPoolUsageInBytes: SIZE_T,
1559 PeakNonPagedPoolUsageInBytes: SIZE_T,
1560}}
1561pub type PSYSTEM_VERIFIER_INFORMATION = *mut SYSTEM_VERIFIER_INFORMATION;
1562STRUCT!{struct SYSTEM_SESSION_PROCESS_INFORMATION {
1563 SessionId: ULONG,
1564 SizeOfBuf: ULONG,
1565 Buffer: PVOID,
1566}}
1567pub type PSYSTEM_SESSION_PROCESS_INFORMATION = *mut SYSTEM_SESSION_PROCESS_INFORMATION;
1568STRUCT!{struct SYSTEM_PROCESSOR_POWER_INFORMATION {
1569 CurrentFrequency: UCHAR,
1570 ThermalLimitFrequency: UCHAR,
1571 ConstantThrottleFrequency: UCHAR,
1572 DegradedThrottleFrequency: UCHAR,
1573 LastBusyFrequency: UCHAR,
1574 LastC3Frequency: UCHAR,
1575 LastAdjustedBusyFrequency: UCHAR,
1576 ProcessorMinThrottle: UCHAR,
1577 ProcessorMaxThrottle: UCHAR,
1578 NumberOfFrequencies: ULONG,
1579 PromotionCount: ULONG,
1580 DemotionCount: ULONG,
1581 ErrorCount: ULONG,
1582 RetryCount: ULONG,
1583 CurrentFrequencyTime: ULONGLONG,
1584 CurrentProcessorTime: ULONGLONG,
1585 CurrentProcessorIdleTime: ULONGLONG,
1586 LastProcessorTime: ULONGLONG,
1587 LastProcessorIdleTime: ULONGLONG,
1588 Energy: ULONGLONG,
1589}}
1590pub type PSYSTEM_PROCESSOR_POWER_INFORMATION = *mut SYSTEM_PROCESSOR_POWER_INFORMATION;
1591STRUCT!{struct SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX {
1592 Object: PVOID,
1593 UniqueProcessId: ULONG_PTR,
1594 HandleValue: ULONG_PTR,
1595 GrantedAccess: ULONG,
1596 CreatorBackTraceIndex: USHORT,
1597 ObjectTypeIndex: USHORT,
1598 HandleAttributes: ULONG,
1599 Reserved: ULONG,
1600}}
1601pub type PSYSTEM_HANDLE_TABLE_ENTRY_INFO_EX = *mut SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX;
1602STRUCT!{struct SYSTEM_HANDLE_INFORMATION_EX {
1603 NumberOfHandles: ULONG_PTR,
1604 Reserved: ULONG_PTR,
1605 Handles: [SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX; 1],
1606}}
1607pub type PSYSTEM_HANDLE_INFORMATION_EX = *mut SYSTEM_HANDLE_INFORMATION_EX;
1608UNION!{union SYSTEM_BIGPOOL_ENTRY_u1 {
1609 VirtualAddress: PVOID,
1610 Bitfields: ULONG_PTR,
1611}}
1612UNION!{union SYSTEM_BIGPOOL_ENTRY_u2 {
1613 Tag: [UCHAR; 4],
1614 TagUlong: ULONG,
1615}}
1616BITFIELD!{unsafe SYSTEM_BIGPOOL_ENTRY_u1 Bitfields: ULONG_PTR [
1617 NonPaged set_NonPaged[0..1],
1618]}
1619STRUCT!{struct SYSTEM_BIGPOOL_ENTRY {
1620 u1: SYSTEM_BIGPOOL_ENTRY_u1,
1621 SizeInBytes: SIZE_T,
1622 u2: SYSTEM_BIGPOOL_ENTRY_u2,
1623}}
1624pub type PSYSTEM_BIGPOOL_ENTRY = *mut SYSTEM_BIGPOOL_ENTRY;
1625STRUCT!{struct SYSTEM_BIGPOOL_INFORMATION {
1626 Count: ULONG,
1627 AllocatedInfo: [SYSTEM_BIGPOOL_ENTRY; 1],
1628}}
1629pub type PSYSTEM_BIGPOOL_INFORMATION = *mut SYSTEM_BIGPOOL_INFORMATION;
1630UNION!{union SYSTEM_POOL_ENTRY_u {
1631 Tag: [UCHAR; 4],
1632 TagUlong: ULONG,
1633 ProcessChargedQuota: PVOID,
1634}}
1635STRUCT!{struct SYSTEM_POOL_ENTRY {
1636 Allocated: BOOLEAN,
1637 Spare0: BOOLEAN,
1638 AllocatorBackTraceIndex: USHORT,
1639 Size: ULONG,
1640 u: SYSTEM_POOL_ENTRY_u,
1641}}
1642pub type PSYSTEM_POOL_ENTRY = *mut SYSTEM_POOL_ENTRY;
1643STRUCT!{struct SYSTEM_POOL_INFORMATION {
1644 TotalSize: SIZE_T,
1645 FirstEntry: PVOID,
1646 EntryOverhead: USHORT,
1647 PoolTagPresent: BOOLEAN,
1648 Spare0: BOOLEAN,
1649 NumberOfEntries: ULONG,
1650 Entries: [SYSTEM_POOL_ENTRY; 1],
1651}}
1652pub type PSYSTEM_POOL_INFORMATION = *mut SYSTEM_POOL_INFORMATION;
1653STRUCT!{struct SYSTEM_SESSION_POOLTAG_INFORMATION {
1654 NextEntryOffset: SIZE_T,
1655 SessionId: ULONG,
1656 Count: ULONG,
1657 TagInfo: [SYSTEM_POOLTAG; 1],
1658}}
1659pub type PSYSTEM_SESSION_POOLTAG_INFORMATION = *mut SYSTEM_SESSION_POOLTAG_INFORMATION;
1660STRUCT!{struct SYSTEM_SESSION_MAPPED_VIEW_INFORMATION {
1661 NextEntryOffset: SIZE_T,
1662 SessionId: ULONG,
1663 ViewFailures: ULONG,
1664 NumberOfBytesAvailable: SIZE_T,
1665 NumberOfBytesAvailableContiguous: SIZE_T,
1666}}
1667pub type PSYSTEM_SESSION_MAPPED_VIEW_INFORMATION = *mut SYSTEM_SESSION_MAPPED_VIEW_INFORMATION;
1668ENUM!{enum SYSTEM_FIRMWARE_TABLE_ACTION {
1669 SystemFirmwareTableEnumerate = 0,
1670 SystemFirmwareTableGet = 1,
1671 SystemFirmwareTableMax = 2,
1672}}
1673STRUCT!{struct SYSTEM_FIRMWARE_TABLE_INFORMATION {
1674 ProviderSignature: ULONG,
1675 Action: SYSTEM_FIRMWARE_TABLE_ACTION,
1676 TableID: ULONG,
1677 TableBufferLength: ULONG,
1678 TableBuffer: [UCHAR; 1],
1679}}
1680pub type PSYSTEM_FIRMWARE_TABLE_INFORMATION = *mut SYSTEM_FIRMWARE_TABLE_INFORMATION;
1681STRUCT!{struct SYSTEM_MEMORY_LIST_INFORMATION {
1682 ZeroPageCount: ULONG_PTR,
1683 FreePageCount: ULONG_PTR,
1684 ModifiedPageCount: ULONG_PTR,
1685 ModifiedNoWritePageCount: ULONG_PTR,
1686 BadPageCount: ULONG_PTR,
1687 PageCountByPriority: [ULONG_PTR; 8],
1688 RepurposedPagesByPriority: [ULONG_PTR; 8],
1689 ModifiedPageCountPageFile: ULONG_PTR,
1690}}
1691pub type PSYSTEM_MEMORY_LIST_INFORMATION = *mut SYSTEM_MEMORY_LIST_INFORMATION;
1692ENUM!{enum SYSTEM_MEMORY_LIST_COMMAND {
1693 MemoryCaptureAccessedBits = 0,
1694 MemoryCaptureAndResetAccessedBits = 1,
1695 MemoryEmptyWorkingSets = 2,
1696 MemoryFlushModifiedList = 3,
1697 MemoryPurgeStandbyList = 4,
1698 MemoryPurgeLowPriorityStandbyList = 5,
1699 MemoryCommandMax = 6,
1700}}
1701STRUCT!{struct SYSTEM_THREAD_CID_PRIORITY_INFORMATION {
1702 ClientId: CLIENT_ID,
1703 Priority: KPRIORITY,
1704}}
1705pub type PSYSTEM_THREAD_CID_PRIORITY_INFORMATION = *mut SYSTEM_THREAD_CID_PRIORITY_INFORMATION;
1706STRUCT!{struct SYSTEM_PROCESSOR_IDLE_CYCLE_TIME_INFORMATION {
1707 CycleTime: ULONGLONG,
1708}}
1709pub type PSYSTEM_PROCESSOR_IDLE_CYCLE_TIME_INFORMATION =
1710 *mut SYSTEM_PROCESSOR_IDLE_CYCLE_TIME_INFORMATION;
1711STRUCT!{struct SYSTEM_REF_TRACE_INFORMATION {
1712 TraceEnable: BOOLEAN,
1713 TracePermanent: BOOLEAN,
1714 TraceProcessName: UNICODE_STRING,
1715 TracePoolTags: UNICODE_STRING,
1716}}
1717pub type PSYSTEM_REF_TRACE_INFORMATION = *mut SYSTEM_REF_TRACE_INFORMATION;
1718STRUCT!{struct SYSTEM_PROCESS_ID_INFORMATION {
1719 ProcessId: HANDLE,
1720 ImageName: UNICODE_STRING,
1721}}
1722pub type PSYSTEM_PROCESS_ID_INFORMATION = *mut SYSTEM_PROCESS_ID_INFORMATION;
1723STRUCT!{struct SYSTEM_BOOT_ENVIRONMENT_INFORMATION {
1724 BootIdentifier: GUID,
1725 FirmwareType: FIRMWARE_TYPE,
1726 BootFlags: ULONGLONG,
1727}}
1728BITFIELD!{SYSTEM_BOOT_ENVIRONMENT_INFORMATION BootFlags: ULONGLONG [
1729 DbgMenuOsSelection set_DbgMenuOsSelection[0..1],
1730 DbgHiberBoot set_DbgHiberBoot[1..2],
1731 DbgSoftBoot set_DbgSoftBoot[2..3],
1732 DbgMeasuredLaunch set_DbgMeasuredLaunch[3..4],
1733]}
1734pub type PSYSTEM_BOOT_ENVIRONMENT_INFORMATION = *mut SYSTEM_BOOT_ENVIRONMENT_INFORMATION;
1735STRUCT!{struct SYSTEM_IMAGE_FILE_EXECUTION_OPTIONS_INFORMATION {
1736 FlagsToEnable: ULONG,
1737 FlagsToDisable: ULONG,
1738}}
1739pub type PSYSTEM_IMAGE_FILE_EXECUTION_OPTIONS_INFORMATION =
1740 *mut SYSTEM_IMAGE_FILE_EXECUTION_OPTIONS_INFORMATION;
1741#[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))]
1742STRUCT!{struct SYSTEM_VERIFIER_INFORMATION_EX {
1743 VerifyMode: ULONG,
1744 OptionChanges: ULONG,
1745 PreviousBucketName: UNICODE_STRING,
1746 IrpCancelTimeoutMsec: ULONG,
1747 VerifierExtensionEnabled: ULONG,
1748 Reserved: [ULONG; 1],
1749}}
1750#[cfg(target_arch = "x86")]
1751STRUCT!{struct SYSTEM_VERIFIER_INFORMATION_EX {
1752 VerifyMode: ULONG,
1753 OptionChanges: ULONG,
1754 PreviousBucketName: UNICODE_STRING,
1755 IrpCancelTimeoutMsec: ULONG,
1756 VerifierExtensionEnabled: ULONG,
1757 Reserved: [ULONG; 3],
1758}}
1759pub type PSYSTEM_VERIFIER_INFORMATION_EX = *mut SYSTEM_VERIFIER_INFORMATION_EX;
1760STRUCT!{struct SYSTEM_SYSTEM_PARTITION_INFORMATION {
1761 SystemPartition: UNICODE_STRING,
1762}}
1763pub type PSYSTEM_SYSTEM_PARTITION_INFORMATION = *mut SYSTEM_SYSTEM_PARTITION_INFORMATION;
1764STRUCT!{struct SYSTEM_SYSTEM_DISK_INFORMATION {
1765 SystemDisk: UNICODE_STRING,
1766}}
1767pub type PSYSTEM_SYSTEM_DISK_INFORMATION = *mut SYSTEM_SYSTEM_DISK_INFORMATION;
1768STRUCT!{struct SYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT {
1769 Hits: ULONGLONG,
1770 PercentFrequency: UCHAR,
1771}}
1772pub type PSYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT = *mut SYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT;
1773STRUCT!{struct SYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT_WIN8 {
1774 Hits: ULONG,
1775 PercentFrequency: UCHAR,
1776}}
1777pub type PSYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT_WIN8 =
1778 *mut SYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT_WIN8;
1779STRUCT!{struct SYSTEM_PROCESSOR_PERFORMANCE_STATE_DISTRIBUTION {
1780 ProcessorNumber: ULONG,
1781 StateCount: ULONG,
1782 States: [SYSTEM_PROCESSOR_PERFORMANCE_HITCOUNT; 1],
1783}}
1784pub type PSYSTEM_PROCESSOR_PERFORMANCE_STATE_DISTRIBUTION =
1785 *mut SYSTEM_PROCESSOR_PERFORMANCE_STATE_DISTRIBUTION;
1786STRUCT!{struct SYSTEM_PROCESSOR_PERFORMANCE_DISTRIBUTION {
1787 ProcessorCount: ULONG,
1788 Offsets: [ULONG; 1],
1789}}
1790pub type PSYSTEM_PROCESSOR_PERFORMANCE_DISTRIBUTION =
1791 *mut SYSTEM_PROCESSOR_PERFORMANCE_DISTRIBUTION;
1792STRUCT!{struct SYSTEM_CODEINTEGRITY_INFORMATION {
1793 Length: ULONG,
1794 CodeIntegrityOptions: ULONG,
1795}}
1796pub type PSYSTEM_CODEINTEGRITY_INFORMATION = *mut SYSTEM_CODEINTEGRITY_INFORMATION;
1797ENUM!{enum SYSTEM_VA_TYPE {
1798 SystemVaTypeAll = 0,
1799 SystemVaTypeNonPagedPool = 1,
1800 SystemVaTypePagedPool = 2,
1801 SystemVaTypeSystemCache = 3,
1802 SystemVaTypeSystemPtes = 4,
1803 SystemVaTypeSessionSpace = 5,
1804 SystemVaTypeMax = 6,
1805}}
1806pub type PSYSTEM_VA_TYPE = *mut SYSTEM_VA_TYPE;
1807STRUCT!{struct SYSTEM_VA_LIST_INFORMATION {
1808 VirtualSize: SIZE_T,
1809 VirtualPeak: SIZE_T,
1810 VirtualLimit: SIZE_T,
1811 AllocationFailures: SIZE_T,
1812}}
1813pub type PSYSTEM_VA_LIST_INFORMATION = *mut SYSTEM_VA_LIST_INFORMATION;
1814STRUCT!{struct SYSTEM_REGISTRY_APPEND_STRING_PARAMETERS {
1815 KeyHandle: HANDLE,
1816 ValueNamePointer: PUNICODE_STRING,
1817 RequiredLengthPointer: PULONG,
1818 Buffer: PUCHAR,
1819 BufferLength: ULONG,
1820 Type: ULONG,
1821 AppendBuffer: PUCHAR,
1822 AppendBufferLength: ULONG,
1823 CreateIfDoesntExist: BOOLEAN,
1824 TruncateExistingValue: BOOLEAN,
1825}}
1826pub type PSYSTEM_REGISTRY_APPEND_STRING_PARAMETERS = *mut SYSTEM_REGISTRY_APPEND_STRING_PARAMETERS;
1827STRUCT!{struct SYSTEM_VHD_BOOT_INFORMATION {
1828 OsDiskIsVhd: BOOLEAN,
1829 OsVhdFilePathOffset: ULONG,
1830 OsVhdParentVolume: [WCHAR; ANYSIZE_ARRAY],
1831}}
1832pub type PSYSTEM_VHD_BOOT_INFORMATION = *mut SYSTEM_VHD_BOOT_INFORMATION;
1833STRUCT!{struct SYSTEM_LOW_PRIORITY_IO_INFORMATION {
1834 LowPriReadOperations: ULONG,
1835 LowPriWriteOperations: ULONG,
1836 KernelBumpedToNormalOperations: ULONG,
1837 LowPriPagingReadOperations: ULONG,
1838 KernelPagingReadsBumpedToNormal: ULONG,
1839 LowPriPagingWriteOperations: ULONG,
1840 KernelPagingWritesBumpedToNormal: ULONG,
1841 BoostedIrpCount: ULONG,
1842 BoostedPagingIrpCount: ULONG,
1843 BlanketBoostCount: ULONG,
1844}}
1845pub type PSYSTEM_LOW_PRIORITY_IO_INFORMATION = *mut SYSTEM_LOW_PRIORITY_IO_INFORMATION;
1846ENUM!{enum TPM_BOOT_ENTROPY_RESULT_CODE {
1847 TpmBootEntropyStructureUninitialized = 0,
1848 TpmBootEntropyDisabledByPolicy = 1,
1849 TpmBootEntropyNoTpmFound = 2,
1850 TpmBootEntropyTpmError = 3,
1851 TpmBootEntropySuccess = 4,
1852}}
1853STRUCT!{struct TPM_BOOT_ENTROPY_NT_RESULT {
1854 Policy: ULONGLONG,
1855 ResultCode: TPM_BOOT_ENTROPY_RESULT_CODE,
1856 ResultStatus: NTSTATUS,
1857 Time: ULONGLONG,
1858 EntropyLength: ULONG,
1859 EntropyData: [UCHAR; 40],
1860}}
1861pub type PTPM_BOOT_ENTROPY_NT_RESULT = *mut TPM_BOOT_ENTROPY_NT_RESULT;
1862STRUCT!{struct SYSTEM_VERIFIER_COUNTERS_INFORMATION {
1863 Legacy: SYSTEM_VERIFIER_INFORMATION,
1864 RaiseIrqls: ULONG,
1865 AcquireSpinLocks: ULONG,
1866 SynchronizeExecutions: ULONG,
1867 AllocationsWithNoTag: ULONG,
1868 AllocationsFailed: ULONG,
1869 AllocationsFailedDeliberately: ULONG,
1870 LockedBytes: SIZE_T,
1871 PeakLockedBytes: SIZE_T,
1872 MappedLockedBytes: SIZE_T,
1873 PeakMappedLockedBytes: SIZE_T,
1874 MappedIoSpaceBytes: SIZE_T,
1875 PeakMappedIoSpaceBytes: SIZE_T,
1876 PagesForMdlBytes: SIZE_T,
1877 PeakPagesForMdlBytes: SIZE_T,
1878 ContiguousMemoryBytes: SIZE_T,
1879 PeakContiguousMemoryBytes: SIZE_T,
1880 ExecutePoolTypes: ULONG,
1881 ExecutePageProtections: ULONG,
1882 ExecutePageMappings: ULONG,
1883 ExecuteWriteSections: ULONG,
1884 SectionAlignmentFailures: ULONG,
1885 UnsupportedRelocs: ULONG,
1886 IATInExecutableSection: ULONG,
1887}}
1888pub type PSYSTEM_VERIFIER_COUNTERS_INFORMATION = *mut SYSTEM_VERIFIER_COUNTERS_INFORMATION;
1889STRUCT!{struct SYSTEM_ACPI_AUDIT_INFORMATION {
1890 RsdpCount: ULONG,
1891 Bitfields: ULONG,
1892}}
1893BITFIELD!{SYSTEM_ACPI_AUDIT_INFORMATION Bitfields: ULONG [
1894 SameRsdt set_SameRsdt[0..1],
1895 SlicPresent set_SlicPresent[1..2],
1896 SlicDifferent set_SlicDifferent[2..3],
1897]}
1898pub type PSYSTEM_ACPI_AUDIT_INFORMATION = *mut SYSTEM_ACPI_AUDIT_INFORMATION;
1899STRUCT!{struct SYSTEM_BASIC_PERFORMANCE_INFORMATION {
1900 AvailablePages: SIZE_T,
1901 CommittedPages: SIZE_T,
1902 CommitLimit: SIZE_T,
1903 PeakCommitment: SIZE_T,
1904}}
1905pub type PSYSTEM_BASIC_PERFORMANCE_INFORMATION = *mut SYSTEM_BASIC_PERFORMANCE_INFORMATION;
1906STRUCT!{struct QUERY_PERFORMANCE_COUNTER_FLAGS {
1907 ul: ULONG,
1908}}
1909BITFIELD!{QUERY_PERFORMANCE_COUNTER_FLAGS ul: ULONG [
1910 KernelTransition set_KernelTransition[0..1],
1911 Reserved set_Reserved[1..32],
1912]}
1913STRUCT!{struct SYSTEM_QUERY_PERFORMANCE_COUNTER_INFORMATION {
1914 Version: ULONG,
1915 Flags: QUERY_PERFORMANCE_COUNTER_FLAGS,
1916 ValidFlags: QUERY_PERFORMANCE_COUNTER_FLAGS,
1917}}
1918pub type PSYSTEM_QUERY_PERFORMANCE_COUNTER_INFORMATION =
1919 *mut SYSTEM_QUERY_PERFORMANCE_COUNTER_INFORMATION;
1920ENUM!{enum SYSTEM_PIXEL_FORMAT {
1921 SystemPixelFormatUnknown = 0,
1922 SystemPixelFormatR8G8B8 = 1,
1923 SystemPixelFormatR8G8B8X8 = 2,
1924 SystemPixelFormatB8G8R8 = 3,
1925 SystemPixelFormatB8G8R8X8 = 4,
1926}}
1927STRUCT!{struct SYSTEM_BOOT_GRAPHICS_INFORMATION {
1928 FrameBuffer: LARGE_INTEGER,
1929 Width: ULONG,
1930 Height: ULONG,
1931 PixelStride: ULONG,
1932 Flags: ULONG,
1933 Format: SYSTEM_PIXEL_FORMAT,
1934 DisplayRotation: ULONG,
1935}}
1936pub type PSYSTEM_BOOT_GRAPHICS_INFORMATION = *mut SYSTEM_BOOT_GRAPHICS_INFORMATION;
1937STRUCT!{struct MEMORY_SCRUB_INFORMATION {
1938 Handle: HANDLE,
1939 PagesScrubbed: ULONG,
1940}}
1941pub type PMEMORY_SCRUB_INFORMATION = *mut MEMORY_SCRUB_INFORMATION;
1942STRUCT!{struct PEBS_DS_SAVE_AREA {
1943 BtsBufferBase: ULONGLONG,
1944 BtsIndex: ULONGLONG,
1945 BtsAbsoluteMaximum: ULONGLONG,
1946 BtsInterruptThreshold: ULONGLONG,
1947 PebsBufferBase: ULONGLONG,
1948 PebsIndex: ULONGLONG,
1949 PebsAbsoluteMaximum: ULONGLONG,
1950 PebsInterruptThreshold: ULONGLONG,
1951 PebsCounterReset0: ULONGLONG,
1952 PebsCounterReset1: ULONGLONG,
1953 PebsCounterReset2: ULONGLONG,
1954 PebsCounterReset3: ULONGLONG,
1955}}
1956pub type PPEBS_DS_SAVE_AREA = *mut PEBS_DS_SAVE_AREA;
1957STRUCT!{struct PROCESSOR_PROFILE_CONTROL_AREA {
1958 PebsDsSaveArea: PEBS_DS_SAVE_AREA,
1959}}
1960pub type PPROCESSOR_PROFILE_CONTROL_AREA = *mut PROCESSOR_PROFILE_CONTROL_AREA;
1961STRUCT!{struct SYSTEM_PROCESSOR_PROFILE_CONTROL_AREA {
1962 ProcessorProfileControlArea: PROCESSOR_PROFILE_CONTROL_AREA,
1963 Allocate: BOOLEAN,
1964}}
1965pub type PSYSTEM_PROCESSOR_PROFILE_CONTROL_AREA = *mut SYSTEM_PROCESSOR_PROFILE_CONTROL_AREA;
1966STRUCT!{struct MEMORY_COMBINE_INFORMATION {
1967 Handle: HANDLE,
1968 PagesCombined: ULONG_PTR,
1969}}
1970pub type PMEMORY_COMBINE_INFORMATION = *mut MEMORY_COMBINE_INFORMATION;
1971pub const MEMORY_COMBINE_FLAGS_COMMON_PAGES_ONLY: ULONG = 0x4;
1972STRUCT!{struct MEMORY_COMBINE_INFORMATION_EX {
1973 Handle: HANDLE,
1974 PagesCombined: ULONG_PTR,
1975 Flags: ULONG,
1976}}
1977pub type PMEMORY_COMBINE_INFORMATION_EX = *mut MEMORY_COMBINE_INFORMATION_EX;
1978STRUCT!{struct MEMORY_COMBINE_INFORMATION_EX2 {
1979 Handle: HANDLE,
1980 PagesCombined: ULONG_PTR,
1981 Flags: ULONG,
1982 ProcessHandle: HANDLE,
1983}}
1984pub type PMEMORY_COMBINE_INFORMATION_EX2 = *mut MEMORY_COMBINE_INFORMATION_EX2;
1985STRUCT!{struct SYSTEM_CONSOLE_INFORMATION {
1986 Bitfields: ULONG,
1987}}
1988BITFIELD!{SYSTEM_CONSOLE_INFORMATION Bitfields: ULONG [
1989 DriverLoaded set_DriverLoaded[0..1],
1990 Spare set_Spare[1..32],
1991]}
1992pub type PSYSTEM_CONSOLE_INFORMATION = *mut SYSTEM_CONSOLE_INFORMATION;
1993STRUCT!{struct SYSTEM_PLATFORM_BINARY_INFORMATION {
1994 PhysicalAddress: ULONG64,
1995 HandoffBuffer: PVOID,
1996 CommandLineBuffer: PVOID,
1997 HandoffBufferSize: ULONG,
1998 CommandLineBufferSize: ULONG,
1999}}
2000pub type PSYSTEM_PLATFORM_BINARY_INFORMATION = *mut SYSTEM_PLATFORM_BINARY_INFORMATION;
2001STRUCT!{struct SYSTEM_HYPERVISOR_PROCESSOR_COUNT_INFORMATION {
2002 NumberOfLogicalProcessors: ULONG,
2003 NumberOfCores: ULONG,
2004}}
2005pub type PSYSTEM_HYPERVISOR_PROCESSOR_COUNT_INFORMATION =
2006 *mut SYSTEM_HYPERVISOR_PROCESSOR_COUNT_INFORMATION;
2007STRUCT!{struct SYSTEM_DEVICE_DATA_INFORMATION {
2008 DeviceId: UNICODE_STRING,
2009 DataName: UNICODE_STRING,
2010 DataType: ULONG,
2011 DataBufferLength: ULONG,
2012 DataBuffer: PVOID,
2013}}
2014pub type PSYSTEM_DEVICE_DATA_INFORMATION = *mut SYSTEM_DEVICE_DATA_INFORMATION;
2015STRUCT!{struct PHYSICAL_CHANNEL_RUN {
2016 NodeNumber: ULONG,
2017 ChannelNumber: ULONG,
2018 BasePage: ULONGLONG,
2019 PageCount: ULONGLONG,
2020 Flags: ULONG,
2021}}
2022pub type PPHYSICAL_CHANNEL_RUN = *mut PHYSICAL_CHANNEL_RUN;
2023STRUCT!{struct SYSTEM_MEMORY_TOPOLOGY_INFORMATION {
2024 NumberOfRuns: ULONGLONG,
2025 NumberOfNodes: ULONG,
2026 NumberOfChannels: ULONG,
2027 Run: [PHYSICAL_CHANNEL_RUN; 1],
2028}}
2029pub type PSYSTEM_MEMORY_TOPOLOGY_INFORMATION = *mut SYSTEM_MEMORY_TOPOLOGY_INFORMATION;
2030STRUCT!{struct SYSTEM_MEMORY_CHANNEL_INFORMATION {
2031 ChannelNumber: ULONG,
2032 ChannelHeatIndex: ULONG,
2033 TotalPageCount: ULONGLONG,
2034 ZeroPageCount: ULONGLONG,
2035 FreePageCount: ULONGLONG,
2036 StandbyPageCount: ULONGLONG,
2037}}
2038pub type PSYSTEM_MEMORY_CHANNEL_INFORMATION = *mut SYSTEM_MEMORY_CHANNEL_INFORMATION;
2039STRUCT!{struct SYSTEM_BOOT_LOGO_INFORMATION {
2040 Flags: ULONG,
2041 BitmapOffset: ULONG,
2042}}
2043pub type PSYSTEM_BOOT_LOGO_INFORMATION = *mut SYSTEM_BOOT_LOGO_INFORMATION;
2044STRUCT!{struct SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION_EX {
2045 IdleTime: LARGE_INTEGER,
2046 KernelTime: LARGE_INTEGER,
2047 UserTime: LARGE_INTEGER,
2048 DpcTime: LARGE_INTEGER,
2049 InterruptTime: LARGE_INTEGER,
2050 InterruptCount: ULONG,
2051 Spare0: ULONG,
2052 AvailableTime: LARGE_INTEGER,
2053 Spare1: LARGE_INTEGER,
2054 Spare2: LARGE_INTEGER,
2055}}
2056pub type PSYSTEM_PROCESSOR_PERFORMANCE_INFORMATION_EX =
2057 *mut SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION_EX;
2058STRUCT!{struct SYSTEM_SECUREBOOT_POLICY_INFORMATION {
2059 PolicyPublisher: GUID,
2060 PolicyVersion: ULONG,
2061 PolicyOptions: ULONG,
2062}}
2063pub type PSYSTEM_SECUREBOOT_POLICY_INFORMATION = *mut SYSTEM_SECUREBOOT_POLICY_INFORMATION;
2064STRUCT!{struct SYSTEM_PAGEFILE_INFORMATION_EX {
2065 Info: SYSTEM_PAGEFILE_INFORMATION,
2066 MinimumSize: ULONG,
2067 MaximumSize: ULONG,
2068}}
2069pub type PSYSTEM_PAGEFILE_INFORMATION_EX = *mut SYSTEM_PAGEFILE_INFORMATION_EX;
2070STRUCT!{struct SYSTEM_SECUREBOOT_INFORMATION {
2071 SecureBootEnabled: BOOLEAN,
2072 SecureBootCapable: BOOLEAN,
2073}}
2074pub type PSYSTEM_SECUREBOOT_INFORMATION = *mut SYSTEM_SECUREBOOT_INFORMATION;
2075STRUCT!{struct PROCESS_DISK_COUNTERS {
2076 BytesRead: ULONGLONG,
2077 BytesWritten: ULONGLONG,
2078 ReadOperationCount: ULONGLONG,
2079 WriteOperationCount: ULONGLONG,
2080 FlushOperationCount: ULONGLONG,
2081}}
2082pub type PPROCESS_DISK_COUNTERS = *mut PROCESS_DISK_COUNTERS;
2083UNION!{union ENERGY_STATE_DURATION_u {
2084 Value: ULONGLONG,
2085 LastChangeTime: ULONG,
2086}}
2087UNION!{union ENERGY_STATE_DURATION {
2088 u: ENERGY_STATE_DURATION_u,
2089 BitFields: ULONG,
2090}}
2091pub type PENERGY_STATE_DURATION = *mut ENERGY_STATE_DURATION;
2092BITFIELD!{unsafe ENERGY_STATE_DURATION BitFields: ULONG [
2093 Duration set_Duration[0..31],
2094 IsInState set_IsInState[31..32],
2095]}
2096STRUCT!{struct PROCESS_ENERGY_VALUES {
2097 Cycles: [[ULONGLONG; 4]; 2],
2098 DiskEnergy: ULONGLONG,
2099 NetworkTailEnergy: ULONGLONG,
2100 MBBTailEnergy: ULONGLONG,
2101 NetworkTxRxBytes: ULONGLONG,
2102 MBBTxRxBytes: ULONGLONG,
2103 ForegroundDuration: ENERGY_STATE_DURATION,
2104 DesktopVisibleDuration: ENERGY_STATE_DURATION,
2105 PSMForegroundDuration: ENERGY_STATE_DURATION,
2106 CompositionRendered: ULONG,
2107 CompositionDirtyGenerated: ULONG,
2108 CompositionDirtyPropagated: ULONG,
2109 Reserved1: ULONG,
2110 AttributedCycles: [[ULONGLONG; 2]; 4],
2111 WorkOnBehalfCycles: [[ULONGLONG; 2]; 4],
2112}}
2113pub type PPROCESS_ENERGY_VALUES = *mut PROCESS_ENERGY_VALUES;
2114STRUCT!{struct TIMELINE_BITMAP {
2115 Value: ULONGLONG,
2116 EndTime: ULONG,
2117 Bitmap: ULONG,
2118}}
2119pub type PTIMELINE_BITMAP = *mut TIMELINE_BITMAP;
2120STRUCT!{struct PROCESS_ENERGY_VALUES_EXTENSION_Timelines {
2121 CpuTimeline: TIMELINE_BITMAP,
2122 DiskTimeline: TIMELINE_BITMAP,
2123 NetworkTimeline: TIMELINE_BITMAP,
2124 MBBTimeline: TIMELINE_BITMAP,
2125 ForegroundTimeline: TIMELINE_BITMAP,
2126 DesktopVisibleTimeline: TIMELINE_BITMAP,
2127 CompositionRenderedTimeline: TIMELINE_BITMAP,
2128 CompositionDirtyGeneratedTimeline: TIMELINE_BITMAP,
2129 CompositionDirtyPropagatedTimeline: TIMELINE_BITMAP,
2130 InputTimeline: TIMELINE_BITMAP,
2131 AudioInTimeline: TIMELINE_BITMAP,
2132 AudioOutTimeline: TIMELINE_BITMAP,
2133 DisplayRequiredTimeline: TIMELINE_BITMAP,
2134 KeyboardInputTimeline: TIMELINE_BITMAP,
2135}}
2136STRUCT!{struct PROCESS_ENERGY_VALUES_EXTENSION_Durations {
2137 InputDuration: ENERGY_STATE_DURATION,
2138 AudioInDuration: ENERGY_STATE_DURATION,
2139 AudioOutDuration: ENERGY_STATE_DURATION,
2140 DisplayRequiredDuration: ENERGY_STATE_DURATION,
2141 PSMBackgroundDuration: ENERGY_STATE_DURATION,
2142}}
2143STRUCT!{struct PROCESS_ENERGY_VALUES_EXTENSION {
2144 Timelines: PROCESS_ENERGY_VALUES_EXTENSION_Timelines,
2145 Durations: PROCESS_ENERGY_VALUES_EXTENSION_Durations,
2146 KeyboardInput: ULONG,
2147 MouseInput: ULONG,
2148}}
2149pub type PPROCESS_ENERGY_VALUES_EXTENSION = *mut PROCESS_ENERGY_VALUES_EXTENSION;
2150STRUCT!{struct PROCESS_EXTENDED_ENERGY_VALUES {
2151 Base: PROCESS_ENERGY_VALUES,
2152 Extension: PROCESS_ENERGY_VALUES_EXTENSION,
2153}}
2154pub type PPROCESS_EXTENDED_ENERGY_VALUES = *mut PROCESS_EXTENDED_ENERGY_VALUES;
2155ENUM!{enum SYSTEM_PROCESS_CLASSIFICATION {
2156 SystemProcessClassificationNormal = 0,
2157 SystemProcessClassificationSystem = 1,
2158 SystemProcessClassificationSecureSystem = 2,
2159 SystemProcessClassificationMemCompression = 3,
2160 SystemProcessClassificationRegistry = 4,
2161 SystemProcessClassificationMaximum = 5,
2162}}
2163STRUCT!{struct SYSTEM_PROCESS_INFORMATION_EXTENSION {
2164 DiskCounters: PROCESS_DISK_COUNTERS,
2165 ContextSwitches: ULONGLONG,
2166 Flags: ULONG,
2167 UserSidOffset: ULONG,
2168 PackageFullNameOffset: ULONG,
2169 EnergyValues: PROCESS_ENERGY_VALUES,
2170 AppIdOffset: ULONG,
2171 SharedCommitCharge: SIZE_T,
2172 JobObjectId: ULONG,
2173 SpareUlong: ULONG,
2174 ProcessSequenceNumber: ULONGLONG,
2175}}
2176BITFIELD!{SYSTEM_PROCESS_INFORMATION_EXTENSION Flags: ULONG [
2177 HasStrongId set_HasStrongId[0..1],
2178 Classification set_Classification[1..5],
2179 BackgroundActivityModerated set_BackgroundActivityModerated[5..6],
2180 Spare set_Spare[6..32],
2181]}
2182pub type PSYSTEM_PROCESS_INFORMATION_EXTENSION = *mut SYSTEM_PROCESS_INFORMATION_EXTENSION;
2183STRUCT!{struct SYSTEM_PORTABLE_WORKSPACE_EFI_LAUNCHER_INFORMATION {
2184 EfiLauncherEnabled: BOOLEAN,
2185}}
2186pub type PSYSTEM_PORTABLE_WORKSPACE_EFI_LAUNCHER_INFORMATION =
2187 *mut SYSTEM_PORTABLE_WORKSPACE_EFI_LAUNCHER_INFORMATION;
2188STRUCT!{struct SYSTEM_KERNEL_DEBUGGER_INFORMATION_EX {
2189 DebuggerAllowed: BOOLEAN,
2190 DebuggerEnabled: BOOLEAN,
2191 DebuggerPresent: BOOLEAN,
2192}}
2193pub type PSYSTEM_KERNEL_DEBUGGER_INFORMATION_EX = *mut SYSTEM_KERNEL_DEBUGGER_INFORMATION_EX;
2194STRUCT!{struct SYSTEM_ELAM_CERTIFICATE_INFORMATION {
2195 ElamDriverFile: HANDLE,
2196}}
2197pub type PSYSTEM_ELAM_CERTIFICATE_INFORMATION = *mut SYSTEM_ELAM_CERTIFICATE_INFORMATION;
2198STRUCT!{struct SYSTEM_PROCESSOR_FEATURES_INFORMATION {
2199 ProcessorFeatureBits: ULONGLONG,
2200 Reserved: [ULONGLONG; 3],
2201}}
2202pub type PSYSTEM_PROCESSOR_FEATURES_INFORMATION = *mut SYSTEM_PROCESSOR_FEATURES_INFORMATION;
2203STRUCT!{struct SYSTEM_MANUFACTURING_INFORMATION {
2204 Options: ULONG,
2205 ProfileName: UNICODE_STRING,
2206}}
2207pub type PSYSTEM_MANUFACTURING_INFORMATION = *mut SYSTEM_MANUFACTURING_INFORMATION;
2208STRUCT!{struct SYSTEM_ENERGY_ESTIMATION_CONFIG_INFORMATION {
2209 Enabled: BOOLEAN,
2210}}
2211pub type PSYSTEM_ENERGY_ESTIMATION_CONFIG_INFORMATION =
2212 *mut SYSTEM_ENERGY_ESTIMATION_CONFIG_INFORMATION;
2213STRUCT!{struct HV_DETAILS {
2214 Data: [ULONG; 4],
2215}}
2216pub type PHV_DETAILS = *mut HV_DETAILS;
2217STRUCT!{struct SYSTEM_HYPERVISOR_DETAIL_INFORMATION {
2218 HvVendorAndMaxFunction: HV_DETAILS,
2219 HypervisorInterface: HV_DETAILS,
2220 HypervisorVersion: HV_DETAILS,
2221 HvFeatures: HV_DETAILS,
2222 HwFeatures: HV_DETAILS,
2223 EnlightenmentInfo: HV_DETAILS,
2224 ImplementationLimits: HV_DETAILS,
2225}}
2226pub type PSYSTEM_HYPERVISOR_DETAIL_INFORMATION = *mut SYSTEM_HYPERVISOR_DETAIL_INFORMATION;
2227STRUCT!{struct SYSTEM_PROCESSOR_CYCLE_STATS_INFORMATION {
2228 Cycles: [[ULONGLONG; 4]; 2],
2229}}
2230pub type PSYSTEM_PROCESSOR_CYCLE_STATS_INFORMATION = *mut SYSTEM_PROCESSOR_CYCLE_STATS_INFORMATION;
2231STRUCT!{struct SYSTEM_TPM_INFORMATION {
2232 Flags: ULONG,
2233}}
2234pub type PSYSTEM_TPM_INFORMATION = *mut SYSTEM_TPM_INFORMATION;
2235STRUCT!{struct SYSTEM_VSM_PROTECTION_INFORMATION {
2236 DmaProtectionsAvailable: BOOLEAN,
2237 DmaProtectionsInUse: BOOLEAN,
2238 HardwareMbecAvailable: BOOLEAN,
2239}}
2240pub type PSYSTEM_VSM_PROTECTION_INFORMATION = *mut SYSTEM_VSM_PROTECTION_INFORMATION;
2241STRUCT!{struct SYSTEM_CODEINTEGRITYPOLICY_INFORMATION {
2242 Options: ULONG,
2243 HVCIOptions: ULONG,
2244 Version: ULONGLONG,
2245 PolicyGuid: GUID,
2246}}
2247pub type PSYSTEM_CODEINTEGRITYPOLICY_INFORMATION = *mut SYSTEM_CODEINTEGRITYPOLICY_INFORMATION;
2248STRUCT!{struct SYSTEM_ISOLATED_USER_MODE_INFORMATION {
2249 Bitfields1: BOOLEAN,
2250 Bitfields2: BOOLEAN,
2251 Spare0: [BOOLEAN; 6],
2252 Spare1: ULONGLONG,
2253}}
2254BITFIELD!{SYSTEM_ISOLATED_USER_MODE_INFORMATION Bitfields1: BOOLEAN [
2255 SecureKernelRunning set_SecureKernelRunning[0..1],
2256 HvciEnabled set_HvciEnabled[1..2],
2257 HvciStrictMode set_HvciStrictMode[2..3],
2258 DebugEnabled set_DebugEnabled[3..4],
2259 FirmwarePageProtection set_FirmwarePageProtection[4..5],
2260 EncryptionKeyAvailable set_EncryptionKeyAvailable[5..6],
2261 SpareFlags set_SpareFlags[6..7],
2262 TrustletRunning set_TrustletRunning[7..8],
2263]}
2264BITFIELD!{SYSTEM_ISOLATED_USER_MODE_INFORMATION Bitfields2: BOOLEAN [
2265 SpareFlags2 set_SpareFlags2[0..1],
2266]}
2267pub type PSYSTEM_ISOLATED_USER_MODE_INFORMATION = *mut SYSTEM_ISOLATED_USER_MODE_INFORMATION;
2268STRUCT!{struct SYSTEM_SINGLE_MODULE_INFORMATION {
2269 TargetModuleAddress: PVOID,
2270 ExInfo: RTL_PROCESS_MODULE_INFORMATION_EX,
2271}}
2272pub type PSYSTEM_SINGLE_MODULE_INFORMATION = *mut SYSTEM_SINGLE_MODULE_INFORMATION;
2273STRUCT!{struct SYSTEM_INTERRUPT_CPU_SET_INFORMATION {
2274 Gsiv: ULONG,
2275 Group: USHORT,
2276 CpuSets: ULONGLONG,
2277}}
2278pub type PSYSTEM_INTERRUPT_CPU_SET_INFORMATION = *mut SYSTEM_INTERRUPT_CPU_SET_INFORMATION;
2279STRUCT!{struct SYSTEM_SECUREBOOT_POLICY_FULL_INFORMATION {
2280 PolicyInformation: SYSTEM_SECUREBOOT_POLICY_INFORMATION,
2281 PolicySize: ULONG,
2282 Policy: [UCHAR; 1],
2283}}
2284pub type PSYSTEM_SECUREBOOT_POLICY_FULL_INFORMATION =
2285 *mut SYSTEM_SECUREBOOT_POLICY_FULL_INFORMATION;
2286STRUCT!{struct SYSTEM_ROOT_SILO_INFORMATION {
2287 NumberOfSilos: ULONG,
2288 SiloIdList: [ULONG; 1],
2289}}
2290pub type PSYSTEM_ROOT_SILO_INFORMATION = *mut SYSTEM_ROOT_SILO_INFORMATION;
2291STRUCT!{struct SYSTEM_CPU_SET_TAG_INFORMATION {
2292 Tag: ULONGLONG,
2293 CpuSets: [ULONGLONG; 1],
2294}}
2295pub type PSYSTEM_CPU_SET_TAG_INFORMATION = *mut SYSTEM_CPU_SET_TAG_INFORMATION;
2296STRUCT!{struct SYSTEM_SECURE_KERNEL_HYPERGUARD_PROFILE_INFORMATION {
2297 ExtentCount: ULONG,
2298 ValidStructureSize: ULONG,
2299 NextExtentIndex: ULONG,
2300 ExtentRestart: ULONG,
2301 CycleCount: ULONG,
2302 TimeoutCount: ULONG,
2303 CycleTime: ULONGLONG,
2304 CycleTimeMax: ULONGLONG,
2305 ExtentTime: ULONGLONG,
2306 ExtentTimeIndex: ULONG,
2307 ExtentTimeMaxIndex: ULONG,
2308 ExtentTimeMax: ULONGLONG,
2309 HyperFlushTimeMax: ULONGLONG,
2310 TranslateVaTimeMax: ULONGLONG,
2311 DebugExemptionCount: ULONGLONG,
2312 TbHitCount: ULONGLONG,
2313 TbMissCount: ULONGLONG,
2314 VinaPendingYield: ULONGLONG,
2315 HashCycles: ULONGLONG,
2316 HistogramOffset: ULONG,
2317 HistogramBuckets: ULONG,
2318 HistogramShift: ULONG,
2319 Reserved1: ULONG,
2320 PageNotPresentCount: ULONGLONG,
2321}}
2322pub type PSYSTEM_SECURE_KERNEL_HYPERGUARD_PROFILE_INFORMATION =
2323 *mut SYSTEM_SECURE_KERNEL_HYPERGUARD_PROFILE_INFORMATION;
2324STRUCT!{struct SYSTEM_SECUREBOOT_PLATFORM_MANIFEST_INFORMATION {
2325 PlatformManifestSize: ULONG,
2326 PlatformManifest: [UCHAR; 1],
2327}}
2328pub type PSYSTEM_SECUREBOOT_PLATFORM_MANIFEST_INFORMATION =
2329 *mut SYSTEM_SECUREBOOT_PLATFORM_MANIFEST_INFORMATION;
2330STRUCT!{struct SYSTEM_MEMORY_USAGE_INFORMATION {
2331 TotalPhysicalBytes: ULONGLONG,
2332 AvailableBytes: ULONGLONG,
2333 ResidentAvailableBytes: LONGLONG,
2334 CommittedBytes: ULONGLONG,
2335 SharedCommittedBytes: ULONGLONG,
2336 CommitLimitBytes: ULONGLONG,
2337 PeakCommitmentBytes: ULONGLONG,
2338}}
2339pub type PSYSTEM_MEMORY_USAGE_INFORMATION = *mut SYSTEM_MEMORY_USAGE_INFORMATION;
2340STRUCT!{struct SYSTEM_CODEINTEGRITY_CERTIFICATE_INFORMATION {
2341 ImageFile: HANDLE,
2342 Type: ULONG,
2343}}
2344pub type PSYSTEM_CODEINTEGRITY_CERTIFICATE_INFORMATION =
2345 *mut SYSTEM_CODEINTEGRITY_CERTIFICATE_INFORMATION;
2346STRUCT!{struct SYSTEM_PHYSICAL_MEMORY_INFORMATION {
2347 TotalPhysicalBytes: ULONGLONG,
2348 LowestPhysicalAddress: ULONGLONG,
2349 HighestPhysicalAddress: ULONGLONG,
2350}}
2351pub type PSYSTEM_PHYSICAL_MEMORY_INFORMATION = *mut SYSTEM_PHYSICAL_MEMORY_INFORMATION;
2352ENUM!{enum SYSTEM_ACTIVITY_MODERATION_STATE {
2353 SystemActivityModerationStateSystemManaged = 0,
2354 SystemActivityModerationStateUserManagedAllowThrottling = 1,
2355 SystemActivityModerationStateUserManagedDisableThrottling = 2,
2356 MaxSystemActivityModerationState = 3,
2357}}
2358ENUM!{enum SYSTEM_ACTIVITY_MODERATION_APP_TYPE {
2359 SystemActivityModerationAppTypeClassic = 0,
2360 SystemActivityModerationAppTypePackaged = 1,
2361 MaxSystemActivityModerationAppType = 2,
2362}}
2363STRUCT!{struct SYSTEM_ACTIVITY_MODERATION_INFO {
2364 Identifier: UNICODE_STRING,
2365 ModerationState: SYSTEM_ACTIVITY_MODERATION_STATE,
2366 AppType: SYSTEM_ACTIVITY_MODERATION_APP_TYPE,
2367}}
2368pub type PSYSTEM_ACTIVITY_MODERATION_INFO = *mut SYSTEM_ACTIVITY_MODERATION_INFO;
2369STRUCT!{struct SYSTEM_ACTIVITY_MODERATION_USER_SETTINGS {
2370 UserKeyHandle: HANDLE,
2371}}
2372pub type PSYSTEM_ACTIVITY_MODERATION_USER_SETTINGS = *mut SYSTEM_ACTIVITY_MODERATION_USER_SETTINGS;
2373STRUCT!{struct SYSTEM_CODEINTEGRITY_UNLOCK_INFORMATION {
2374 Flags: ULONG,
2375 UnlockId: [UCHAR; 32],
2376}}
2377BITFIELD!{SYSTEM_CODEINTEGRITY_UNLOCK_INFORMATION Flags: ULONG [
2378 Locked set_Locked[0..1],
2379 Unlockable set_Unlockable[1..2],
2380 UnlockApplied set_UnlockApplied[2..3],
2381 UnlockIdValid set_UnlockIdValid[3..4],
2382 Reserved set_Reserved[4..32],
2383]}
2384pub type PSYSTEM_CODEINTEGRITY_UNLOCK_INFORMATION = *mut SYSTEM_CODEINTEGRITY_UNLOCK_INFORMATION;
2385STRUCT!{struct SYSTEM_FLUSH_INFORMATION {
2386 SupportedFlushMethods: ULONG,
2387 ProcessorCacheFlushSize: ULONG,
2388 SystemFlushCapabilities: ULONGLONG,
2389 Reserved: [ULONGLONG; 2],
2390}}
2391pub type PSYSTEM_FLUSH_INFORMATION = *mut SYSTEM_FLUSH_INFORMATION;
2392STRUCT!{struct SYSTEM_WRITE_CONSTRAINT_INFORMATION {
2393 WriteConstraintPolicy: ULONG,
2394 Reserved: ULONG,
2395}}
2396pub type PSYSTEM_WRITE_CONSTRAINT_INFORMATION = *mut SYSTEM_WRITE_CONSTRAINT_INFORMATION;
2397STRUCT!{struct SYSTEM_KERNEL_VA_SHADOW_INFORMATION {
2398 Flags: ULONG,
2399}}
2400BITFIELD!{SYSTEM_KERNEL_VA_SHADOW_INFORMATION Flags: ULONG [
2401 KvaShadowEnabled set_KvaShadowEnabled[0..1],
2402 KvaShadowUserGlobal set_KvaShadowUserGlobal[1..2],
2403 KvaShadowPcid set_KvaShadowPcid[2..3],
2404 KvaShadowInvpcid set_KvaShadowInvpcid[3..4],
2405 KvaShadowRequired set_KvaShadowRequired[4..5],
2406 KvaShadowRequiredAvailable set_KvaShadowRequiredAvailable[5..6],
2407 InvalidPteBit set_InvalidPteBit[6..12],
2408 L1DataCacheFlushSupported set_L1DataCacheFlushSupported[12..13],
2409 L1TerminalFaultMitigationPresent set_L1TerminalFaultMitigationPresent[13..14],
2410 Reserved set_Reserved[14..32],
2411]}
2412pub type PSYSTEM_KERNEL_VA_SHADOW_INFORMATION = *mut SYSTEM_KERNEL_VA_SHADOW_INFORMATION;
2413STRUCT!{struct SYSTEM_CODEINTEGRITYVERIFICATION_INFORMATION {
2414 FileHandle: HANDLE,
2415 ImageSize: ULONG,
2416 Image: PVOID,
2417}}
2418pub type PSYSTEM_CODEINTEGRITYVERIFICATION_INFORMATION =
2419 *mut SYSTEM_CODEINTEGRITYVERIFICATION_INFORMATION;
2420STRUCT!{struct SYSTEM_HYPERVISOR_SHARED_PAGE_INFORMATION {
2421 HypervisorSharedUserVa: PVOID,
2422}}
2423pub type PSYSTEM_HYPERVISOR_SHARED_PAGE_INFORMATION =
2424 *mut SYSTEM_HYPERVISOR_SHARED_PAGE_INFORMATION;
2425STRUCT!{struct SYSTEM_SPECULATION_CONTROL_INFORMATION {
2426 Flags: ULONG,
2427}}
2428BITFIELD!{SYSTEM_SPECULATION_CONTROL_INFORMATION Flags: ULONG [
2429 BpbEnabled set_BpbEnabled[0..1],
2430 BpbDisabledSystemPolicy set_BpbDisabledSystemPolicy[1..2],
2431 BpbDisabledNoHardwareSupport set_BpbDisabledNoHardwareSupport[2..3],
2432 SpecCtrlEnumerated set_SpecCtrlEnumerated[3..4],
2433 SpecCmdEnumerated set_SpecCmdEnumerated[4..5],
2434 IbrsPresent set_IbrsPresent[5..6],
2435 StibpPresent set_StibpPresent[6..7],
2436 SmepPresent set_SmepPresent[7..8],
2437 SpeculativeStoreBypassDisableAvailable set_SpeculativeStoreBypassDisableAvailable[8..9],
2438 SpeculativeStoreBypassDisableSupported set_SpeculativeStoreBypassDisableSupported[9..10],
2439 SpeculativeStoreBypassDisabledSystemWide set_SpeculativeStoreBypassDisabledSystemWide[10..11],
2440 SpeculativeStoreBypassDisabledKernel set_SpeculativeStoreBypassDisabledKernel[11..12],
2441 SpeculativeStoreBypassDisableRequired set_SpeculativeStoreBypassDisableRequired[12..13],
2442 BpbDisabledKernelToUser set_BpbDisabledKernelToUser[13..14],
2443 SpecCtrlRetpolineEnabled set_SpecCtrlRetpolineEnabled[14..15],
2444 SpecCtrlImportOptimizationEnabled set_SpecCtrlImportOptimizationEnabled[15..16],
2445 Reserved set_Reserved[16..32],
2446]}
2447pub type PSYSTEM_SPECULATION_CONTROL_INFORMATION = *mut SYSTEM_SPECULATION_CONTROL_INFORMATION;
2448STRUCT!{struct SYSTEM_DMA_GUARD_POLICY_INFORMATION {
2449 DmaGuardPolicyEnabled: BOOLEAN,
2450}}
2451pub type PSYSTEM_DMA_GUARD_POLICY_INFORMATION = *mut SYSTEM_DMA_GUARD_POLICY_INFORMATION;
2452STRUCT!{struct SYSTEM_ENCLAVE_LAUNCH_CONTROL_INFORMATION {
2453 EnclaveLaunchSigner: [UCHAR; 32],
2454}}
2455pub type PSYSTEM_ENCLAVE_LAUNCH_CONTROL_INFORMATION =
2456 *mut SYSTEM_ENCLAVE_LAUNCH_CONTROL_INFORMATION;
2457STRUCT!{struct SYSTEM_WORKLOAD_ALLOWED_CPU_SET_INFORMATION {
2458 WorkloadClass: ULONGLONG,
2459 CpuSets: [ULONGLONG; 1],
2460}}
2461pub type PSYSTEM_WORKLOAD_ALLOWED_CPU_SET_INFORMATION =
2462 *mut SYSTEM_WORKLOAD_ALLOWED_CPU_SET_INFORMATION;
2463EXTERN!{extern "system" {
2464 fn NtQuerySystemInformation(
2465 SystemInformationClass: SYSTEM_INFORMATION_CLASS,
2466 SystemInformation: PVOID,
2467 SystemInformationLength: ULONG,
2468 ReturnLength: PULONG,
2469 ) -> NTSTATUS;
2470 fn NtQuerySystemInformationEx(
2471 SystemInformationClass: SYSTEM_INFORMATION_CLASS,
2472 InputBuffer: PVOID,
2473 InputBufferLength: ULONG,
2474 SystemInformation: PVOID,
2475 SystemInformationLength: ULONG,
2476 ReturnLength: PULONG,
2477 ) -> NTSTATUS;
2478 fn NtSetSystemInformation(
2479 SystemInformationClass: SYSTEM_INFORMATION_CLASS,
2480 SystemInformation: PVOID,
2481 SystemInformationLength: ULONG,
2482 ) -> NTSTATUS;
2483}}
2484ENUM!{enum SYSDBG_COMMAND {
2485 SysDbgQueryModuleInformation = 0,
2486 SysDbgQueryTraceInformation = 1,
2487 SysDbgSetTracepoint = 2,
2488 SysDbgSetSpecialCall = 3,
2489 SysDbgClearSpecialCalls = 4,
2490 SysDbgQuerySpecialCalls = 5,
2491 SysDbgBreakPoint = 6,
2492 SysDbgQueryVersion = 7,
2493 SysDbgReadVirtual = 8,
2494 SysDbgWriteVirtual = 9,
2495 SysDbgReadPhysical = 10,
2496 SysDbgWritePhysical = 11,
2497 SysDbgReadControlSpace = 12,
2498 SysDbgWriteControlSpace = 13,
2499 SysDbgReadIoSpace = 14,
2500 SysDbgWriteIoSpace = 15,
2501 SysDbgReadMsr = 16,
2502 SysDbgWriteMsr = 17,
2503 SysDbgReadBusData = 18,
2504 SysDbgWriteBusData = 19,
2505 SysDbgCheckLowMemory = 20,
2506 SysDbgEnableKernelDebugger = 21,
2507 SysDbgDisableKernelDebugger = 22,
2508 SysDbgGetAutoKdEnable = 23,
2509 SysDbgSetAutoKdEnable = 24,
2510 SysDbgGetPrintBufferSize = 25,
2511 SysDbgSetPrintBufferSize = 26,
2512 SysDbgGetKdUmExceptionEnable = 27,
2513 SysDbgSetKdUmExceptionEnable = 28,
2514 SysDbgGetTriageDump = 29,
2515 SysDbgGetKdBlockEnable = 30,
2516 SysDbgSetKdBlockEnable = 31,
2517 SysDbgRegisterForUmBreakInfo = 32,
2518 SysDbgGetUmBreakPid = 33,
2519 SysDbgClearUmBreakPid = 34,
2520 SysDbgGetUmAttachPid = 35,
2521 SysDbgClearUmAttachPid = 36,
2522 SysDbgGetLiveKernelDump = 37,
2523}}
2524pub type PSYSDBG_COMMAND = *mut SYSDBG_COMMAND;
2525STRUCT!{struct SYSDBG_VIRTUAL {
2526 Address: PVOID,
2527 Buffer: PVOID,
2528 Request: ULONG,
2529}}
2530pub type PSYSDBG_VIRTUAL = *mut SYSDBG_VIRTUAL;
2531STRUCT!{struct SYSDBG_PHYSICAL {
2532 Address: PHYSICAL_ADDRESS,
2533 Buffer: PVOID,
2534 Request: ULONG,
2535}}
2536pub type PSYSDBG_PHYSICAL = *mut SYSDBG_PHYSICAL;
2537STRUCT!{struct SYSDBG_CONTROL_SPACE {
2538 Address: ULONG64,
2539 Buffer: PVOID,
2540 Request: ULONG,
2541 Processor: ULONG,
2542}}
2543pub type PSYSDBG_CONTROL_SPACE = *mut SYSDBG_CONTROL_SPACE;
2544STRUCT!{struct SYSDBG_IO_SPACE {
2545 Address: ULONG64,
2546 Buffer: PVOID,
2547 Request: ULONG,
2548 InterfaceType: INTERFACE_TYPE,
2549 BusNumber: ULONG,
2550 AddressSpace: ULONG,
2551}}
2552pub type PSYSDBG_IO_SPACE = *mut SYSDBG_IO_SPACE;
2553STRUCT!{struct SYSDBG_MSR {
2554 Msr: ULONG,
2555 Data: ULONG64,
2556}}
2557pub type PSYSDBG_MSR = *mut SYSDBG_MSR;
2558STRUCT!{struct SYSDBG_BUS_DATA {
2559 Address: ULONG,
2560 Buffer: PVOID,
2561 Request: ULONG,
2562 BusDataType: BUS_DATA_TYPE,
2563 BusNumber: ULONG,
2564 SlotNumber: ULONG,
2565}}
2566pub type PSYSDBG_BUS_DATA = *mut SYSDBG_BUS_DATA;
2567STRUCT!{struct SYSDBG_TRIAGE_DUMP {
2568 Flags: ULONG,
2569 BugCheckCode: ULONG,
2570 BugCheckParam1: ULONG_PTR,
2571 BugCheckParam2: ULONG_PTR,
2572 BugCheckParam3: ULONG_PTR,
2573 BugCheckParam4: ULONG_PTR,
2574 ProcessHandles: ULONG,
2575 ThreadHandles: ULONG,
2576 Handles: PHANDLE,
2577}}
2578pub type PSYSDBG_TRIAGE_DUMP = *mut SYSDBG_TRIAGE_DUMP;
2579STRUCT!{struct SYSDBG_LIVEDUMP_CONTROL_FLAGS {
2580 AsUlong: ULONG,
2581}}
2582BITFIELD!{SYSDBG_LIVEDUMP_CONTROL_FLAGS AsUlong: ULONG [
2583 UseDumpStorageStack set_UseDumpStorageStack[0..1],
2584 CompressMemoryPagesData set_CompressMemoryPagesData[1..2],
2585 IncludeUserSpaceMemoryPages set_IncludeUserSpaceMemoryPages[2..3],
2586 AbortIfMemoryPressure set_AbortIfMemoryPressure[3..4],
2587 Reserved set_Reserved[4..32],
2588]}
2589pub type PSYSDBG_LIVEDUMP_CONTROL_FLAGS = *mut SYSDBG_LIVEDUMP_CONTROL_FLAGS;
2590STRUCT!{struct SYSDBG_LIVEDUMP_CONTROL_ADDPAGES {
2591 AsUlong: ULONG,
2592}}
2593BITFIELD!{SYSDBG_LIVEDUMP_CONTROL_ADDPAGES AsUlong: ULONG [
2594 HypervisorPages set_HypervisorPages[0..1],
2595 Reserved set_Reserved[1..32],
2596]}
2597pub type PSYSDBG_LIVEDUMP_CONTROL_ADDPAGES = *mut SYSDBG_LIVEDUMP_CONTROL_ADDPAGES;
2598pub const SYSDBG_LIVEDUMP_CONTROL_VERSION: ULONG = 1;
2599STRUCT!{struct SYSDBG_LIVEDUMP_CONTROL {
2600 Version: ULONG,
2601 BugCheckCode: ULONG,
2602 BugCheckParam1: ULONG_PTR,
2603 BugCheckParam2: ULONG_PTR,
2604 BugCheckParam3: ULONG_PTR,
2605 BugCheckParam4: ULONG_PTR,
2606 DumpFileHandle: HANDLE,
2607 CancelEventHandle: HANDLE,
2608 Flags: SYSDBG_LIVEDUMP_CONTROL_FLAGS,
2609 AddPagesControl: SYSDBG_LIVEDUMP_CONTROL_ADDPAGES,
2610}}
2611pub type PSYSDBG_LIVEDUMP_CONTROL = *mut SYSDBG_LIVEDUMP_CONTROL;
2612EXTERN!{extern "system" {
2613 fn NtSystemDebugControl(
2614 Command: SYSDBG_COMMAND,
2615 InputBuffer: PVOID,
2616 InputBufferLength: ULONG,
2617 OutputBuffer: PVOID,
2618 OutputBufferLength: ULONG,
2619 ReturnLength: PULONG,
2620 ) -> NTSTATUS;
2621}}
2622ENUM!{enum HARDERROR_RESPONSE_OPTION {
2623 OptionAbortRetryIgnore = 0,
2624 OptionOk = 1,
2625 OptionOkCancel = 2,
2626 OptionRetryCancel = 3,
2627 OptionYesNo = 4,
2628 OptionYesNoCancel = 5,
2629 OptionShutdownSystem = 6,
2630 OptionOkNoWait = 7,
2631 OptionCancelTryContinue = 8,
2632}}
2633ENUM!{enum HARDERROR_RESPONSE {
2634 ResponseReturnToCaller = 0,
2635 ResponseNotHandled = 1,
2636 ResponseAbort = 2,
2637 ResponseCancel = 3,
2638 ResponseIgnore = 4,
2639 ResponseNo = 5,
2640 ResponseOk = 6,
2641 ResponseRetry = 7,
2642 ResponseYes = 8,
2643 ResponseTryAgain = 9,
2644 ResponseContinue = 10,
2645}}
2646pub const HARDERROR_OVERRIDE_ERRORMODE: ULONG = 0x10000000;
2647EXTERN!{extern "system" {
2648 fn NtRaiseHardError(
2649 ErrorStatus: NTSTATUS,
2650 NumberOfParameters: ULONG,
2651 UnicodeStringParameterMask: ULONG,
2652 Parameters: PULONG_PTR,
2653 ValidResponseOptions: ULONG,
2654 Response: PULONG,
2655 ) -> NTSTATUS;
2656}}
2657ENUM!{enum ALTERNATIVE_ARCHITECTURE_TYPE {
2658 StandardDesign = 0,
2659 NEC98x86 = 1,
2660 EndAlternatives = 2,
2661}}
2662pub const PROCESSOR_FEATURE_MAX: usize = 64;
2663pub const MAX_WOW64_SHARED_ENTRIES: u32 = 16;
2664pub const NX_SUPPORT_POLICY_ALWAYSOFF: u32 = 0;
2665pub const NX_SUPPORT_POLICY_ALWAYSON: u32 = 1;
2666pub const NX_SUPPORT_POLICY_OPTIN: u32 = 2;
2667pub const NX_SUPPORT_POLICY_OPTOUT: u32 = 3;
2668UNION!{union KUSER_SHARED_DATA_u {
2669 TickCount: KSYSTEM_TIME,
2670 TickCountQuad: ULONG64,
2671 ReservedTickCountOverlay: [ULONG; 3],
2672}}
2673STRUCT!{#[repr(packed(4))] struct KUSER_SHARED_DATA {
2674 TickCountLowDeprecated: ULONG,
2675 TickCountMultiplier: ULONG,
2676 InterruptTime: KSYSTEM_TIME,
2677 SystemTime: KSYSTEM_TIME,
2678 TimeZoneBias: KSYSTEM_TIME,
2679 ImageNumberLow: USHORT,
2680 ImageNumberHigh: USHORT,
2681 NtSystemRoot: [WCHAR; 260],
2682 MaxStackTraceDepth: ULONG,
2683 CryptoExponent: ULONG,
2684 TimeZoneId: ULONG,
2685 LargePageMinimum: ULONG,
2686 AitSamplingValue: ULONG,
2687 AppCompatFlag: ULONG,
2688 RNGSeedVersion: ULONGLONG,
2689 GlobalValidationRunlevel: ULONG,
2690 TimeZoneBiasStamp: LONG,
2691 NtBuildNumber: ULONG,
2692 NtProductType: NT_PRODUCT_TYPE,
2693 ProductTypeIsValid: BOOLEAN,
2694 Reserved0: [UCHAR; 1],
2695 NativeProcessorArchitecture: USHORT,
2696 NtMajorVersion: ULONG,
2697 NtMinorVersion: ULONG,
2698 ProcessorFeatures: [BOOLEAN; PROCESSOR_FEATURE_MAX],
2699 Reserved1: ULONG,
2700 Reserved3: ULONG,
2701 TimeSlip: ULONG,
2702 AlternativeArchitecture: ALTERNATIVE_ARCHITECTURE_TYPE,
2703 BootId: ULONG,
2704 SystemExpirationDate: LARGE_INTEGER,
2705 SuiteMask: ULONG,
2706 KdDebuggerEnabled: BOOLEAN,
2707 MitigationPolicies: UCHAR,
2708 Reserved6: [UCHAR; 2],
2709 ActiveConsoleId: ULONG,
2710 DismountCount: ULONG,
2711 ComPlusPackage: ULONG,
2712 LastSystemRITEventTickCount: ULONG,
2713 NumberOfPhysicalPages: ULONG,
2714 SafeBootMode: BOOLEAN,
2715 VirtualizationFlags: UCHAR,
2716 Reserved12: [UCHAR; 2],
2717 SharedDataFlags: ULONG,
2718 DataFlagsPad: [ULONG; 1],
2719 TestRetInstruction: ULONGLONG,
2720 QpcFrequency: LONGLONG,
2721 SystemCall: ULONG,
2722 SystemCallPad0: ULONG,
2723 SystemCallPad: [ULONGLONG; 2],
2724 u: KUSER_SHARED_DATA_u,
2725 //TickCountPad: [ULONG; 1],
2726 Cookie: ULONG,
2727 CookiePad: [ULONG; 1],
2728 ConsoleSessionForegroundProcessId: LONGLONG,
2729 TimeUpdateLock: ULONGLONG,
2730 BaselineSystemTimeQpc: ULONGLONG,
2731 BaselineInterruptTimeQpc: ULONGLONG,
2732 QpcSystemTimeIncrement: ULONGLONG,
2733 QpcInterruptTimeIncrement: ULONGLONG,
2734 QpcSystemTimeIncrementShift: UCHAR,
2735 QpcInterruptTimeIncrementShift: UCHAR,
2736 UnparkedProcessorCount: USHORT,
2737 EnclaveFeatureMask: [ULONG; 4],
2738 TelemetryCoverageRound: ULONG,
2739 UserModeGlobalLogger: [USHORT; 16],
2740 ImageFileExecutionOptions: ULONG,
2741 LangGenerationCount: ULONG,
2742 Reserved4: ULONGLONG,
2743 InterruptTimeBias: ULONG64,
2744 QpcBias: ULONG64,
2745 ActiveProcessorCount: ULONG,
2746 ActiveGroupCount: UCHAR,
2747 Reserved9: UCHAR,
2748 QpcData: UCHAR,
2749 TimeZoneBiasEffectiveStart: LARGE_INTEGER,
2750 TimeZoneBiasEffectiveEnd: LARGE_INTEGER,
2751 XState: XSTATE_CONFIGURATION,
2752}}
2753BITFIELD!{KUSER_SHARED_DATA MitigationPolicies: UCHAR [
2754 NXSupportPolicy set_NXSupportPolicy[0..2],
2755 SEHValidationPolicy set_SEHValidationPolicy[2..4],
2756 CurDirDevicesSkippedForDlls set_CurDirDevicesSkippedForDlls[4..6],
2757 Reserved set_Reserved[6..8],
2758]}
2759BITFIELD!{KUSER_SHARED_DATA SharedDataFlags: ULONG [
2760 DbgErrorPortPresent set_DbgErrorPortPresent[0..1],
2761 DbgElevationEnabled set_DbgElevationEnabled[1..2],
2762 DbgVirtEnabled set_DbgVirtEnabled[2..3],
2763 DbgInstallerDetectEnabled set_DbgInstallerDetectEnabled[3..4],
2764 DbgLkgEnabled set_DbgLkgEnabled[4..5],
2765 DbgDynProcessorEnabled set_DbgDynProcessorEnabled[5..6],
2766 DbgConsoleBrokerEnabled set_DbgConsoleBrokerEnabled[6..7],
2767 DbgSecureBootEnabled set_DbgSecureBootEnabled[7..8],
2768 DbgMultiSessionSku set_DbgMultiSessionSku[8..9],
2769 DbgMultiUsersInSessionSku set_DbgMultiUsersInSessionSku[9..10],
2770 DbgStateSeparationEnabled set_DbgStateSeparationEnabled[10..11],
2771 SpareBits set_SpareBits[11..32],
2772]}
2773BITFIELD!{KUSER_SHARED_DATA QpcData: UCHAR [
2774 QpcBypassEnabled set_QpcBypassEnabled[0..1],
2775 QpcShift set_QpcShift[1..2],
2776]}
2777pub type PKUSER_SHARED_DATA = *mut KUSER_SHARED_DATA;
2778pub const USER_SHARED_DATA: *const KUSER_SHARED_DATA = 0x7ffe0000 as *const _;
2779#[inline]
2780pub unsafe fn NtGetTickCount64() -> ULONGLONG {
923072b8
FG		 2781 let mut tick_count: ULARGE_INTEGER = uninitialized();
2782 #[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))] {
2783 *tick_count.QuadPart_mut() = read_volatile(&(*USER_SHARED_DATA).u.TickCountQuad);
2784 }
2785 #[cfg(target_arch = "x86")] {
2786 loop {
2787 tick_count.s_mut().HighPart =
2788 read_volatile(&(*USER_SHARED_DATA).u.TickCount.High1Time) as u32;
2789 tick_count.s_mut().LowPart = read_volatile(&(*USER_SHARED_DATA).u.TickCount.LowPart);
2790 if tick_count.s().HighPart == read_volatile(&(*USER_SHARED_DATA).u.TickCount.High2Time)
2791 as u32
2792 {
2793 break;
2794 }
2795 spin_loop_hint();
2796 }
2797 }
2798 (UInt32x32To64(tick_count.s().LowPart, (*USER_SHARED_DATA).TickCountMultiplier) >> 24)
2799 + (UInt32x32To64(
2800 tick_count.s().HighPart as u32,
2801 (*USER_SHARED_DATA).TickCountMultiplier,
2802 ) << 8)
2803}
2804#[inline]
2805pub unsafe fn NtGetTickCount() -> ULONG {
2806 #[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))] {
2807 ((read_volatile(&(*USER_SHARED_DATA).u.TickCountQuad)
2808 * (*USER_SHARED_DATA).TickCountMultiplier as u64) >> 24) as u32
2809 }
2810 #[cfg(target_arch = "x86")] {
923072b8
FG		 2811 let mut tick_count: ULARGE_INTEGER = uninitialized();
2812 loop {
2813 tick_count.s_mut().HighPart = read_volatile(&(*USER_SHARED_DATA).u.TickCount.High1Time)
2814 as u32;
2815 tick_count.s_mut().LowPart = read_volatile(&(*USER_SHARED_DATA).u.TickCount.LowPart);
2816 if tick_count.s().HighPart == read_volatile(&(*USER_SHARED_DATA).u.TickCount.High2Time)
2817 as u32
2818 {
2819 break;
2820 }
2821 spin_loop_hint();
2822 }
2823 ((UInt32x32To64(tick_count.s().LowPart, (*USER_SHARED_DATA).TickCountMultiplier) >> 24)
2824 + UInt32x32To64(
2825 (tick_count.s().HighPart as u32) << 8,
2826 (*USER_SHARED_DATA).TickCountMultiplier,
2827 )) as u32
2828 }
2829}
2830EXTERN!{extern "system" {
2831 fn NtQueryDefaultLocale(
2832 UserProfile: BOOLEAN,
2833 DefaultLocaleId: PLCID,
2834 ) -> NTSTATUS;
2835 fn NtSetDefaultLocale(
2836 UserProfile: BOOLEAN,
2837 DefaultLocaleId: LCID,
2838 ) -> NTSTATUS;
2839 fn NtQueryInstallUILanguage(
2840 InstallUILanguageId: *mut LANGID,
2841 ) -> NTSTATUS;
2842 fn NtFlushInstallUILanguage(
2843 InstallUILanguage: LANGID,
2844 SetComittedFlag: ULONG,
2845 ) -> NTSTATUS;
2846 fn NtQueryDefaultUILanguage(
2847 DefaultUILanguageId: *mut LANGID,
2848 ) -> NTSTATUS;
2849 fn NtSetDefaultUILanguage(
2850 DefaultUILanguageId: LANGID,
2851 ) -> NTSTATUS;
2852 fn NtIsUILanguageComitted() -> NTSTATUS;
2853 fn NtInitializeNlsFiles(
2854 BaseAddress: *mut PVOID,
2855 DefaultLocaleId: PLCID,
2856 DefaultCasingTableSize: PLARGE_INTEGER,
2857 ) -> NTSTATUS;
2858 fn NtGetNlsSectionPtr(
2859 SectionType: ULONG,
2860 SectionData: ULONG,
2861 ContextData: PVOID,
2862 SectionPointer: *mut PVOID,
2863 SectionSize: PULONG,
2864 ) -> NTSTATUS;
2865 fn NtMapCMFModule(
2866 What: ULONG,
2867 Index: ULONG,
2868 CacheIndexOut: PULONG,
2869 CacheFlagsOut: PULONG,
2870 ViewSizeOut: PULONG,
2871 BaseAddress: *mut PVOID,
2872 ) -> NTSTATUS;
2873 fn NtGetMUIRegistryInfo(
2874 Flags: ULONG,
2875 DataSize: PULONG,
2876 Data: PVOID,
2877 ) -> NTSTATUS;
2878 fn NtAddAtom(
2879 AtomName: PWSTR,
2880 Length: ULONG,
2881 Atom: PRTL_ATOM,
2882 ) -> NTSTATUS;
2883}}
2884pub const ATOM_FLAG_GLOBAL: ULONG = 0x2;
2885EXTERN!{extern "system" {
2886 fn NtAddAtomEx(
2887 AtomName: PWSTR,
2888 Length: ULONG,
2889 Atom: PRTL_ATOM,
2890 Flags: ULONG,
2891 ) -> NTSTATUS;
2892 fn NtFindAtom(
2893 AtomName: PWSTR,
2894 Length: ULONG,
2895 Atom: PRTL_ATOM,
2896 ) -> NTSTATUS;
2897 fn NtDeleteAtom(
2898 Atom: RTL_ATOM,
2899 ) -> NTSTATUS;
2900}}
2901ENUM!{enum ATOM_INFORMATION_CLASS {
2902 AtomBasicInformation = 0,
2903 AtomTableInformation = 1,
2904}}
2905STRUCT!{struct ATOM_BASIC_INFORMATION {
2906 UsageCount: USHORT,
2907 Flags: USHORT,
2908 NameLength: USHORT,
2909 Name: [WCHAR; 1],
2910}}
2911pub type PATOM_BASIC_INFORMATION = *mut ATOM_BASIC_INFORMATION;
2912STRUCT!{struct ATOM_TABLE_INFORMATION {
2913 NumberOfAtoms: ULONG,
2914 Atoms: [RTL_ATOM; 1],
2915}}
2916pub type PATOM_TABLE_INFORMATION = *mut ATOM_TABLE_INFORMATION;
2917EXTERN!{extern "system" {
2918 fn NtQueryInformationAtom(
2919 Atom: RTL_ATOM,
2920 AtomInformationClass: ATOM_INFORMATION_CLASS,
2921 AtomInformation: PVOID,
2922 AtomInformationLength: ULONG,
2923 ReturnLength: PULONG,
2924 ) -> NTSTATUS;
2925}}
2926pub const FLG_STOP_ON_EXCEPTION: u32 = 0x00000001;
2927pub const FLG_SHOW_LDR_SNAPS: u32 = 0x00000002;
2928pub const FLG_DEBUG_INITIAL_COMMAND: u32 = 0x00000004;
2929pub const FLG_STOP_ON_HUNG_GUI: u32 = 0x00000008;
2930pub const FLG_HEAP_ENABLE_TAIL_CHECK: u32 = 0x00000010;
2931pub const FLG_HEAP_ENABLE_FREE_CHECK: u32 = 0x00000020;
2932pub const FLG_HEAP_VALIDATE_PARAMETERS: u32 = 0x00000040;
2933pub const FLG_HEAP_VALIDATE_ALL: u32 = 0x00000080;
2934pub const FLG_APPLICATION_VERIFIER: u32 = 0x00000100;
2935pub const FLG_POOL_ENABLE_TAGGING: u32 = 0x00000400;
2936pub const FLG_HEAP_ENABLE_TAGGING: u32 = 0x00000800;
2937pub const FLG_USER_STACK_TRACE_DB: u32 = 0x00001000;
2938pub const FLG_KERNEL_STACK_TRACE_DB: u32 = 0x00002000;
2939pub const FLG_MAINTAIN_OBJECT_TYPELIST: u32 = 0x00004000;
2940pub const FLG_HEAP_ENABLE_TAG_BY_DLL: u32 = 0x00008000;
2941pub const FLG_DISABLE_STACK_EXTENSION: u32 = 0x00010000;
2942pub const FLG_ENABLE_CSRDEBUG: u32 = 0x00020000;
2943pub const FLG_ENABLE_KDEBUG_SYMBOL_LOAD: u32 = 0x00040000;
2944pub const FLG_DISABLE_PAGE_KERNEL_STACKS: u32 = 0x00080000;
2945pub const FLG_ENABLE_SYSTEM_CRIT_BREAKS: u32 = 0x00100000;
2946pub const FLG_HEAP_DISABLE_COALESCING: u32 = 0x00200000;
2947pub const FLG_ENABLE_CLOSE_EXCEPTIONS: u32 = 0x00400000;
2948pub const FLG_ENABLE_EXCEPTION_LOGGING: u32 = 0x00800000;
2949pub const FLG_ENABLE_HANDLE_TYPE_TAGGING: u32 = 0x01000000;
2950pub const FLG_HEAP_PAGE_ALLOCS: u32 = 0x02000000;
2951pub const FLG_DEBUG_INITIAL_COMMAND_EX: u32 = 0x04000000;
2952pub const FLG_DISABLE_DBGPRINT: u32 = 0x08000000;
2953pub const FLG_CRITSEC_EVENT_CREATION: u32 = 0x10000000;
2954pub const FLG_LDR_TOP_DOWN: u32 = 0x20000000;
2955pub const FLG_ENABLE_HANDLE_EXCEPTIONS: u32 = 0x40000000;
2956pub const FLG_DISABLE_PROTDLLS: u32 = 0x80000000;
2957pub const FLG_VALID_BITS: u32 = 0xfffffdff;
2958pub const FLG_USERMODE_VALID_BITS: u32 = FLG_STOP_ON_EXCEPTION | FLG_SHOW_LDR_SNAPS
2959 | FLG_HEAP_ENABLE_TAIL_CHECK | FLG_HEAP_ENABLE_FREE_CHECK | FLG_HEAP_VALIDATE_PARAMETERS
2960 | FLG_HEAP_VALIDATE_ALL | FLG_APPLICATION_VERIFIER | FLG_HEAP_ENABLE_TAGGING
2961 | FLG_USER_STACK_TRACE_DB | FLG_HEAP_ENABLE_TAG_BY_DLL | FLG_DISABLE_STACK_EXTENSION
2962 | FLG_ENABLE_SYSTEM_CRIT_BREAKS | FLG_HEAP_DISABLE_COALESCING | FLG_DISABLE_PROTDLLS
2963 | FLG_HEAP_PAGE_ALLOCS | FLG_CRITSEC_EVENT_CREATION | FLG_LDR_TOP_DOWN;
2964pub const FLG_BOOTONLY_VALID_BITS: u32 = FLG_KERNEL_STACK_TRACE_DB | FLG_MAINTAIN_OBJECT_TYPELIST
2965 | FLG_ENABLE_CSRDEBUG | FLG_DEBUG_INITIAL_COMMAND | FLG_DEBUG_INITIAL_COMMAND_EX
2966 | FLG_DISABLE_PAGE_KERNEL_STACKS;
2967pub const FLG_KERNELMODE_VALID_BITS: u32 = FLG_STOP_ON_EXCEPTION | FLG_SHOW_LDR_SNAPS
2968 | FLG_STOP_ON_HUNG_GUI | FLG_POOL_ENABLE_TAGGING | FLG_ENABLE_KDEBUG_SYMBOL_LOAD
2969 | FLG_ENABLE_CLOSE_EXCEPTIONS | FLG_ENABLE_EXCEPTION_LOGGING | FLG_ENABLE_HANDLE_TYPE_TAGGING
2970 | FLG_DISABLE_DBGPRINT | FLG_ENABLE_HANDLE_EXCEPTIONS;
2971EXTERN!{extern "system" {
2972 fn NtQueryLicenseValue(
2973 ValueName: PUNICODE_STRING,
2974 Type: PULONG,
2975 Data: PVOID,
2976 DataSize: ULONG,
2977 ResultDataSize: PULONG,
2978 ) -> NTSTATUS;
2979 fn NtSetDefaultHardErrorPort(
2980 DefaultHardErrorPort: HANDLE,
2981 ) -> NTSTATUS;
2982}}
2983ENUM!{enum SHUTDOWN_ACTION {
2984 ShutdownNoReboot = 0,
2985 ShutdownReboot = 1,
2986 ShutdownPowerOff = 2,
2987}}
2988EXTERN!{extern "system" {
2989 fn NtShutdownSystem(
2990 Action: SHUTDOWN_ACTION,
2991 ) -> NTSTATUS;
2992 fn NtDisplayString(
2993 String: PUNICODE_STRING,
2994 ) -> NTSTATUS;
2995 fn NtDrawText(
2996 Text: PUNICODE_STRING,
2997 ) -> NTSTATUS;
2998}}
backport for Debian buster