]> git.proxmox.com Git - rustc.git/blob - vendor/ntapi/src/ntzwapi.rs
projects / rustc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
New upstream version 1.63.0+dfsg1
[rustc.git] / vendor / ntapi / src / ntzwapi.rs
1 use crate::ntapi_base::{PCLIENT_ID, PRTL_ATOM, RTL_ATOM};
2 use crate::ntdbg::DEBUGOBJECTINFOCLASS;
3 use crate::ntexapi::{
4 ATOM_INFORMATION_CLASS, EVENT_INFORMATION_CLASS, MUTANT_INFORMATION_CLASS, PBOOT_ENTRY,
5 PBOOT_OPTIONS, PCWNF_TYPE_ID, PEFI_DRIVER_ENTRY, PFILE_PATH, PT2_CANCEL_PARAMETERS,
6 PT2_SET_PARAMETERS, PTIMER_APC_ROUTINE, PWNF_CHANGE_STAMP, PWNF_DELIVERY_DESCRIPTOR,
7 SEMAPHORE_INFORMATION_CLASS, SHUTDOWN_ACTION, SYSDBG_COMMAND, SYSTEM_INFORMATION_CLASS,
8 TIMER_INFORMATION_CLASS, TIMER_SET_INFORMATION_CLASS, WNF_CHANGE_STAMP, WNF_DATA_SCOPE,
9 WNF_STATE_NAME_INFORMATION, WNF_STATE_NAME_LIFETIME, WORKERFACTORYINFOCLASS,
10 };
11 use crate::ntioapi::{
12 FILE_INFORMATION_CLASS, FILE_IO_COMPLETION_INFORMATION, FS_INFORMATION_CLASS,
13 IO_COMPLETION_INFORMATION_CLASS, IO_SESSION_EVENT, IO_SESSION_STATE, PFILE_BASIC_INFORMATION,
14 PFILE_IO_COMPLETION_INFORMATION, PFILE_NETWORK_OPEN_INFORMATION, PIO_APC_ROUTINE,
15 PIO_STATUS_BLOCK,
16 };
17 use crate::ntkeapi::KPROFILE_SOURCE;
18 use crate::ntlpcapi::{
19 ALPC_HANDLE, ALPC_MESSAGE_INFORMATION_CLASS, ALPC_PORT_INFORMATION_CLASS, PALPC_CONTEXT_ATTR,
20 PALPC_DATA_VIEW_ATTR, PALPC_HANDLE, PALPC_MESSAGE_ATTRIBUTES, PALPC_PORT_ATTRIBUTES,
21 PALPC_SECURITY_ATTR, PORT_INFORMATION_CLASS, PPORT_MESSAGE, PPORT_VIEW, PREMOTE_PORT_VIEW,
22 };
23 use crate::ntmisc::VDMSERVICECLASS;
24 use crate::ntmmapi::{
25 MEMORY_INFORMATION_CLASS, MEMORY_PARTITION_INFORMATION_CLASS, PMEMORY_RANGE_ENTRY,
26 SECTION_INFORMATION_CLASS, SECTION_INHERIT, VIRTUAL_MEMORY_INFORMATION_CLASS,
27 };
28 use crate::ntobapi::OBJECT_INFORMATION_CLASS;
29 use crate::ntpnpapi::{PLUGPLAY_CONTROL_CLASS, PPLUGPLAY_EVENT_BLOCK};
30 use crate::ntpsapi::{
31 MEMORY_RESERVE_TYPE, PINITIAL_TEB, PPS_APC_ROUTINE, PPS_ATTRIBUTE_LIST, PPS_CREATE_INFO,
32 PROCESSINFOCLASS, THREADINFOCLASS,
33 };
34 use crate::ntregapi::{
35 KEY_INFORMATION_CLASS, KEY_SET_INFORMATION_CLASS, KEY_VALUE_INFORMATION_CLASS,
36 PKEY_VALUE_ENTRY,
37 };
38 use crate::ntseapi::PTOKEN_SECURITY_ATTRIBUTES_INFORMATION;
39 use winapi::shared::basetsd::{
40 KAFFINITY, PSIZE_T, PULONG64, PULONG_PTR, SIZE_T, ULONG64, ULONG_PTR,
41 };
42 use winapi::shared::guiddef::LPGUID;
43 use winapi::shared::ktmtypes::{NOTIFICATION_MASK, PCRM_PROTOCOL_ID, PTRANSACTION_NOTIFICATION};
44 use winapi::shared::ntdef::{
45 BOOLEAN, EVENT_TYPE, HANDLE, LANGID, LCID, LOGICAL, LONG, NTSTATUS, OBJECT_ATTRIBUTES,
46 PBOOLEAN, PCHAR, PCWNF_STATE_NAME, PGROUP_AFFINITY, PHANDLE, PLARGE_INTEGER, PLCID, PLONG,
47 PLUID, PNTSTATUS, POBJECT_ATTRIBUTES, PUCHAR, PULARGE_INTEGER, PULONG, PULONGLONG,
48 PUNICODE_STRING, PUSHORT, PVOID, PWNF_STATE_NAME, PWSTR, TIMER_TYPE, ULONG, USHORT, VOID,
49 WAIT_TYPE,
50 };
51 use winapi::um::winnt::{
52 ACCESS_MASK, AUDIT_EVENT_TYPE, ENLISTMENT_INFORMATION_CLASS, EXECUTION_STATE,
53 JOBOBJECTINFOCLASS, KTMOBJECT_TYPE, LATENCY_TIME, PACCESS_MASK, PCONTEXT, PDEVICE_POWER_STATE,
54 PEXCEPTION_RECORD, PFILE_SEGMENT_ELEMENT, PGENERIC_MAPPING, PJOB_SET_ARRAY, PKTMOBJECT_CURSOR,
55 POBJECT_TYPE_LIST, POWER_ACTION, POWER_INFORMATION_LEVEL, PPRIVILEGE_SET, PSECURITY_DESCRIPTOR,
56 PSECURITY_QUALITY_OF_SERVICE, PSE_SIGNING_LEVEL, PSID, PSID_AND_ATTRIBUTES,
57 PTOKEN_DEFAULT_DACL, PTOKEN_GROUPS, PTOKEN_MANDATORY_POLICY, PTOKEN_OWNER,
58 PTOKEN_PRIMARY_GROUP, PTOKEN_PRIVILEGES, PTOKEN_SOURCE, PTOKEN_USER,
59 RESOURCEMANAGER_INFORMATION_CLASS, SECURITY_INFORMATION, SE_SIGNING_LEVEL, SYSTEM_POWER_STATE,
60 TOKEN_INFORMATION_CLASS, TOKEN_TYPE, TRANSACTIONMANAGER_INFORMATION_CLASS,
61 TRANSACTION_INFORMATION_CLASS,
62 };
63 EXTERN!{extern "system" {
64 fn ZwAcceptConnectPort(
65 PortHandle: PHANDLE,
66 PortContext: PVOID,
67 ConnectionRequest: PPORT_MESSAGE,
68 AcceptConnection: BOOLEAN,
69 ServerView: PPORT_VIEW,
70 ClientView: PREMOTE_PORT_VIEW,
71 ) -> NTSTATUS;
72 fn ZwAccessCheck(
73 SecurityDescriptor: PSECURITY_DESCRIPTOR,
74 ClientToken: HANDLE,
75 DesiredAccess: ACCESS_MASK,
76 GenericMapping: PGENERIC_MAPPING,
77 PrivilegeSet: PPRIVILEGE_SET,
78 PrivilegeSetLength: PULONG,
79 GrantedAccess: PACCESS_MASK,
80 AccessStatus: PNTSTATUS,
81 ) -> NTSTATUS;
82 fn ZwAccessCheckAndAuditAlarm(
83 SubsystemName: PUNICODE_STRING,
84 HandleId: PVOID,
85 ObjectTypeName: PUNICODE_STRING,
86 ObjectName: PUNICODE_STRING,
87 SecurityDescriptor: PSECURITY_DESCRIPTOR,
88 DesiredAccess: ACCESS_MASK,
89 GenericMapping: PGENERIC_MAPPING,
90 ObjectCreation: BOOLEAN,
91 GrantedAccess: PACCESS_MASK,
92 AccessStatus: PNTSTATUS,
93 GenerateOnClose: PBOOLEAN,
94 ) -> NTSTATUS;
95 fn ZwAccessCheckByType(
96 SecurityDescriptor: PSECURITY_DESCRIPTOR,
97 PrincipalSelfSid: PSID,
98 ClientToken: HANDLE,
99 DesiredAccess: ACCESS_MASK,
100 ObjectTypeList: POBJECT_TYPE_LIST,
101 ObjectTypeListLength: ULONG,
102 GenericMapping: PGENERIC_MAPPING,
103 PrivilegeSet: PPRIVILEGE_SET,
104 PrivilegeSetLength: PULONG,
105 GrantedAccess: PACCESS_MASK,
106 AccessStatus: PNTSTATUS,
107 ) -> NTSTATUS;
108 fn ZwAccessCheckByTypeAndAuditAlarm(
109 SubsystemName: PUNICODE_STRING,
110 HandleId: PVOID,
111 ObjectTypeName: PUNICODE_STRING,
112 ObjectName: PUNICODE_STRING,
113 SecurityDescriptor: PSECURITY_DESCRIPTOR,
114 PrincipalSelfSid: PSID,
115 DesiredAccess: ACCESS_MASK,
116 AuditType: AUDIT_EVENT_TYPE,
117 Flags: ULONG,
118 ObjectTypeList: POBJECT_TYPE_LIST,
119 ObjectTypeListLength: ULONG,
120 GenericMapping: PGENERIC_MAPPING,
121 ObjectCreation: BOOLEAN,
122 GrantedAccess: PACCESS_MASK,
123 AccessStatus: PNTSTATUS,
124 GenerateOnClose: PBOOLEAN,
125 ) -> NTSTATUS;
126 fn ZwAccessCheckByTypeResultList(
127 SecurityDescriptor: PSECURITY_DESCRIPTOR,
128 PrincipalSelfSid: PSID,
129 ClientToken: HANDLE,
130 DesiredAccess: ACCESS_MASK,
131 ObjectTypeList: POBJECT_TYPE_LIST,
132 ObjectTypeListLength: ULONG,
133 GenericMapping: PGENERIC_MAPPING,
134 PrivilegeSet: PPRIVILEGE_SET,
135 PrivilegeSetLength: PULONG,
136 GrantedAccess: PACCESS_MASK,
137 AccessStatus: PNTSTATUS,
138 ) -> NTSTATUS;
139 fn ZwAccessCheckByTypeResultListAndAuditAlarm(
140 SubsystemName: PUNICODE_STRING,
141 HandleId: PVOID,
142 ObjectTypeName: PUNICODE_STRING,
143 ObjectName: PUNICODE_STRING,
144 SecurityDescriptor: PSECURITY_DESCRIPTOR,
145 PrincipalSelfSid: PSID,
146 DesiredAccess: ACCESS_MASK,
147 AuditType: AUDIT_EVENT_TYPE,
148 Flags: ULONG,
149 ObjectTypeList: POBJECT_TYPE_LIST,
150 ObjectTypeListLength: ULONG,
151 GenericMapping: PGENERIC_MAPPING,
152 ObjectCreation: BOOLEAN,
153 GrantedAccess: PACCESS_MASK,
154 AccessStatus: PNTSTATUS,
155 GenerateOnClose: PBOOLEAN,
156 ) -> NTSTATUS;
157 fn ZwAccessCheckByTypeResultListAndAuditAlarmByHandle(
158 SubsystemName: PUNICODE_STRING,
159 HandleId: PVOID,
160 ClientToken: HANDLE,
161 ObjectTypeName: PUNICODE_STRING,
162 ObjectName: PUNICODE_STRING,
163 SecurityDescriptor: PSECURITY_DESCRIPTOR,
164 PrincipalSelfSid: PSID,
165 DesiredAccess: ACCESS_MASK,
166 AuditType: AUDIT_EVENT_TYPE,
167 Flags: ULONG,
168 ObjectTypeList: POBJECT_TYPE_LIST,
169 ObjectTypeListLength: ULONG,
170 GenericMapping: PGENERIC_MAPPING,
171 ObjectCreation: BOOLEAN,
172 GrantedAccess: PACCESS_MASK,
173 AccessStatus: PNTSTATUS,
174 GenerateOnClose: PBOOLEAN,
175 ) -> NTSTATUS;
176 fn ZwAcquireCMFViewOwnership(
177 TimeStamp: PULONGLONG,
178 tokenTaken: PBOOLEAN,
179 replaceExisting: BOOLEAN,
180 ) -> NTSTATUS;
181 fn ZwAddAtom(
182 AtomName: PWSTR,
183 Length: ULONG,
184 Atom: PRTL_ATOM,
185 ) -> NTSTATUS;
186 fn ZwAddAtomEx(
187 AtomName: PWSTR,
188 Length: ULONG,
189 Atom: PRTL_ATOM,
190 Flags: ULONG,
191 ) -> NTSTATUS;
192 fn ZwAddBootEntry(
193 BootEntry: PBOOT_ENTRY,
194 Id: PULONG,
195 ) -> NTSTATUS;
196 fn ZwAddDriverEntry(
197 DriverEntry: PEFI_DRIVER_ENTRY,
198 Id: PULONG,
199 ) -> NTSTATUS;
200 fn ZwAdjustGroupsToken(
201 TokenHandle: HANDLE,
202 ResetToDefault: BOOLEAN,
203 NewState: PTOKEN_GROUPS,
204 BufferLength: ULONG,
205 PreviousState: PTOKEN_GROUPS,
206 ReturnLength: PULONG,
207 ) -> NTSTATUS;
208 fn ZwAdjustPrivilegesToken(
209 TokenHandle: HANDLE,
210 DisableAllPrivileges: BOOLEAN,
211 NewState: PTOKEN_PRIVILEGES,
212 BufferLength: ULONG,
213 PreviousState: PTOKEN_PRIVILEGES,
214 ReturnLength: PULONG,
215 ) -> NTSTATUS;
216 fn ZwAdjustTokenClaimsAndDeviceGroups(
217 TokenHandle: HANDLE,
218 UserResetToDefault: BOOLEAN,
219 DeviceResetToDefault: BOOLEAN,
220 DeviceGroupsResetToDefault: BOOLEAN,
221 NewUserState: PTOKEN_SECURITY_ATTRIBUTES_INFORMATION,
222 NewDeviceState: PTOKEN_SECURITY_ATTRIBUTES_INFORMATION,
223 NewDeviceGroupsState: PTOKEN_GROUPS,
224 UserBufferLength: ULONG,
225 PreviousUserState: PTOKEN_SECURITY_ATTRIBUTES_INFORMATION,
226 DeviceBufferLength: ULONG,
227 PreviousDeviceState: PTOKEN_SECURITY_ATTRIBUTES_INFORMATION,
228 DeviceGroupsBufferLength: ULONG,
229 PreviousDeviceGroups: PTOKEN_GROUPS,
230 UserReturnLength: PULONG,
231 DeviceReturnLength: PULONG,
232 DeviceGroupsReturnBufferLength: PULONG,
233 ) -> NTSTATUS;
234 fn ZwAlertResumeThread(
235 ThreadHandle: HANDLE,
236 PreviousSuspendCount: PULONG,
237 ) -> NTSTATUS;
238 fn ZwAlertThread(
239 ThreadHandle: HANDLE,
240 ) -> NTSTATUS;
241 fn ZwAlertThreadByThreadId(
242 ThreadId: HANDLE,
243 ) -> NTSTATUS;
244 fn ZwAllocateLocallyUniqueId(
245 Luid: PLUID,
246 ) -> NTSTATUS;
247 fn ZwAllocateReserveObject(
248 MemoryReserveHandle: PHANDLE,
249 ObjectAttributes: POBJECT_ATTRIBUTES,
250 Type: MEMORY_RESERVE_TYPE,
251 ) -> NTSTATUS;
252 fn ZwAllocateUserPhysicalPages(
253 ProcessHandle: HANDLE,
254 NumberOfPages: PULONG_PTR,
255 UserPfnArray: PULONG_PTR,
256 ) -> NTSTATUS;
257 fn ZwAllocateUuids(
258 Time: PULARGE_INTEGER,
259 Range: PULONG,
260 Sequence: PULONG,
261 Seed: PCHAR,
262 ) -> NTSTATUS;
263 fn ZwAllocateVirtualMemory(
264 ProcessHandle: HANDLE,
265 BaseAddress: *mut PVOID,
266 ZeroBits: ULONG_PTR,
267 RegionSize: PSIZE_T,
268 AllocationType: ULONG,
269 Protect: ULONG,
270 ) -> NTSTATUS;
271 fn ZwAlpcAcceptConnectPort(
272 PortHandle: PHANDLE,
273 ConnectionPortHandle: HANDLE,
274 Flags: ULONG,
275 ObjectAttributes: POBJECT_ATTRIBUTES,
276 PortAttributes: PALPC_PORT_ATTRIBUTES,
277 PortContext: PVOID,
278 ConnectionRequest: PPORT_MESSAGE,
279 ConnectionMessageAttributes: PALPC_MESSAGE_ATTRIBUTES,
280 AcceptConnection: BOOLEAN,
281 ) -> NTSTATUS;
282 fn ZwAlpcCancelMessage(
283 PortHandle: HANDLE,
284 Flags: ULONG,
285 MessageContext: PALPC_CONTEXT_ATTR,
286 ) -> NTSTATUS;
287 fn ZwAlpcConnectPort(
288 PortHandle: PHANDLE,
289 PortName: PUNICODE_STRING,
290 ObjectAttributes: POBJECT_ATTRIBUTES,
291 PortAttributes: PALPC_PORT_ATTRIBUTES,
292 Flags: ULONG,
293 RequiredServerSid: PSID,
294 ConnectionMessage: PPORT_MESSAGE,
295 BufferLength: PULONG,
296 OutMessageAttributes: PALPC_MESSAGE_ATTRIBUTES,
297 InMessageAttributes: PALPC_MESSAGE_ATTRIBUTES,
298 Timeout: PLARGE_INTEGER,
299 ) -> NTSTATUS;
300 fn ZwAlpcConnectPortEx(
301 PortHandle: PHANDLE,
302 ConnectionPortObjectAttributes: POBJECT_ATTRIBUTES,
303 ClientPortObjectAttributes: POBJECT_ATTRIBUTES,
304 PortAttributes: PALPC_PORT_ATTRIBUTES,
305 Flags: ULONG,
306 ServerSecurityRequirements: PSECURITY_DESCRIPTOR,
307 ConnectionMessage: PPORT_MESSAGE,
308 BufferLength: PSIZE_T,
309 OutMessageAttributes: PALPC_MESSAGE_ATTRIBUTES,
310 InMessageAttributes: PALPC_MESSAGE_ATTRIBUTES,
311 Timeout: PLARGE_INTEGER,
312 ) -> NTSTATUS;
313 fn ZwAlpcCreatePort(
314 PortHandle: PHANDLE,
315 ObjectAttributes: POBJECT_ATTRIBUTES,
316 PortAttributes: PALPC_PORT_ATTRIBUTES,
317 ) -> NTSTATUS;
318 fn ZwAlpcCreatePortSection(
319 PortHandle: HANDLE,
320 Flags: ULONG,
321 SectionHandle: HANDLE,
322 SectionSize: SIZE_T,
323 AlpcSectionHandle: PALPC_HANDLE,
324 ActualSectionSize: PSIZE_T,
325 ) -> NTSTATUS;
326 fn ZwAlpcCreateResourceReserve(
327 PortHandle: HANDLE,
328 Flags: ULONG,
329 MessageSize: SIZE_T,
330 ResourceId: PALPC_HANDLE,
331 ) -> NTSTATUS;
332 fn ZwAlpcCreateSectionView(
333 PortHandle: HANDLE,
334 Flags: ULONG,
335 ViewAttributes: PALPC_DATA_VIEW_ATTR,
336 ) -> NTSTATUS;
337 fn ZwAlpcCreateSecurityContext(
338 PortHandle: HANDLE,
339 Flags: ULONG,
340 SecurityAttribute: PALPC_SECURITY_ATTR,
341 ) -> NTSTATUS;
342 fn ZwAlpcDeletePortSection(
343 PortHandle: HANDLE,
344 Flags: ULONG,
345 SectionHandle: ALPC_HANDLE,
346 ) -> NTSTATUS;
347 fn ZwAlpcDeleteResourceReserve(
348 PortHandle: HANDLE,
349 Flags: ULONG,
350 ResourceId: ALPC_HANDLE,
351 ) -> NTSTATUS;
352 fn ZwAlpcDeleteSectionView(
353 PortHandle: HANDLE,
354 Flags: ULONG,
355 ViewBase: PVOID,
356 ) -> NTSTATUS;
357 fn ZwAlpcDeleteSecurityContext(
358 PortHandle: HANDLE,
359 Flags: ULONG,
360 ContextHandle: ALPC_HANDLE,
361 ) -> NTSTATUS;
362 fn ZwAlpcDisconnectPort(
363 PortHandle: HANDLE,
364 Flags: ULONG,
365 ) -> NTSTATUS;
366 fn ZwAlpcImpersonateClientContainerOfPort(
367 PortHandle: HANDLE,
368 Message: PPORT_MESSAGE,
369 Flags: ULONG,
370 ) -> NTSTATUS;
371 fn ZwAlpcImpersonateClientOfPort(
372 PortHandle: HANDLE,
373 Message: PPORT_MESSAGE,
374 Flags: PVOID,
375 ) -> NTSTATUS;
376 fn ZwAlpcOpenSenderProcess(
377 ProcessHandle: PHANDLE,
378 PortHandle: HANDLE,
379 PortMessage: PPORT_MESSAGE,
380 Flags: ULONG,
381 DesiredAccess: ACCESS_MASK,
382 ObjectAttributes: POBJECT_ATTRIBUTES,
383 ) -> NTSTATUS;
384 fn ZwAlpcOpenSenderThread(
385 ThreadHandle: PHANDLE,
386 PortHandle: HANDLE,
387 PortMessage: PPORT_MESSAGE,
388 Flags: ULONG,
389 DesiredAccess: ACCESS_MASK,
390 ObjectAttributes: POBJECT_ATTRIBUTES,
391 ) -> NTSTATUS;
392 fn ZwAlpcQueryInformation(
393 PortHandle: HANDLE,
394 PortInformationClass: ALPC_PORT_INFORMATION_CLASS,
395 PortInformation: PVOID,
396 Length: ULONG,
397 ReturnLength: PULONG,
398 ) -> NTSTATUS;
399 fn ZwAlpcQueryInformationMessage(
400 PortHandle: HANDLE,
401 PortMessage: PPORT_MESSAGE,
402 MessageInformationClass: ALPC_MESSAGE_INFORMATION_CLASS,
403 MessageInformation: PVOID,
404 Length: ULONG,
405 ReturnLength: PULONG,
406 ) -> NTSTATUS;
407 fn ZwAlpcRevokeSecurityContext(
408 PortHandle: HANDLE,
409 Flags: ULONG,
410 ContextHandle: ALPC_HANDLE,
411 ) -> NTSTATUS;
412 fn ZwAlpcSendWaitReceivePort(
413 PortHandle: HANDLE,
414 Flags: ULONG,
415 SendMessageA: PPORT_MESSAGE,
416 SendMessageAttributes: PALPC_MESSAGE_ATTRIBUTES,
417 ReceiveMessage: PPORT_MESSAGE,
418 BufferLength: PSIZE_T,
419 ReceiveMessageAttributes: PALPC_MESSAGE_ATTRIBUTES,
420 Timeout: PLARGE_INTEGER,
421 ) -> NTSTATUS;
422 fn ZwAlpcSetInformation(
423 PortHandle: HANDLE,
424 PortInformationClass: ALPC_PORT_INFORMATION_CLASS,
425 PortInformation: PVOID,
426 Length: ULONG,
427 ) -> NTSTATUS;
428 fn ZwAreMappedFilesTheSame(
429 File1MappedAsAnImage: PVOID,
430 File2MappedAsFile: PVOID,
431 ) -> NTSTATUS;
432 fn ZwAssignProcessToJobObject(
433 JobHandle: HANDLE,
434 ProcessHandle: HANDLE,
435 ) -> NTSTATUS;
436 fn ZwAssociateWaitCompletionPacket(
437 WaitCompletionPacketHandle: HANDLE,
438 IoCompletionHandle: HANDLE,
439 TargetObjectHandle: HANDLE,
440 KeyContext: PVOID,
441 ApcContext: PVOID,
442 IoStatus: NTSTATUS,
443 IoStatusInformation: ULONG_PTR,
444 AlreadySignaled: PBOOLEAN,
445 ) -> NTSTATUS;
446 fn ZwCallbackReturn(
447 OutputBuffer: PVOID,
448 OutputLength: ULONG,
449 Status: NTSTATUS,
450 ) -> NTSTATUS;
451 fn ZwCancelIoFile(
452 FileHandle: HANDLE,
453 IoStatusBlock: PIO_STATUS_BLOCK,
454 ) -> NTSTATUS;
455 fn ZwCancelIoFileEx(
456 FileHandle: HANDLE,
457 IoRequestToCancel: PIO_STATUS_BLOCK,
458 IoStatusBlock: PIO_STATUS_BLOCK,
459 ) -> NTSTATUS;
460 fn ZwCancelSynchronousIoFile(
461 ThreadHandle: HANDLE,
462 IoRequestToCancel: PIO_STATUS_BLOCK,
463 IoStatusBlock: PIO_STATUS_BLOCK,
464 ) -> NTSTATUS;
465 fn ZwCancelTimer(
466 TimerHandle: HANDLE,
467 CurrentState: PBOOLEAN,
468 ) -> NTSTATUS;
469 fn ZwCancelTimer2(
470 TimerHandle: HANDLE,
471 Parameters: PT2_CANCEL_PARAMETERS,
472 ) -> NTSTATUS;
473 fn ZwCancelWaitCompletionPacket(
474 WaitCompletionPacketHandle: HANDLE,
475 RemoveSignaledPacket: BOOLEAN,
476 ) -> NTSTATUS;
477 fn ZwClearEvent(
478 EventHandle: HANDLE,
479 ) -> NTSTATUS;
480 fn ZwClose(
481 Handle: HANDLE,
482 ) -> NTSTATUS;
483 fn ZwCloseObjectAuditAlarm(
484 SubsystemName: PUNICODE_STRING,
485 HandleId: PVOID,
486 GenerateOnClose: BOOLEAN,
487 ) -> NTSTATUS;
488 fn ZwCommitComplete(
489 EnlistmentHandle: HANDLE,
490 TmVirtualClock: PLARGE_INTEGER,
491 ) -> NTSTATUS;
492 fn ZwCommitEnlistment(
493 EnlistmentHandle: HANDLE,
494 TmVirtualClock: PLARGE_INTEGER,
495 ) -> NTSTATUS;
496 fn ZwCommitTransaction(
497 TransactionHandle: HANDLE,
498 Wait: BOOLEAN,
499 ) -> NTSTATUS;
500 fn ZwCompactKeys(
501 Count: ULONG,
502 KeyArray: *mut HANDLE,
503 ) -> NTSTATUS;
504 fn ZwCompareObjects(
505 FirstObjectHandle: HANDLE,
506 SecondObjectHandle: HANDLE,
507 ) -> NTSTATUS;
508 fn ZwCompareTokens(
509 FirstTokenHandle: HANDLE,
510 SecondTokenHandle: HANDLE,
511 Equal: PBOOLEAN,
512 ) -> NTSTATUS;
513 fn ZwCompleteConnectPort(
514 PortHandle: HANDLE,
515 ) -> NTSTATUS;
516 fn ZwCompressKey(
517 Key: HANDLE,
518 ) -> NTSTATUS;
519 fn ZwConnectPort(
520 PortHandle: PHANDLE,
521 PortName: PUNICODE_STRING,
522 SecurityQos: PSECURITY_QUALITY_OF_SERVICE,
523 ClientView: PPORT_VIEW,
524 ServerView: PREMOTE_PORT_VIEW,
525 MaxMessageLength: PULONG,
526 ConnectionInformation: PVOID,
527 ConnectionInformationLength: PULONG,
528 ) -> NTSTATUS;
529 fn ZwContinue(
530 ContextRecord: PCONTEXT,
531 TestAlert: BOOLEAN,
532 ) -> NTSTATUS;
533 fn ZwCreateDebugObject(
534 DebugObjectHandle: PHANDLE,
535 DesiredAccess: ACCESS_MASK,
536 ObjectAttributes: POBJECT_ATTRIBUTES,
537 Flags: ULONG,
538 ) -> NTSTATUS;
539 fn ZwCreateDirectoryObject(
540 DirectoryHandle: PHANDLE,
541 DesiredAccess: ACCESS_MASK,
542 ObjectAttributes: POBJECT_ATTRIBUTES,
543 ) -> NTSTATUS;
544 fn ZwCreateDirectoryObjectEx(
545 DirectoryHandle: PHANDLE,
546 DesiredAccess: ACCESS_MASK,
547 ObjectAttributes: POBJECT_ATTRIBUTES,
548 ShadowDirectoryHandle: HANDLE,
549 Flags: ULONG,
550 ) -> NTSTATUS;
551 fn ZwCreateEnlistment(
552 EnlistmentHandle: PHANDLE,
553 DesiredAccess: ACCESS_MASK,
554 ResourceManagerHandle: HANDLE,
555 TransactionHandle: HANDLE,
556 ObjectAttributes: POBJECT_ATTRIBUTES,
557 CreateOptions: ULONG,
558 NotificationMask: NOTIFICATION_MASK,
559 EnlistmentKey: PVOID,
560 ) -> NTSTATUS;
561 fn ZwCreateEvent(
562 EventHandle: PHANDLE,
563 DesiredAccess: ACCESS_MASK,
564 ObjectAttributes: POBJECT_ATTRIBUTES,
565 EventType: EVENT_TYPE,
566 InitialState: BOOLEAN,
567 ) -> NTSTATUS;
568 fn ZwCreateEventPair(
569 EventPairHandle: PHANDLE,
570 DesiredAccess: ACCESS_MASK,
571 ObjectAttributes: POBJECT_ATTRIBUTES,
572 ) -> NTSTATUS;
573 fn ZwCreateFile(
574 FileHandle: PHANDLE,
575 DesiredAccess: ACCESS_MASK,
576 ObjectAttributes: POBJECT_ATTRIBUTES,
577 IoStatusBlock: PIO_STATUS_BLOCK,
578 AllocationSize: PLARGE_INTEGER,
579 FileAttributes: ULONG,
580 ShareAccess: ULONG,
581 CreateDisposition: ULONG,
582 CreateOptions: ULONG,
583 EaBuffer: PVOID,
584 EaLength: ULONG,
585 ) -> NTSTATUS;
586 fn ZwCreateIRTimer(
587 TimerHandle: PHANDLE,
588 DesiredAccess: ACCESS_MASK,
589 ) -> NTSTATUS;
590 fn ZwCreateIoCompletion(
591 IoCompletionHandle: PHANDLE,
592 DesiredAccess: ACCESS_MASK,
593 ObjectAttributes: POBJECT_ATTRIBUTES,
594 Count: ULONG,
595 ) -> NTSTATUS;
596 fn ZwCreateJobObject(
597 JobHandle: PHANDLE,
598 DesiredAccess: ACCESS_MASK,
599 ObjectAttributes: POBJECT_ATTRIBUTES,
600 ) -> NTSTATUS;
601 fn ZwCreateJobSet(
602 NumJob: ULONG,
603 UserJobSet: PJOB_SET_ARRAY,
604 Flags: ULONG,
605 ) -> NTSTATUS;
606 fn ZwCreateKey(
607 KeyHandle: PHANDLE,
608 DesiredAccess: ACCESS_MASK,
609 ObjectAttributes: POBJECT_ATTRIBUTES,
610 TitleIndex: ULONG,
611 Class: PUNICODE_STRING,
612 CreateOptions: ULONG,
613 Disposition: PULONG,
614 ) -> NTSTATUS;
615 fn ZwCreateKeyTransacted(
616 KeyHandle: PHANDLE,
617 DesiredAccess: ACCESS_MASK,
618 ObjectAttributes: POBJECT_ATTRIBUTES,
619 TitleIndex: ULONG,
620 Class: PUNICODE_STRING,
621 CreateOptions: ULONG,
622 TransactionHandle: HANDLE,
623 Disposition: PULONG,
624 ) -> NTSTATUS;
625 fn ZwCreateKeyedEvent(
626 KeyedEventHandle: PHANDLE,
627 DesiredAccess: ACCESS_MASK,
628 ObjectAttributes: POBJECT_ATTRIBUTES,
629 Flags: ULONG,
630 ) -> NTSTATUS;
631 fn ZwCreateLowBoxToken(
632 TokenHandle: PHANDLE,
633 ExistingTokenHandle: HANDLE,
634 DesiredAccess: ACCESS_MASK,
635 ObjectAttributes: POBJECT_ATTRIBUTES,
636 PackageSid: PSID,
637 CapabilityCount: ULONG,
638 Capabilities: PSID_AND_ATTRIBUTES,
639 HandleCount: ULONG,
640 Handles: *mut HANDLE,
641 ) -> NTSTATUS;
642 fn ZwCreateMailslotFile(
643 FileHandle: PHANDLE,
644 DesiredAccess: ULONG,
645 ObjectAttributes: POBJECT_ATTRIBUTES,
646 IoStatusBlock: PIO_STATUS_BLOCK,
647 CreateOptions: ULONG,
648 MailslotQuota: ULONG,
649 MaximumMessageSize: ULONG,
650 ReadTimeout: PLARGE_INTEGER,
651 ) -> NTSTATUS;
652 fn ZwCreateMutant(
653 MutantHandle: PHANDLE,
654 DesiredAccess: ACCESS_MASK,
655 ObjectAttributes: POBJECT_ATTRIBUTES,
656 InitialOwner: BOOLEAN,
657 ) -> NTSTATUS;
658 fn ZwCreateNamedPipeFile(
659 FileHandle: PHANDLE,
660 DesiredAccess: ULONG,
661 ObjectAttributes: POBJECT_ATTRIBUTES,
662 IoStatusBlock: PIO_STATUS_BLOCK,
663 ShareAccess: ULONG,
664 CreateDisposition: ULONG,
665 CreateOptions: ULONG,
666 NamedPipeType: ULONG,
667 ReadMode: ULONG,
668 CompletionMode: ULONG,
669 MaximumInstances: ULONG,
670 InboundQuota: ULONG,
671 OutboundQuota: ULONG,
672 DefaultTimeout: PLARGE_INTEGER,
673 ) -> NTSTATUS;
674 fn ZwCreatePagingFile(
675 PageFileName: PUNICODE_STRING,
676 MinimumSize: PLARGE_INTEGER,
677 MaximumSize: PLARGE_INTEGER,
678 Priority: ULONG,
679 ) -> NTSTATUS;
680 fn ZwCreatePartition(
681 PartitionHandle: PHANDLE,
682 DesiredAccess: ACCESS_MASK,
683 ObjectAttributes: POBJECT_ATTRIBUTES,
684 PreferredNode: ULONG,
685 ) -> NTSTATUS;
686 fn ZwCreatePort(
687 PortHandle: PHANDLE,
688 ObjectAttributes: POBJECT_ATTRIBUTES,
689 MaxConnectionInfoLength: ULONG,
690 MaxMessageLength: ULONG,
691 MaxPoolUsage: ULONG,
692 ) -> NTSTATUS;
693 fn ZwCreatePrivateNamespace(
694 NamespaceHandle: PHANDLE,
695 DesiredAccess: ACCESS_MASK,
696 ObjectAttributes: POBJECT_ATTRIBUTES,
697 BoundaryDescriptor: PVOID,
698 ) -> NTSTATUS;
699 fn ZwCreateProcess(
700 ProcessHandle: PHANDLE,
701 DesiredAccess: ACCESS_MASK,
702 ObjectAttributes: POBJECT_ATTRIBUTES,
703 ParentProcess: HANDLE,
704 InheritObjectTable: BOOLEAN,
705 SectionHandle: HANDLE,
706 DebugPort: HANDLE,
707 ExceptionPort: HANDLE,
708 ) -> NTSTATUS;
709 fn ZwCreateProcessEx(
710 ProcessHandle: PHANDLE,
711 DesiredAccess: ACCESS_MASK,
712 ObjectAttributes: POBJECT_ATTRIBUTES,
713 ParentProcess: HANDLE,
714 Flags: ULONG,
715 SectionHandle: HANDLE,
716 DebugPort: HANDLE,
717 ExceptionPort: HANDLE,
718 JobMemberLevel: ULONG,
719 ) -> NTSTATUS;
720 fn ZwCreateProfile(
721 ProfileHandle: PHANDLE,
722 Process: HANDLE,
723 ProfileBase: PVOID,
724 ProfileSize: SIZE_T,
725 BucketSize: ULONG,
726 Buffer: PULONG,
727 BufferSize: ULONG,
728 ProfileSource: KPROFILE_SOURCE,
729 Affinity: KAFFINITY,
730 ) -> NTSTATUS;
731 fn ZwCreateProfileEx(
732 ProfileHandle: PHANDLE,
733 Process: HANDLE,
734 ProfileBase: PVOID,
735 ProfileSize: SIZE_T,
736 BucketSize: ULONG,
737 Buffer: PULONG,
738 BufferSize: ULONG,
739 ProfileSource: KPROFILE_SOURCE,
740 GroupCount: USHORT,
741 GroupAffinity: PGROUP_AFFINITY,
742 ) -> NTSTATUS;
743 fn ZwCreateResourceManager(
744 ResourceManagerHandle: PHANDLE,
745 DesiredAccess: ACCESS_MASK,
746 TmHandle: HANDLE,
747 ResourceManagerGuid: LPGUID,
748 ObjectAttributes: POBJECT_ATTRIBUTES,
749 CreateOptions: ULONG,
750 Description: PUNICODE_STRING,
751 ) -> NTSTATUS;
752 fn ZwCreateSection(
753 SectionHandle: PHANDLE,
754 DesiredAccess: ACCESS_MASK,
755 ObjectAttributes: POBJECT_ATTRIBUTES,
756 MaximumSize: PLARGE_INTEGER,
757 SectionPageProtection: ULONG,
758 AllocationAttributes: ULONG,
759 FileHandle: HANDLE,
760 ) -> NTSTATUS;
761 fn ZwCreateSemaphore(
762 SemaphoreHandle: PHANDLE,
763 DesiredAccess: ACCESS_MASK,
764 ObjectAttributes: POBJECT_ATTRIBUTES,
765 InitialCount: LONG,
766 MaximumCount: LONG,
767 ) -> NTSTATUS;
768 fn ZwCreateSymbolicLinkObject(
769 LinkHandle: PHANDLE,
770 DesiredAccess: ACCESS_MASK,
771 ObjectAttributes: POBJECT_ATTRIBUTES,
772 LinkTarget: PUNICODE_STRING,
773 ) -> NTSTATUS;
774 fn ZwCreateThread(
775 ThreadHandle: PHANDLE,
776 DesiredAccess: ACCESS_MASK,
777 ObjectAttributes: POBJECT_ATTRIBUTES,
778 ProcessHandle: HANDLE,
779 ClientId: PCLIENT_ID,
780 ThreadContext: PCONTEXT,
781 InitialTeb: PINITIAL_TEB,
782 CreateSuspended: BOOLEAN,
783 ) -> NTSTATUS;
784 fn ZwCreateThreadEx(
785 ThreadHandle: PHANDLE,
786 DesiredAccess: ACCESS_MASK,
787 ObjectAttributes: POBJECT_ATTRIBUTES,
788 ProcessHandle: HANDLE,
789 StartRoutine: PVOID,
790 Argument: PVOID,
791 CreateFlags: ULONG,
792 ZeroBits: SIZE_T,
793 StackSize: SIZE_T,
794 MaximumStackSize: SIZE_T,
795 AttributeList: PPS_ATTRIBUTE_LIST,
796 ) -> NTSTATUS;
797 fn ZwCreateTimer(
798 TimerHandle: PHANDLE,
799 DesiredAccess: ACCESS_MASK,
800 ObjectAttributes: POBJECT_ATTRIBUTES,
801 TimerType: TIMER_TYPE,
802 ) -> NTSTATUS;
803 fn ZwCreateTimer2(
804 TimerHandle: PHANDLE,
805 Reserved1: PVOID,
806 Reserved2: PVOID,
807 Attributes: ULONG,
808 DesiredAccess: ACCESS_MASK,
809 ) -> NTSTATUS;
810 fn ZwCreateToken(
811 TokenHandle: PHANDLE,
812 DesiredAccess: ACCESS_MASK,
813 ObjectAttributes: POBJECT_ATTRIBUTES,
814 TokenType: TOKEN_TYPE,
815 AuthenticationId: PLUID,
816 ExpirationTime: PLARGE_INTEGER,
817 User: PTOKEN_USER,
818 Groups: PTOKEN_GROUPS,
819 Privileges: PTOKEN_PRIVILEGES,
820 Owner: PTOKEN_OWNER,
821 PrimaryGroup: PTOKEN_PRIMARY_GROUP,
822 DefaultDacl: PTOKEN_DEFAULT_DACL,
823 TokenSource: PTOKEN_SOURCE,
824 ) -> NTSTATUS;
825 fn ZwCreateTokenEx(
826 TokenHandle: PHANDLE,
827 DesiredAccess: ACCESS_MASK,
828 ObjectAttributes: POBJECT_ATTRIBUTES,
829 TokenType: TOKEN_TYPE,
830 AuthenticationId: PLUID,
831 ExpirationTime: PLARGE_INTEGER,
832 User: PTOKEN_USER,
833 Groups: PTOKEN_GROUPS,
834 Privileges: PTOKEN_PRIVILEGES,
835 UserAttributes: PTOKEN_SECURITY_ATTRIBUTES_INFORMATION,
836 DeviceAttributes: PTOKEN_SECURITY_ATTRIBUTES_INFORMATION,
837 DeviceGroups: PTOKEN_GROUPS,
838 TokenMandatoryPolicy: PTOKEN_MANDATORY_POLICY,
839 Owner: PTOKEN_OWNER,
840 PrimaryGroup: PTOKEN_PRIMARY_GROUP,
841 DefaultDacl: PTOKEN_DEFAULT_DACL,
842 TokenSource: PTOKEN_SOURCE,
843 ) -> NTSTATUS;
844 fn ZwCreateTransaction(
845 TransactionHandle: PHANDLE,
846 DesiredAccess: ACCESS_MASK,
847 ObjectAttributes: POBJECT_ATTRIBUTES,
848 Uow: LPGUID,
849 TmHandle: HANDLE,
850 CreateOptions: ULONG,
851 IsolationLevel: ULONG,
852 IsolationFlags: ULONG,
853 Timeout: PLARGE_INTEGER,
854 Description: PUNICODE_STRING,
855 ) -> NTSTATUS;
856 fn ZwCreateTransactionManager(
857 TmHandle: PHANDLE,
858 DesiredAccess: ACCESS_MASK,
859 ObjectAttributes: POBJECT_ATTRIBUTES,
860 LogFileName: PUNICODE_STRING,
861 CreateOptions: ULONG,
862 CommitStrength: ULONG,
863 ) -> NTSTATUS;
864 fn ZwCreateUserProcess(
865 ProcessHandle: PHANDLE,
866 ThreadHandle: PHANDLE,
867 ProcessDesiredAccess: ACCESS_MASK,
868 ThreadDesiredAccess: ACCESS_MASK,
869 ProcessObjectAttributes: POBJECT_ATTRIBUTES,
870 ThreadObjectAttributes: POBJECT_ATTRIBUTES,
871 ProcessFlags: ULONG,
872 ThreadFlags: ULONG,
873 ProcessParameters: PVOID,
874 CreateInfo: PPS_CREATE_INFO,
875 AttributeList: PPS_ATTRIBUTE_LIST,
876 ) -> NTSTATUS;
877 fn ZwCreateWaitCompletionPacket(
878 WaitCompletionPacketHandle: PHANDLE,
879 DesiredAccess: ACCESS_MASK,
880 ObjectAttributes: POBJECT_ATTRIBUTES,
881 ) -> NTSTATUS;
882 fn ZwCreateWaitablePort(
883 PortHandle: PHANDLE,
884 ObjectAttributes: POBJECT_ATTRIBUTES,
885 MaxConnectionInfoLength: ULONG,
886 MaxMessageLength: ULONG,
887 MaxPoolUsage: ULONG,
888 ) -> NTSTATUS;
889 fn ZwCreateWnfStateName(
890 StateName: PWNF_STATE_NAME,
891 NameLifetime: WNF_STATE_NAME_LIFETIME,
892 DataScope: WNF_DATA_SCOPE,
893 PersistData: BOOLEAN,
894 TypeId: PCWNF_TYPE_ID,
895 MaximumStateSize: ULONG,
896 SecurityDescriptor: PSECURITY_DESCRIPTOR,
897 ) -> NTSTATUS;
898 fn ZwCreateWorkerFactory(
899 WorkerFactoryHandleReturn: PHANDLE,
900 DesiredAccess: ACCESS_MASK,
901 ObjectAttributes: POBJECT_ATTRIBUTES,
902 CompletionPortHandle: HANDLE,
903 WorkerProcessHandle: HANDLE,
904 StartRoutine: PVOID,
905 StartParameter: PVOID,
906 MaxThreadCount: ULONG,
907 StackReserve: SIZE_T,
908 StackCommit: SIZE_T,
909 ) -> NTSTATUS;
910 fn ZwDebugActiveProcess(
911 ProcessHandle: HANDLE,
912 DebugObjectHandle: HANDLE,
913 ) -> NTSTATUS;
914 fn ZwDebugContinue(
915 DebugObjectHandle: HANDLE,
916 ClientId: PCLIENT_ID,
917 ContinueStatus: NTSTATUS,
918 ) -> NTSTATUS;
919 fn ZwDelayExecution(
920 Alertable: BOOLEAN,
921 DelayInterval: PLARGE_INTEGER,
922 ) -> NTSTATUS;
923 fn ZwDeleteAtom(
924 Atom: RTL_ATOM,
925 ) -> NTSTATUS;
926 fn ZwDeleteBootEntry(
927 Id: ULONG,
928 ) -> NTSTATUS;
929 fn ZwDeleteDriverEntry(
930 Id: ULONG,
931 ) -> NTSTATUS;
932 fn ZwDeleteFile(
933 ObjectAttributes: POBJECT_ATTRIBUTES,
934 ) -> NTSTATUS;
935 fn ZwDeleteKey(
936 KeyHandle: HANDLE,
937 ) -> NTSTATUS;
938 fn ZwDeleteObjectAuditAlarm(
939 SubsystemName: PUNICODE_STRING,
940 HandleId: PVOID,
941 GenerateOnClose: BOOLEAN,
942 ) -> NTSTATUS;
943 fn ZwDeletePrivateNamespace(
944 NamespaceHandle: HANDLE,
945 ) -> NTSTATUS;
946 fn ZwDeleteValueKey(
947 KeyHandle: HANDLE,
948 ValueName: PUNICODE_STRING,
949 ) -> NTSTATUS;
950 fn ZwDeleteWnfStateData(
951 StateName: PCWNF_STATE_NAME,
952 ExplicitScope: *const VOID,
953 ) -> NTSTATUS;
954 fn ZwDeleteWnfStateName(
955 StateName: PCWNF_STATE_NAME,
956 ) -> NTSTATUS;
957 fn ZwDeviceIoControlFile(
958 FileHandle: HANDLE,
959 Event: HANDLE,
960 ApcRoutine: PIO_APC_ROUTINE,
961 ApcContext: PVOID,
962 IoStatusBlock: PIO_STATUS_BLOCK,
963 IoControlCode: ULONG,
964 InputBuffer: PVOID,
965 InputBufferLength: ULONG,
966 OutputBuffer: PVOID,
967 OutputBufferLength: ULONG,
968 ) -> NTSTATUS;
969 fn ZwDisableLastKnownGood() -> NTSTATUS;
970 fn ZwDisplayString(
971 String: PUNICODE_STRING,
972 ) -> NTSTATUS;
973 fn ZwDrawText(
974 String: PUNICODE_STRING,
975 ) -> NTSTATUS;
976 fn ZwDuplicateObject(
977 SourceProcessHandle: HANDLE,
978 SourceHandle: HANDLE,
979 TargetProcessHandle: HANDLE,
980 TargetHandle: PHANDLE,
981 DesiredAccess: ACCESS_MASK,
982 HandleAttributes: ULONG,
983 Options: ULONG,
984 ) -> NTSTATUS;
985 fn ZwDuplicateToken(
986 ExistingTokenHandle: HANDLE,
987 DesiredAccess: ACCESS_MASK,
988 ObjectAttributes: POBJECT_ATTRIBUTES,
989 EffectiveOnly: BOOLEAN,
990 TokenType: TOKEN_TYPE,
991 NewTokenHandle: PHANDLE,
992 ) -> NTSTATUS;
993 fn ZwEnableLastKnownGood() -> NTSTATUS;
994 fn ZwEnumerateBootEntries(
995 Buffer: PVOID,
996 BufferLength: PULONG,
997 ) -> NTSTATUS;
998 fn ZwEnumerateDriverEntries(
999 Buffer: PVOID,
1000 BufferLength: PULONG,
1001 ) -> NTSTATUS;
1002 fn ZwEnumerateKey(
1003 KeyHandle: HANDLE,
1004 Index: ULONG,
1005 KeyInformationClass: KEY_INFORMATION_CLASS,
1006 KeyInformation: PVOID,
1007 Length: ULONG,
1008 ResultLength: PULONG,
1009 ) -> NTSTATUS;
1010 fn ZwEnumerateSystemEnvironmentValuesEx(
1011 InformationClass: ULONG,
1012 Buffer: PVOID,
1013 BufferLength: PULONG,
1014 ) -> NTSTATUS;
1015 fn ZwEnumerateTransactionObject(
1016 RootObjectHandle: HANDLE,
1017 QueryType: KTMOBJECT_TYPE,
1018 ObjectCursor: PKTMOBJECT_CURSOR,
1019 ObjectCursorLength: ULONG,
1020 ReturnLength: PULONG,
1021 ) -> NTSTATUS;
1022 fn ZwEnumerateValueKey(
1023 KeyHandle: HANDLE,
1024 Index: ULONG,
1025 KeyValueInformationClass: KEY_VALUE_INFORMATION_CLASS,
1026 KeyValueInformation: PVOID,
1027 Length: ULONG,
1028 ResultLength: PULONG,
1029 ) -> NTSTATUS;
1030 fn ZwExtendSection(
1031 SectionHandle: HANDLE,
1032 NewSectionSize: PLARGE_INTEGER,
1033 ) -> NTSTATUS;
1034 fn ZwFilterToken(
1035 ExistingTokenHandle: HANDLE,
1036 Flags: ULONG,
1037 SidsToDisable: PTOKEN_GROUPS,
1038 PrivilegesToDelete: PTOKEN_PRIVILEGES,
1039 RestrictedSids: PTOKEN_GROUPS,
1040 NewTokenHandle: PHANDLE,
1041 ) -> NTSTATUS;
1042 fn ZwFilterTokenEx(
1043 ExistingTokenHandle: HANDLE,
1044 Flags: ULONG,
1045 SidsToDisable: PTOKEN_GROUPS,
1046 PrivilegesToDelete: PTOKEN_PRIVILEGES,
1047 RestrictedSids: PTOKEN_GROUPS,
1048 DisableUserClaimsCount: ULONG,
1049 UserClaimsToDisable: PUNICODE_STRING,
1050 DisableDeviceClaimsCount: ULONG,
1051 DeviceClaimsToDisable: PUNICODE_STRING,
1052 DeviceGroupsToDisable: PTOKEN_GROUPS,
1053 RestrictedUserAttributes: PTOKEN_SECURITY_ATTRIBUTES_INFORMATION,
1054 RestrictedDeviceAttributes: PTOKEN_SECURITY_ATTRIBUTES_INFORMATION,
1055 RestrictedDeviceGroups: PTOKEN_GROUPS,
1056 NewTokenHandle: PHANDLE,
1057 ) -> NTSTATUS;
1058 fn ZwFindAtom(
1059 AtomName: PWSTR,
1060 Length: ULONG,
1061 Atom: PRTL_ATOM,
1062 ) -> NTSTATUS;
1063 fn ZwFlushBuffersFile(
1064 FileHandle: HANDLE,
1065 IoStatusBlock: PIO_STATUS_BLOCK,
1066 ) -> NTSTATUS;
1067 fn ZwFlushBuffersFileEx(
1068 FileHandle: HANDLE,
1069 Flags: ULONG,
1070 Parameters: PVOID,
1071 ParametersSize: ULONG,
1072 IoStatusBlock: PIO_STATUS_BLOCK,
1073 ) -> NTSTATUS;
1074 fn ZwFlushInstallUILanguage(
1075 InstallUILanguage: LANGID,
1076 SetComittedFlag: ULONG,
1077 ) -> NTSTATUS;
1078 fn ZwFlushInstructionCache(
1079 ProcessHandle: HANDLE,
1080 BaseAddress: PVOID,
1081 Length: SIZE_T,
1082 ) -> NTSTATUS;
1083 fn ZwFlushKey(
1084 KeyHandle: HANDLE,
1085 ) -> NTSTATUS;
1086 fn ZwFlushProcessWriteBuffers();
1087 fn ZwFlushWriteBuffer() -> NTSTATUS;
1088 fn ZwFreeUserPhysicalPages(
1089 ProcessHandle: HANDLE,
1090 NumberOfPages: PULONG_PTR,
1091 UserPfnArray: PULONG_PTR,
1092 ) -> NTSTATUS;
1093 fn ZwFreeVirtualMemory(
1094 ProcessHandle: HANDLE,
1095 BaseAddress: *mut PVOID,
1096 RegionSize: PSIZE_T,
1097 FreeType: ULONG,
1098 ) -> NTSTATUS;
1099 fn ZwFreezeRegistry(
1100 TimeOutInSeconds: ULONG,
1101 ) -> NTSTATUS;
1102 fn ZwFreezeTransactions(
1103 FreezeTimeout: PLARGE_INTEGER,
1104 ThawTimeout: PLARGE_INTEGER,
1105 ) -> NTSTATUS;
1106 fn ZwFsControlFile(
1107 FileHandle: HANDLE,
1108 Event: HANDLE,
1109 ApcRoutine: PIO_APC_ROUTINE,
1110 ApcContext: PVOID,
1111 IoStatusBlock: PIO_STATUS_BLOCK,
1112 FsControlCode: ULONG,
1113 InputBuffer: PVOID,
1114 InputBufferLength: ULONG,
1115 OutputBuffer: PVOID,
1116 OutputBufferLength: ULONG,
1117 ) -> NTSTATUS;
1118 fn ZwGetCachedSigningLevel(
1119 File: HANDLE,
1120 Flags: PULONG,
1121 SigningLevel: PSE_SIGNING_LEVEL,
1122 Thumbprint: PUCHAR,
1123 ThumbprintSize: PULONG,
1124 ThumbprintAlgorithm: PULONG,
1125 ) -> NTSTATUS;
1126 fn ZwGetCompleteWnfStateSubscription(
1127 OldDescriptorStateName: PWNF_STATE_NAME,
1128 OldSubscriptionId: *mut ULONG64,
1129 OldDescriptorEventMask: ULONG,
1130 OldDescriptorStatus: ULONG,
1131 NewDeliveryDescriptor: PWNF_DELIVERY_DESCRIPTOR,
1132 DescriptorSize: ULONG,
1133 ) -> NTSTATUS;
1134 fn ZwGetContextThread(
1135 ThreadHandle: HANDLE,
1136 ThreadContext: PCONTEXT,
1137 ) -> NTSTATUS;
1138 fn ZwGetCurrentProcessorNumber() -> ULONG;
1139 fn ZwGetDevicePowerState(
1140 Device: HANDLE,
1141 State: PDEVICE_POWER_STATE,
1142 ) -> NTSTATUS;
1143 fn ZwGetMUIRegistryInfo(
1144 Flags: ULONG,
1145 DataSize: PULONG,
1146 Data: PVOID,
1147 ) -> NTSTATUS;
1148 fn ZwGetNextProcess(
1149 ProcessHandle: HANDLE,
1150 DesiredAccess: ACCESS_MASK,
1151 HandleAttributes: ULONG,
1152 Flags: ULONG,
1153 NewProcessHandle: PHANDLE,
1154 ) -> NTSTATUS;
1155 fn ZwGetNextThread(
1156 ProcessHandle: HANDLE,
1157 ThreadHandle: HANDLE,
1158 DesiredAccess: ACCESS_MASK,
1159 HandleAttributes: ULONG,
1160 Flags: ULONG,
1161 NewThreadHandle: PHANDLE,
1162 ) -> NTSTATUS;
1163 fn ZwGetNlsSectionPtr(
1164 SectionType: ULONG,
1165 SectionData: ULONG,
1166 ContextData: PVOID,
1167 SectionPointer: *mut PVOID,
1168 SectionSize: PULONG,
1169 ) -> NTSTATUS;
1170 fn ZwGetNotificationResourceManager(
1171 ResourceManagerHandle: HANDLE,
1172 TransactionNotification: PTRANSACTION_NOTIFICATION,
1173 NotificationLength: ULONG,
1174 Timeout: PLARGE_INTEGER,
1175 ReturnLength: PULONG,
1176 Asynchronous: ULONG,
1177 AsynchronousContext: ULONG_PTR,
1178 ) -> NTSTATUS;
1179 fn ZwGetPlugPlayEvent(
1180 EventHandle: HANDLE,
1181 Context: PVOID,
1182 EventBlock: PPLUGPLAY_EVENT_BLOCK,
1183 EventBufferSize: ULONG,
1184 ) -> NTSTATUS;
1185 fn ZwGetWriteWatch(
1186 ProcessHandle: HANDLE,
1187 Flags: ULONG,
1188 BaseAddress: PVOID,
1189 RegionSize: SIZE_T,
1190 UserAddressArray: *mut PVOID,
1191 EntriesInUserAddressArray: PULONG_PTR,
1192 Granularity: PULONG,
1193 ) -> NTSTATUS;
1194 fn ZwImpersonateAnonymousToken(
1195 ThreadHandle: HANDLE,
1196 ) -> NTSTATUS;
1197 fn ZwImpersonateClientOfPort(
1198 PortHandle: HANDLE,
1199 Message: PPORT_MESSAGE,
1200 ) -> NTSTATUS;
1201 fn ZwImpersonateThread(
1202 ServerThreadHandle: HANDLE,
1203 ClientThreadHandle: HANDLE,
1204 SecurityQos: PSECURITY_QUALITY_OF_SERVICE,
1205 ) -> NTSTATUS;
1206 fn ZwInitializeNlsFiles(
1207 BaseAddress: *mut PVOID,
1208 DefaultLocaleId: PLCID,
1209 DefaultCasingTableSize: PLARGE_INTEGER,
1210 ) -> NTSTATUS;
1211 fn ZwInitializeRegistry(
1212 BootCondition: USHORT,
1213 ) -> NTSTATUS;
1214 fn ZwInitiatePowerAction(
1215 SystemAction: POWER_ACTION,
1216 LightestSystemState: SYSTEM_POWER_STATE,
1217 Flags: ULONG,
1218 Asynchronous: BOOLEAN,
1219 ) -> NTSTATUS;
1220 fn ZwIsProcessInJob(
1221 ProcessHandle: HANDLE,
1222 JobHandle: HANDLE,
1223 ) -> NTSTATUS;
1224 fn ZwIsSystemResumeAutomatic() -> BOOLEAN;
1225 fn ZwIsUILanguageComitted() -> NTSTATUS;
1226 fn ZwListenPort(
1227 PortHandle: HANDLE,
1228 ConnectionRequest: PPORT_MESSAGE,
1229 ) -> NTSTATUS;
1230 fn ZwLoadDriver(
1231 DriverServiceName: PUNICODE_STRING,
1232 ) -> NTSTATUS;
1233 fn ZwLoadKey(
1234 TargetKey: POBJECT_ATTRIBUTES,
1235 SourceFile: POBJECT_ATTRIBUTES,
1236 ) -> NTSTATUS;
1237 fn ZwLoadKey2(
1238 TargetKey: POBJECT_ATTRIBUTES,
1239 SourceFile: POBJECT_ATTRIBUTES,
1240 Flags: ULONG,
1241 ) -> NTSTATUS;
1242 fn ZwLoadKeyEx(
1243 TargetKey: POBJECT_ATTRIBUTES,
1244 SourceFile: POBJECT_ATTRIBUTES,
1245 Flags: ULONG,
1246 TrustClassKey: HANDLE,
1247 Event: HANDLE,
1248 DesiredAccess: ACCESS_MASK,
1249 RootHandle: PHANDLE,
1250 IoStatus: PIO_STATUS_BLOCK,
1251 ) -> NTSTATUS;
1252 fn ZwLockFile(
1253 FileHandle: HANDLE,
1254 Event: HANDLE,
1255 ApcRoutine: PIO_APC_ROUTINE,
1256 ApcContext: PVOID,
1257 IoStatusBlock: PIO_STATUS_BLOCK,
1258 ByteOffset: PLARGE_INTEGER,
1259 Length: PLARGE_INTEGER,
1260 Key: ULONG,
1261 FailImmediately: BOOLEAN,
1262 ExclusiveLock: BOOLEAN,
1263 ) -> NTSTATUS;
1264 fn ZwLockProductActivationKeys(
1265 pPrivateVer: *mut ULONG,
1266 pSafeMode: *mut ULONG,
1267 ) -> NTSTATUS;
1268 fn ZwLockRegistryKey(
1269 KeyHandle: HANDLE,
1270 ) -> NTSTATUS;
1271 fn ZwLockVirtualMemory(
1272 ProcessHandle: HANDLE,
1273 BaseAddress: *mut PVOID,
1274 RegionSize: PSIZE_T,
1275 MapType: ULONG,
1276 ) -> NTSTATUS;
1277 fn ZwMakePermanentObject(
1278 Handle: HANDLE,
1279 ) -> NTSTATUS;
1280 fn ZwMakeTemporaryObject(
1281 Handle: HANDLE,
1282 ) -> NTSTATUS;
1283 fn ZwManagePartition(
1284 PartitionInformationClass: MEMORY_PARTITION_INFORMATION_CLASS,
1285 PartitionInformation: PVOID,
1286 PartitionInformationLength: ULONG,
1287 ) -> NTSTATUS;
1288 fn ZwMapCMFModule(
1289 What: ULONG,
1290 Index: ULONG,
1291 CacheIndexOut: PULONG,
1292 CacheFlagsOut: PULONG,
1293 ViewSizeOut: PULONG,
1294 BaseAddress: *mut PVOID,
1295 ) -> NTSTATUS;
1296 fn ZwMapUserPhysicalPages(
1297 VirtualAddress: PVOID,
1298 NumberOfPages: ULONG_PTR,
1299 UserPfnArray: PULONG_PTR,
1300 ) -> NTSTATUS;
1301 fn ZwMapUserPhysicalPagesScatter(
1302 VirtualAddresses: *mut PVOID,
1303 NumberOfPages: ULONG_PTR,
1304 UserPfnArray: PULONG_PTR,
1305 ) -> NTSTATUS;
1306 fn ZwMapViewOfSection(
1307 SectionHandle: HANDLE,
1308 ProcessHandle: HANDLE,
1309 BaseAddress: *mut PVOID,
1310 ZeroBits: ULONG_PTR,
1311 CommitSize: SIZE_T,
1312 SectionOffset: PLARGE_INTEGER,
1313 ViewSize: PSIZE_T,
1314 InheritDisposition: SECTION_INHERIT,
1315 AllocationType: ULONG,
1316 Win32Protect: ULONG,
1317 ) -> NTSTATUS;
1318 fn ZwModifyBootEntry(
1319 BootEntry: PBOOT_ENTRY,
1320 ) -> NTSTATUS;
1321 fn ZwModifyDriverEntry(
1322 DriverEntry: PEFI_DRIVER_ENTRY,
1323 ) -> NTSTATUS;
1324 fn ZwNotifyChangeDirectoryFile(
1325 FileHandle: HANDLE,
1326 Event: HANDLE,
1327 ApcRoutine: PIO_APC_ROUTINE,
1328 ApcContext: PVOID,
1329 IoStatusBlock: PIO_STATUS_BLOCK,
1330 Buffer: PVOID,
1331 Length: ULONG,
1332 CompletionFilter: ULONG,
1333 WatchTree: BOOLEAN,
1334 ) -> NTSTATUS;
1335 fn ZwNotifyChangeKey(
1336 KeyHandle: HANDLE,
1337 Event: HANDLE,
1338 ApcRoutine: PIO_APC_ROUTINE,
1339 ApcContext: PVOID,
1340 IoStatusBlock: PIO_STATUS_BLOCK,
1341 CompletionFilter: ULONG,
1342 WatchTree: BOOLEAN,
1343 Buffer: PVOID,
1344 BufferSize: ULONG,
1345 Asynchronous: BOOLEAN,
1346 ) -> NTSTATUS;
1347 fn ZwNotifyChangeMultipleKeys(
1348 MasterKeyHandle: HANDLE,
1349 Count: ULONG,
1350 SubordinateObjects: *mut OBJECT_ATTRIBUTES,
1351 Event: HANDLE,
1352 ApcRoutine: PIO_APC_ROUTINE,
1353 ApcContext: PVOID,
1354 IoStatusBlock: PIO_STATUS_BLOCK,
1355 CompletionFilter: ULONG,
1356 WatchTree: BOOLEAN,
1357 Buffer: PVOID,
1358 BufferSize: ULONG,
1359 Asynchronous: BOOLEAN,
1360 ) -> NTSTATUS;
1361 fn ZwNotifyChangeSession(
1362 SessionHandle: HANDLE,
1363 ChangeSequenceNumber: ULONG,
1364 ChangeTimeStamp: PLARGE_INTEGER,
1365 Event: IO_SESSION_EVENT,
1366 NewState: IO_SESSION_STATE,
1367 PreviousState: IO_SESSION_STATE,
1368 Payload: PVOID,
1369 PayloadSize: ULONG,
1370 ) -> NTSTATUS;
1371 fn ZwOpenDirectoryObject(
1372 DirectoryHandle: PHANDLE,
1373 DesiredAccess: ACCESS_MASK,
1374 ObjectAttributes: POBJECT_ATTRIBUTES,
1375 ) -> NTSTATUS;
1376 fn ZwOpenEnlistment(
1377 EnlistmentHandle: PHANDLE,
1378 DesiredAccess: ACCESS_MASK,
1379 RmHandle: HANDLE,
1380 EnlistmentGuid: LPGUID,
1381 ObjectAttributes: POBJECT_ATTRIBUTES,
1382 ) -> NTSTATUS;
1383 fn ZwOpenEvent(
1384 EventHandle: PHANDLE,
1385 DesiredAccess: ACCESS_MASK,
1386 ObjectAttributes: POBJECT_ATTRIBUTES,
1387 ) -> NTSTATUS;
1388 fn ZwOpenEventPair(
1389 EventPairHandle: PHANDLE,
1390 DesiredAccess: ACCESS_MASK,
1391 ObjectAttributes: POBJECT_ATTRIBUTES,
1392 ) -> NTSTATUS;
1393 fn ZwOpenFile(
1394 FileHandle: PHANDLE,
1395 DesiredAccess: ACCESS_MASK,
1396 ObjectAttributes: POBJECT_ATTRIBUTES,
1397 IoStatusBlock: PIO_STATUS_BLOCK,
1398 ShareAccess: ULONG,
1399 OpenOptions: ULONG,
1400 ) -> NTSTATUS;
1401 fn ZwOpenIoCompletion(
1402 IoCompletionHandle: PHANDLE,
1403 DesiredAccess: ACCESS_MASK,
1404 ObjectAttributes: POBJECT_ATTRIBUTES,
1405 ) -> NTSTATUS;
1406 fn ZwOpenJobObject(
1407 JobHandle: PHANDLE,
1408 DesiredAccess: ACCESS_MASK,
1409 ObjectAttributes: POBJECT_ATTRIBUTES,
1410 ) -> NTSTATUS;
1411 fn ZwOpenKey(
1412 KeyHandle: PHANDLE,
1413 DesiredAccess: ACCESS_MASK,
1414 ObjectAttributes: POBJECT_ATTRIBUTES,
1415 ) -> NTSTATUS;
1416 fn ZwOpenKeyEx(
1417 KeyHandle: PHANDLE,
1418 DesiredAccess: ACCESS_MASK,
1419 ObjectAttributes: POBJECT_ATTRIBUTES,
1420 OpenOptions: ULONG,
1421 ) -> NTSTATUS;
1422 fn ZwOpenKeyTransacted(
1423 KeyHandle: PHANDLE,
1424 DesiredAccess: ACCESS_MASK,
1425 ObjectAttributes: POBJECT_ATTRIBUTES,
1426 TransactionHandle: HANDLE,
1427 ) -> NTSTATUS;
1428 fn ZwOpenKeyTransactedEx(
1429 KeyHandle: PHANDLE,
1430 DesiredAccess: ACCESS_MASK,
1431 ObjectAttributes: POBJECT_ATTRIBUTES,
1432 OpenOptions: ULONG,
1433 TransactionHandle: HANDLE,
1434 ) -> NTSTATUS;
1435 fn ZwOpenKeyedEvent(
1436 KeyedEventHandle: PHANDLE,
1437 DesiredAccess: ACCESS_MASK,
1438 ObjectAttributes: POBJECT_ATTRIBUTES,
1439 ) -> NTSTATUS;
1440 fn ZwOpenMutant(
1441 MutantHandle: PHANDLE,
1442 DesiredAccess: ACCESS_MASK,
1443 ObjectAttributes: POBJECT_ATTRIBUTES,
1444 ) -> NTSTATUS;
1445 fn ZwOpenObjectAuditAlarm(
1446 SubsystemName: PUNICODE_STRING,
1447 HandleId: PVOID,
1448 ObjectTypeName: PUNICODE_STRING,
1449 ObjectName: PUNICODE_STRING,
1450 SecurityDescriptor: PSECURITY_DESCRIPTOR,
1451 ClientToken: HANDLE,
1452 DesiredAccess: ACCESS_MASK,
1453 GrantedAccess: ACCESS_MASK,
1454 Privileges: PPRIVILEGE_SET,
1455 ObjectCreation: BOOLEAN,
1456 AccessGranted: BOOLEAN,
1457 GenerateOnClose: PBOOLEAN,
1458 ) -> NTSTATUS;
1459 fn ZwOpenPartition(
1460 PartitionHandle: PHANDLE,
1461 DesiredAccess: ACCESS_MASK,
1462 ObjectAttributes: POBJECT_ATTRIBUTES,
1463 ) -> NTSTATUS;
1464 fn ZwOpenPrivateNamespace(
1465 NamespaceHandle: PHANDLE,
1466 DesiredAccess: ACCESS_MASK,
1467 ObjectAttributes: POBJECT_ATTRIBUTES,
1468 BoundaryDescriptor: PVOID,
1469 ) -> NTSTATUS;
1470 fn ZwOpenProcess(
1471 ProcessHandle: PHANDLE,
1472 DesiredAccess: ACCESS_MASK,
1473 ObjectAttributes: POBJECT_ATTRIBUTES,
1474 ClientId: PCLIENT_ID,
1475 ) -> NTSTATUS;
1476 fn ZwOpenProcessToken(
1477 ProcessHandle: HANDLE,
1478 DesiredAccess: ACCESS_MASK,
1479 TokenHandle: PHANDLE,
1480 ) -> NTSTATUS;
1481 fn ZwOpenProcessTokenEx(
1482 ProcessHandle: HANDLE,
1483 DesiredAccess: ACCESS_MASK,
1484 HandleAttributes: ULONG,
1485 TokenHandle: PHANDLE,
1486 ) -> NTSTATUS;
1487 fn ZwOpenResourceManager(
1488 ResourceManagerHandle: PHANDLE,
1489 DesiredAccess: ACCESS_MASK,
1490 TmHandle: HANDLE,
1491 ResourceManagerGuid: LPGUID,
1492 ObjectAttributes: POBJECT_ATTRIBUTES,
1493 ) -> NTSTATUS;
1494 fn ZwOpenSection(
1495 SectionHandle: PHANDLE,
1496 DesiredAccess: ACCESS_MASK,
1497 ObjectAttributes: POBJECT_ATTRIBUTES,
1498 ) -> NTSTATUS;
1499 fn ZwOpenSemaphore(
1500 SemaphoreHandle: PHANDLE,
1501 DesiredAccess: ACCESS_MASK,
1502 ObjectAttributes: POBJECT_ATTRIBUTES,
1503 ) -> NTSTATUS;
1504 fn ZwOpenSession(
1505 SessionHandle: PHANDLE,
1506 DesiredAccess: ACCESS_MASK,
1507 ObjectAttributes: POBJECT_ATTRIBUTES,
1508 ) -> NTSTATUS;
1509 fn ZwOpenSymbolicLinkObject(
1510 LinkHandle: PHANDLE,
1511 DesiredAccess: ACCESS_MASK,
1512 ObjectAttributes: POBJECT_ATTRIBUTES,
1513 ) -> NTSTATUS;
1514 fn ZwOpenThread(
1515 ThreadHandle: PHANDLE,
1516 DesiredAccess: ACCESS_MASK,
1517 ObjectAttributes: POBJECT_ATTRIBUTES,
1518 ClientId: PCLIENT_ID,
1519 ) -> NTSTATUS;
1520 fn ZwOpenThreadToken(
1521 ThreadHandle: HANDLE,
1522 DesiredAccess: ACCESS_MASK,
1523 OpenAsSelf: BOOLEAN,
1524 TokenHandle: PHANDLE,
1525 ) -> NTSTATUS;
1526 fn ZwOpenThreadTokenEx(
1527 ThreadHandle: HANDLE,
1528 DesiredAccess: ACCESS_MASK,
1529 OpenAsSelf: BOOLEAN,
1530 HandleAttributes: ULONG,
1531 TokenHandle: PHANDLE,
1532 ) -> NTSTATUS;
1533 fn ZwOpenTimer(
1534 TimerHandle: PHANDLE,
1535 DesiredAccess: ACCESS_MASK,
1536 ObjectAttributes: POBJECT_ATTRIBUTES,
1537 ) -> NTSTATUS;
1538 fn ZwOpenTransaction(
1539 TransactionHandle: PHANDLE,
1540 DesiredAccess: ACCESS_MASK,
1541 ObjectAttributes: POBJECT_ATTRIBUTES,
1542 Uow: LPGUID,
1543 TmHandle: HANDLE,
1544 ) -> NTSTATUS;
1545 fn ZwOpenTransactionManager(
1546 TmHandle: PHANDLE,
1547 DesiredAccess: ACCESS_MASK,
1548 ObjectAttributes: POBJECT_ATTRIBUTES,
1549 LogFileName: PUNICODE_STRING,
1550 TmIdentity: LPGUID,
1551 OpenOptions: ULONG,
1552 ) -> NTSTATUS;
1553 fn ZwPlugPlayControl(
1554 PnPControlClass: PLUGPLAY_CONTROL_CLASS,
1555 PnPControlData: PVOID,
1556 PnPControlDataLength: ULONG,
1557 ) -> NTSTATUS;
1558 fn ZwPowerInformation(
1559 InformationLevel: POWER_INFORMATION_LEVEL,
1560 InputBuffer: PVOID,
1561 InputBufferLength: ULONG,
1562 OutputBuffer: PVOID,
1563 OutputBufferLength: ULONG,
1564 ) -> NTSTATUS;
1565 fn ZwPrePrepareComplete(
1566 EnlistmentHandle: HANDLE,
1567 TmVirtualClock: PLARGE_INTEGER,
1568 ) -> NTSTATUS;
1569 fn ZwPrePrepareEnlistment(
1570 EnlistmentHandle: HANDLE,
1571 TmVirtualClock: PLARGE_INTEGER,
1572 ) -> NTSTATUS;
1573 fn ZwPrepareComplete(
1574 EnlistmentHandle: HANDLE,
1575 TmVirtualClock: PLARGE_INTEGER,
1576 ) -> NTSTATUS;
1577 fn ZwPrepareEnlistment(
1578 EnlistmentHandle: HANDLE,
1579 TmVirtualClock: PLARGE_INTEGER,
1580 ) -> NTSTATUS;
1581 fn ZwPrivilegeCheck(
1582 ClientToken: HANDLE,
1583 RequiredPrivileges: PPRIVILEGE_SET,
1584 Result: PBOOLEAN,
1585 ) -> NTSTATUS;
1586 fn ZwPrivilegeObjectAuditAlarm(
1587 SubsystemName: PUNICODE_STRING,
1588 HandleId: PVOID,
1589 ClientToken: HANDLE,
1590 DesiredAccess: ACCESS_MASK,
1591 Privileges: PPRIVILEGE_SET,
1592 AccessGranted: BOOLEAN,
1593 ) -> NTSTATUS;
1594 fn ZwPrivilegedServiceAuditAlarm(
1595 SubsystemName: PUNICODE_STRING,
1596 ServiceName: PUNICODE_STRING,
1597 ClientToken: HANDLE,
1598 Privileges: PPRIVILEGE_SET,
1599 AccessGranted: BOOLEAN,
1600 ) -> NTSTATUS;
1601 fn ZwPropagationComplete(
1602 ResourceManagerHandle: HANDLE,
1603 RequestCookie: ULONG,
1604 BufferLength: ULONG,
1605 Buffer: PVOID,
1606 ) -> NTSTATUS;
1607 fn ZwPropagationFailed(
1608 ResourceManagerHandle: HANDLE,
1609 RequestCookie: ULONG,
1610 PropStatus: NTSTATUS,
1611 ) -> NTSTATUS;
1612 fn ZwProtectVirtualMemory(
1613 ProcessHandle: HANDLE,
1614 BaseAddress: *mut PVOID,
1615 RegionSize: PSIZE_T,
1616 NewProtect: ULONG,
1617 OldProtect: PULONG,
1618 ) -> NTSTATUS;
1619 fn ZwPulseEvent(
1620 EventHandle: HANDLE,
1621 PreviousState: PLONG,
1622 ) -> NTSTATUS;
1623 fn ZwQueryAttributesFile(
1624 ObjectAttributes: POBJECT_ATTRIBUTES,
1625 FileInformation: PFILE_BASIC_INFORMATION,
1626 ) -> NTSTATUS;
1627 fn ZwQueryBootEntryOrder(
1628 Ids: PULONG,
1629 Count: PULONG,
1630 ) -> NTSTATUS;
1631 fn ZwQueryBootOptions(
1632 BootOptions: PBOOT_OPTIONS,
1633 BootOptionsLength: PULONG,
1634 ) -> NTSTATUS;
1635 fn ZwQueryDebugFilterState(
1636 ComponentId: ULONG,
1637 Level: ULONG,
1638 ) -> NTSTATUS;
1639 fn ZwQueryDefaultLocale(
1640 UserProfile: BOOLEAN,
1641 DefaultLocaleId: PLCID,
1642 ) -> NTSTATUS;
1643 fn ZwQueryDefaultUILanguage(
1644 DefaultUILanguageId: *mut LANGID,
1645 ) -> NTSTATUS;
1646 fn ZwQueryDirectoryFile(
1647 FileHandle: HANDLE,
1648 Event: HANDLE,
1649 ApcRoutine: PIO_APC_ROUTINE,
1650 ApcContext: PVOID,
1651 IoStatusBlock: PIO_STATUS_BLOCK,
1652 FileInformation: PVOID,
1653 Length: ULONG,
1654 FileInformationClass: FILE_INFORMATION_CLASS,
1655 ReturnSingleEntry: BOOLEAN,
1656 FileName: PUNICODE_STRING,
1657 RestartScan: BOOLEAN,
1658 ) -> NTSTATUS;
1659 fn ZwQueryDirectoryObject(
1660 DirectoryHandle: HANDLE,
1661 Buffer: PVOID,
1662 Length: ULONG,
1663 ReturnSingleEntry: BOOLEAN,
1664 RestartScan: BOOLEAN,
1665 Context: PULONG,
1666 ReturnLength: PULONG,
1667 ) -> NTSTATUS;
1668 fn ZwQueryDriverEntryOrder(
1669 Ids: PULONG,
1670 Count: PULONG,
1671 ) -> NTSTATUS;
1672 fn ZwQueryEaFile(
1673 FileHandle: HANDLE,
1674 IoStatusBlock: PIO_STATUS_BLOCK,
1675 Buffer: PVOID,
1676 Length: ULONG,
1677 ReturnSingleEntry: BOOLEAN,
1678 EaList: PVOID,
1679 EaListLength: ULONG,
1680 EaIndex: PULONG,
1681 RestartScan: BOOLEAN,
1682 ) -> NTSTATUS;
1683 fn ZwQueryEvent(
1684 EventHandle: HANDLE,
1685 EventInformationClass: EVENT_INFORMATION_CLASS,
1686 EventInformation: PVOID,
1687 EventInformationLength: ULONG,
1688 ReturnLength: PULONG,
1689 ) -> NTSTATUS;
1690 fn ZwQueryFullAttributesFile(
1691 ObjectAttributes: POBJECT_ATTRIBUTES,
1692 FileInformation: PFILE_NETWORK_OPEN_INFORMATION,
1693 ) -> NTSTATUS;
1694 fn ZwQueryInformationAtom(
1695 Atom: RTL_ATOM,
1696 AtomInformationClass: ATOM_INFORMATION_CLASS,
1697 AtomInformation: PVOID,
1698 AtomInformationLength: ULONG,
1699 ReturnLength: PULONG,
1700 ) -> NTSTATUS;
1701 fn ZwQueryInformationEnlistment(
1702 EnlistmentHandle: HANDLE,
1703 EnlistmentInformationClass: ENLISTMENT_INFORMATION_CLASS,
1704 EnlistmentInformation: PVOID,
1705 EnlistmentInformationLength: ULONG,
1706 ReturnLength: PULONG,
1707 ) -> NTSTATUS;
1708 fn ZwQueryInformationFile(
1709 FileHandle: HANDLE,
1710 IoStatusBlock: PIO_STATUS_BLOCK,
1711 FileInformation: PVOID,
1712 Length: ULONG,
1713 FileInformationClass: FILE_INFORMATION_CLASS,
1714 ) -> NTSTATUS;
1715 fn ZwQueryInformationJobObject(
1716 JobHandle: HANDLE,
1717 JobObjectInformationClass: JOBOBJECTINFOCLASS,
1718 JobObjectInformation: PVOID,
1719 JobObjectInformationLength: ULONG,
1720 ReturnLength: PULONG,
1721 ) -> NTSTATUS;
1722 fn ZwQueryInformationPort(
1723 PortHandle: HANDLE,
1724 PortInformationClass: PORT_INFORMATION_CLASS,
1725 PortInformation: PVOID,
1726 Length: ULONG,
1727 ReturnLength: PULONG,
1728 ) -> NTSTATUS;
1729 fn ZwQueryInformationProcess(
1730 ProcessHandle: HANDLE,
1731 ProcessInformationClass: PROCESSINFOCLASS,
1732 ProcessInformation: PVOID,
1733 ProcessInformationLength: ULONG,
1734 ReturnLength: PULONG,
1735 ) -> NTSTATUS;
1736 fn ZwQueryInformationResourceManager(
1737 ResourceManagerHandle: HANDLE,
1738 ResourceManagerInformationClass: RESOURCEMANAGER_INFORMATION_CLASS,
1739 ResourceManagerInformation: PVOID,
1740 ResourceManagerInformationLength: ULONG,
1741 ReturnLength: PULONG,
1742 ) -> NTSTATUS;
1743 fn ZwQueryInformationThread(
1744 ThreadHandle: HANDLE,
1745 ThreadInformationClass: THREADINFOCLASS,
1746 ThreadInformation: PVOID,
1747 ThreadInformationLength: ULONG,
1748 ReturnLength: PULONG,
1749 ) -> NTSTATUS;
1750 fn ZwQueryInformationToken(
1751 TokenHandle: HANDLE,
1752 TokenInformationClass: TOKEN_INFORMATION_CLASS,
1753 TokenInformation: PVOID,
1754 TokenInformationLength: ULONG,
1755 ReturnLength: PULONG,
1756 ) -> NTSTATUS;
1757 fn ZwQueryInformationTransaction(
1758 TransactionHandle: HANDLE,
1759 TransactionInformationClass: TRANSACTION_INFORMATION_CLASS,
1760 TransactionInformation: PVOID,
1761 TransactionInformationLength: ULONG,
1762 ReturnLength: PULONG,
1763 ) -> NTSTATUS;
1764 fn ZwQueryInformationTransactionManager(
1765 TransactionManagerHandle: HANDLE,
1766 TransactionManagerInformationClass: TRANSACTIONMANAGER_INFORMATION_CLASS,
1767 TransactionManagerInformation: PVOID,
1768 TransactionManagerInformationLength: ULONG,
1769 ReturnLength: PULONG,
1770 ) -> NTSTATUS;
1771 fn ZwQueryInformationWorkerFactory(
1772 WorkerFactoryHandle: HANDLE,
1773 WorkerFactoryInformationClass: WORKERFACTORYINFOCLASS,
1774 WorkerFactoryInformation: PVOID,
1775 WorkerFactoryInformationLength: ULONG,
1776 ReturnLength: PULONG,
1777 ) -> NTSTATUS;
1778 fn ZwQueryInstallUILanguage(
1779 InstallUILanguageId: *mut LANGID,
1780 ) -> NTSTATUS;
1781 fn ZwQueryIntervalProfile(
1782 ProfileSource: KPROFILE_SOURCE,
1783 Interval: PULONG,
1784 ) -> NTSTATUS;
1785 fn ZwQueryIoCompletion(
1786 IoCompletionHandle: HANDLE,
1787 IoCompletionInformationClass: IO_COMPLETION_INFORMATION_CLASS,
1788 IoCompletionInformation: PVOID,
1789 IoCompletionInformationLength: ULONG,
1790 ReturnLength: PULONG,
1791 ) -> NTSTATUS;
1792 fn ZwQueryKey(
1793 KeyHandle: HANDLE,
1794 KeyInformationClass: KEY_INFORMATION_CLASS,
1795 KeyInformation: PVOID,
1796 Length: ULONG,
1797 ResultLength: PULONG,
1798 ) -> NTSTATUS;
1799 fn ZwQueryLicenseValue(
1800 ValueName: PUNICODE_STRING,
1801 Type: PULONG,
1802 Data: PVOID,
1803 DataSize: ULONG,
1804 ResultDataSize: PULONG,
1805 ) -> NTSTATUS;
1806 fn ZwQueryMultipleValueKey(
1807 KeyHandle: HANDLE,
1808 ValueEntries: PKEY_VALUE_ENTRY,
1809 EntryCount: ULONG,
1810 ValueBuffer: PVOID,
1811 BufferLength: PULONG,
1812 RequiredBufferLength: PULONG,
1813 ) -> NTSTATUS;
1814 fn ZwQueryMutant(
1815 MutantHandle: HANDLE,
1816 MutantInformationClass: MUTANT_INFORMATION_CLASS,
1817 MutantInformation: PVOID,
1818 MutantInformationLength: ULONG,
1819 ReturnLength: PULONG,
1820 ) -> NTSTATUS;
1821 fn ZwQueryObject(
1822 Handle: HANDLE,
1823 ObjectInformationClass: OBJECT_INFORMATION_CLASS,
1824 ObjectInformation: PVOID,
1825 ObjectInformationLength: ULONG,
1826 ReturnLength: PULONG,
1827 ) -> NTSTATUS;
1828 fn ZwQueryOpenSubKeys(
1829 TargetKey: POBJECT_ATTRIBUTES,
1830 HandleCount: PULONG,
1831 ) -> NTSTATUS;
1832 fn ZwQueryOpenSubKeysEx(
1833 TargetKey: POBJECT_ATTRIBUTES,
1834 BufferLength: ULONG,
1835 Buffer: PVOID,
1836 RequiredSize: PULONG,
1837 ) -> NTSTATUS;
1838 fn ZwQueryPerformanceCounter(
1839 PerformanceCounter: PLARGE_INTEGER,
1840 PerformanceFrequency: PLARGE_INTEGER,
1841 ) -> NTSTATUS;
1842 fn ZwQueryPortInformationProcess() -> NTSTATUS;
1843 fn ZwQueryQuotaInformationFile(
1844 FileHandle: HANDLE,
1845 IoStatusBlock: PIO_STATUS_BLOCK,
1846 Buffer: PVOID,
1847 Length: ULONG,
1848 ReturnSingleEntry: BOOLEAN,
1849 SidList: PVOID,
1850 SidListLength: ULONG,
1851 StartSid: PSID,
1852 RestartScan: BOOLEAN,
1853 ) -> NTSTATUS;
1854 fn ZwQuerySection(
1855 SectionHandle: HANDLE,
1856 SectionInformationClass: SECTION_INFORMATION_CLASS,
1857 SectionInformation: PVOID,
1858 SectionInformationLength: SIZE_T,
1859 ReturnLength: PSIZE_T,
1860 ) -> NTSTATUS;
1861 fn ZwQuerySecurityAttributesToken(
1862 TokenHandle: HANDLE,
1863 Attributes: PUNICODE_STRING,
1864 NumberOfAttributes: ULONG,
1865 Buffer: PVOID,
1866 Length: ULONG,
1867 ReturnLength: PULONG,
1868 ) -> NTSTATUS;
1869 fn ZwQuerySecurityObject(
1870 Handle: HANDLE,
1871 SecurityInformation: SECURITY_INFORMATION,
1872 SecurityDescriptor: PSECURITY_DESCRIPTOR,
1873 Length: ULONG,
1874 LengthNeeded: PULONG,
1875 ) -> NTSTATUS;
1876 fn ZwQuerySemaphore(
1877 SemaphoreHandle: HANDLE,
1878 SemaphoreInformationClass: SEMAPHORE_INFORMATION_CLASS,
1879 SemaphoreInformation: PVOID,
1880 SemaphoreInformationLength: ULONG,
1881 ReturnLength: PULONG,
1882 ) -> NTSTATUS;
1883 fn ZwQuerySymbolicLinkObject(
1884 LinkHandle: HANDLE,
1885 LinkTarget: PUNICODE_STRING,
1886 ReturnedLength: PULONG,
1887 ) -> NTSTATUS;
1888 fn ZwQuerySystemEnvironmentValue(
1889 VariableName: PUNICODE_STRING,
1890 VariableValue: PWSTR,
1891 ValueLength: USHORT,
1892 ReturnLength: PUSHORT,
1893 ) -> NTSTATUS;
1894 fn ZwQuerySystemEnvironmentValueEx(
1895 VariableName: PUNICODE_STRING,
1896 VendorGuid: LPGUID,
1897 Value: PVOID,
1898 ValueLength: PULONG,
1899 Attributes: PULONG,
1900 ) -> NTSTATUS;
1901 fn ZwQuerySystemInformation(
1902 SystemInformationClass: SYSTEM_INFORMATION_CLASS,
1903 SystemInformation: PVOID,
1904 SystemInformationLength: ULONG,
1905 ReturnLength: PULONG,
1906 ) -> NTSTATUS;
1907 fn ZwQuerySystemInformationEx(
1908 SystemInformationClass: SYSTEM_INFORMATION_CLASS,
1909 InputBuffer: PVOID,
1910 InputBufferLength: ULONG,
1911 SystemInformation: PVOID,
1912 SystemInformationLength: ULONG,
1913 ReturnLength: PULONG,
1914 ) -> NTSTATUS;
1915 fn ZwQuerySystemTime(
1916 SystemTime: PLARGE_INTEGER,
1917 ) -> NTSTATUS;
1918 fn ZwQueryTimer(
1919 TimerHandle: HANDLE,
1920 TimerInformationClass: TIMER_INFORMATION_CLASS,
1921 TimerInformation: PVOID,
1922 TimerInformationLength: ULONG,
1923 ReturnLength: PULONG,
1924 ) -> NTSTATUS;
1925 fn ZwQueryTimerResolution(
1926 MaximumTime: PULONG,
1927 MinimumTime: PULONG,
1928 CurrentTime: PULONG,
1929 ) -> NTSTATUS;
1930 fn ZwQueryValueKey(
1931 KeyHandle: HANDLE,
1932 ValueName: PUNICODE_STRING,
1933 KeyValueInformationClass: KEY_VALUE_INFORMATION_CLASS,
1934 KeyValueInformation: PVOID,
1935 Length: ULONG,
1936 ResultLength: PULONG,
1937 ) -> NTSTATUS;
1938 fn ZwQueryVirtualMemory(
1939 ProcessHandle: HANDLE,
1940 BaseAddress: PVOID,
1941 MemoryInformationClass: MEMORY_INFORMATION_CLASS,
1942 MemoryInformation: PVOID,
1943 MemoryInformationLength: SIZE_T,
1944 ReturnLength: PSIZE_T,
1945 ) -> NTSTATUS;
1946 fn ZwQueryVolumeInformationFile(
1947 FileHandle: HANDLE,
1948 IoStatusBlock: PIO_STATUS_BLOCK,
1949 FsInformation: PVOID,
1950 Length: ULONG,
1951 FsInformationClass: FS_INFORMATION_CLASS,
1952 ) -> NTSTATUS;
1953 fn ZwQueryWnfStateData(
1954 StateName: PCWNF_STATE_NAME,
1955 TypeId: PCWNF_TYPE_ID,
1956 ExplicitScope: *const VOID,
1957 ChangeStamp: PWNF_CHANGE_STAMP,
1958 Buffer: PVOID,
1959 BufferSize: PULONG,
1960 ) -> NTSTATUS;
1961 fn ZwQueryWnfStateNameInformation(
1962 StateName: PCWNF_STATE_NAME,
1963 NameInfoClass: WNF_STATE_NAME_INFORMATION,
1964 ExplicitScope: *const VOID,
1965 InfoBuffer: PVOID,
1966 InfoBufferSize: ULONG,
1967 ) -> NTSTATUS;
1968 fn ZwQueueApcThread(
1969 ThreadHandle: HANDLE,
1970 ApcRoutine: PPS_APC_ROUTINE,
1971 ApcArgument1: PVOID,
1972 ApcArgument2: PVOID,
1973 ApcArgument3: PVOID,
1974 ) -> NTSTATUS;
1975 fn ZwQueueApcThreadEx(
1976 ThreadHandle: HANDLE,
1977 UserApcReserveHandle: HANDLE,
1978 ApcRoutine: PPS_APC_ROUTINE,
1979 ApcArgument1: PVOID,
1980 ApcArgument2: PVOID,
1981 ApcArgument3: PVOID,
1982 ) -> NTSTATUS;
1983 fn ZwRaiseException(
1984 ExceptionRecord: PEXCEPTION_RECORD,
1985 ContextRecord: PCONTEXT,
1986 FirstChance: BOOLEAN,
1987 ) -> NTSTATUS;
1988 fn ZwRaiseHardError(
1989 ErrorStatus: NTSTATUS,
1990 NumberOfParameters: ULONG,
1991 UnicodeStringParameterMask: ULONG,
1992 Parameters: PULONG_PTR,
1993 ValidResponseOptions: ULONG,
1994 Response: PULONG,
1995 ) -> NTSTATUS;
1996 fn ZwReadFile(
1997 FileHandle: HANDLE,
1998 Event: HANDLE,
1999 ApcRoutine: PIO_APC_ROUTINE,
2000 ApcContext: PVOID,
2001 IoStatusBlock: PIO_STATUS_BLOCK,
2002 Buffer: PVOID,
2003 Length: ULONG,
2004 ByteOffset: PLARGE_INTEGER,
2005 Key: PULONG,
2006 ) -> NTSTATUS;
2007 fn ZwReadFileScatter(
2008 FileHandle: HANDLE,
2009 Event: HANDLE,
2010 ApcRoutine: PIO_APC_ROUTINE,
2011 ApcContext: PVOID,
2012 IoStatusBlock: PIO_STATUS_BLOCK,
2013 SegmentArray: PFILE_SEGMENT_ELEMENT,
2014 Length: ULONG,
2015 ByteOffset: PLARGE_INTEGER,
2016 Key: PULONG,
2017 ) -> NTSTATUS;
2018 fn ZwReadOnlyEnlistment(
2019 EnlistmentHandle: HANDLE,
2020 TmVirtualClock: PLARGE_INTEGER,
2021 ) -> NTSTATUS;
2022 fn ZwReadRequestData(
2023 PortHandle: HANDLE,
2024 Message: PPORT_MESSAGE,
2025 DataEntryIndex: ULONG,
2026 Buffer: PVOID,
2027 BufferSize: SIZE_T,
2028 NumberOfBytesRead: PSIZE_T,
2029 ) -> NTSTATUS;
2030 fn ZwReadVirtualMemory(
2031 ProcessHandle: HANDLE,
2032 BaseAddress: PVOID,
2033 Buffer: PVOID,
2034 BufferSize: SIZE_T,
2035 NumberOfBytesRead: PSIZE_T,
2036 ) -> NTSTATUS;
2037 fn ZwRecoverEnlistment(
2038 EnlistmentHandle: HANDLE,
2039 EnlistmentKey: PVOID,
2040 ) -> NTSTATUS;
2041 fn ZwRecoverResourceManager(
2042 ResourceManagerHandle: HANDLE,
2043 ) -> NTSTATUS;
2044 fn ZwRecoverTransactionManager(
2045 TransactionManagerHandle: HANDLE,
2046 ) -> NTSTATUS;
2047 fn ZwRegisterProtocolAddressInformation(
2048 ResourceManager: HANDLE,
2049 ProtocolId: PCRM_PROTOCOL_ID,
2050 ProtocolInformationSize: ULONG,
2051 ProtocolInformation: PVOID,
2052 CreateOptions: ULONG,
2053 ) -> NTSTATUS;
2054 fn ZwRegisterThreadTerminatePort(
2055 PortHandle: HANDLE,
2056 ) -> NTSTATUS;
2057 fn ZwReleaseCMFViewOwnership() -> NTSTATUS;
2058 fn ZwReleaseKeyedEvent(
2059 KeyedEventHandle: HANDLE,
2060 KeyValue: PVOID,
2061 Alertable: BOOLEAN,
2062 Timeout: PLARGE_INTEGER,
2063 ) -> NTSTATUS;
2064 fn ZwReleaseMutant(
2065 MutantHandle: HANDLE,
2066 PreviousCount: PLONG,
2067 ) -> NTSTATUS;
2068 fn ZwReleaseSemaphore(
2069 SemaphoreHandle: HANDLE,
2070 ReleaseCount: LONG,
2071 PreviousCount: PLONG,
2072 ) -> NTSTATUS;
2073 fn ZwReleaseWorkerFactoryWorker(
2074 WorkerFactoryHandle: HANDLE,
2075 ) -> NTSTATUS;
2076 fn ZwRemoveIoCompletion(
2077 IoCompletionHandle: HANDLE,
2078 KeyContext: *mut PVOID,
2079 ApcContext: *mut PVOID,
2080 IoStatusBlock: PIO_STATUS_BLOCK,
2081 Timeout: PLARGE_INTEGER,
2082 ) -> NTSTATUS;
2083 fn ZwRemoveIoCompletionEx(
2084 IoCompletionHandle: HANDLE,
2085 IoCompletionInformation: PFILE_IO_COMPLETION_INFORMATION,
2086 Count: ULONG,
2087 NumEntriesRemoved: PULONG,
2088 Timeout: PLARGE_INTEGER,
2089 Alertable: BOOLEAN,
2090 ) -> NTSTATUS;
2091 fn ZwRemoveProcessDebug(
2092 ProcessHandle: HANDLE,
2093 DebugObjectHandle: HANDLE,
2094 ) -> NTSTATUS;
2095 fn ZwRenameKey(
2096 KeyHandle: HANDLE,
2097 NewName: PUNICODE_STRING,
2098 ) -> NTSTATUS;
2099 fn ZwRenameTransactionManager(
2100 LogFileName: PUNICODE_STRING,
2101 ExistingTransactionManagerGuid: LPGUID,
2102 ) -> NTSTATUS;
2103 fn ZwReplaceKey(
2104 NewFile: POBJECT_ATTRIBUTES,
2105 TargetHandle: HANDLE,
2106 OldFile: POBJECT_ATTRIBUTES,
2107 ) -> NTSTATUS;
2108 fn ZwReplacePartitionUnit(
2109 TargetInstancePath: PUNICODE_STRING,
2110 SpareInstancePath: PUNICODE_STRING,
2111 Flags: ULONG,
2112 ) -> NTSTATUS;
2113 fn ZwReplyPort(
2114 PortHandle: HANDLE,
2115 ReplyMessage: PPORT_MESSAGE,
2116 ) -> NTSTATUS;
2117 fn ZwReplyWaitReceivePort(
2118 PortHandle: HANDLE,
2119 PortContext: *mut PVOID,
2120 ReplyMessage: PPORT_MESSAGE,
2121 ReceiveMessage: PPORT_MESSAGE,
2122 ) -> NTSTATUS;
2123 fn ZwReplyWaitReceivePortEx(
2124 PortHandle: HANDLE,
2125 PortContext: *mut PVOID,
2126 ReplyMessage: PPORT_MESSAGE,
2127 ReceiveMessage: PPORT_MESSAGE,
2128 Timeout: PLARGE_INTEGER,
2129 ) -> NTSTATUS;
2130 fn ZwReplyWaitReplyPort(
2131 PortHandle: HANDLE,
2132 ReplyMessage: PPORT_MESSAGE,
2133 ) -> NTSTATUS;
2134 fn ZwRequestPort(
2135 PortHandle: HANDLE,
2136 RequestMessage: PPORT_MESSAGE,
2137 ) -> NTSTATUS;
2138 fn ZwRequestWaitReplyPort(
2139 PortHandle: HANDLE,
2140 RequestMessage: PPORT_MESSAGE,
2141 ReplyMessage: PPORT_MESSAGE,
2142 ) -> NTSTATUS;
2143 fn ZwRequestWakeupLatency(
2144 latency: LATENCY_TIME,
2145 ) -> NTSTATUS;
2146 fn ZwResetEvent(
2147 EventHandle: HANDLE,
2148 PreviousState: PLONG,
2149 ) -> NTSTATUS;
2150 fn ZwResetWriteWatch(
2151 ProcessHandle: HANDLE,
2152 BaseAddress: PVOID,
2153 RegionSize: SIZE_T,
2154 ) -> NTSTATUS;
2155 fn ZwRestoreKey(
2156 KeyHandle: HANDLE,
2157 FileHandle: HANDLE,
2158 Flags: ULONG,
2159 ) -> NTSTATUS;
2160 fn ZwResumeProcess(
2161 ProcessHandle: HANDLE,
2162 ) -> NTSTATUS;
2163 fn ZwResumeThread(
2164 ThreadHandle: HANDLE,
2165 PreviousSuspendCount: PULONG,
2166 ) -> NTSTATUS;
2167 fn ZwRevertContainerImpersonation() -> NTSTATUS;
2168 fn ZwRollbackComplete(
2169 EnlistmentHandle: HANDLE,
2170 TmVirtualClock: PLARGE_INTEGER,
2171 ) -> NTSTATUS;
2172 fn ZwRollbackEnlistment(
2173 EnlistmentHandle: HANDLE,
2174 TmVirtualClock: PLARGE_INTEGER,
2175 ) -> NTSTATUS;
2176 fn ZwRollbackTransaction(
2177 TransactionHandle: HANDLE,
2178 Wait: BOOLEAN,
2179 ) -> NTSTATUS;
2180 fn ZwRollforwardTransactionManager(
2181 TransactionManagerHandle: HANDLE,
2182 TmVirtualClock: PLARGE_INTEGER,
2183 ) -> NTSTATUS;
2184 fn ZwSaveKey(
2185 KeyHandle: HANDLE,
2186 FileHandle: HANDLE,
2187 ) -> NTSTATUS;
2188 fn ZwSaveKeyEx(
2189 KeyHandle: HANDLE,
2190 FileHandle: HANDLE,
2191 Format: ULONG,
2192 ) -> NTSTATUS;
2193 fn ZwSaveMergedKeys(
2194 HighPrecedenceKeyHandle: HANDLE,
2195 LowPrecedenceKeyHandle: HANDLE,
2196 FileHandle: HANDLE,
2197 ) -> NTSTATUS;
2198 fn ZwSecureConnectPort(
2199 PortHandle: PHANDLE,
2200 PortName: PUNICODE_STRING,
2201 SecurityQos: PSECURITY_QUALITY_OF_SERVICE,
2202 ClientView: PPORT_VIEW,
2203 RequiredServerSid: PSID,
2204 ServerView: PREMOTE_PORT_VIEW,
2205 MaxMessageLength: PULONG,
2206 ConnectionInformation: PVOID,
2207 ConnectionInformationLength: PULONG,
2208 ) -> NTSTATUS;
2209 fn ZwSerializeBoot() -> NTSTATUS;
2210 fn ZwSetBootEntryOrder(
2211 Ids: PULONG,
2212 Count: ULONG,
2213 ) -> NTSTATUS;
2214 fn ZwSetBootOptions(
2215 BootOptions: PBOOT_OPTIONS,
2216 FieldsToChange: ULONG,
2217 ) -> NTSTATUS;
2218 fn ZwSetCachedSigningLevel(
2219 Flags: ULONG,
2220 InputSigningLevel: SE_SIGNING_LEVEL,
2221 SourceFiles: PHANDLE,
2222 SourceFileCount: ULONG,
2223 TargetFile: HANDLE,
2224 ) -> NTSTATUS;
2225 fn ZwSetContextThread(
2226 ThreadHandle: HANDLE,
2227 ThreadContext: PCONTEXT,
2228 ) -> NTSTATUS;
2229 fn ZwSetDebugFilterState(
2230 ComponentId: ULONG,
2231 Level: ULONG,
2232 State: BOOLEAN,
2233 ) -> NTSTATUS;
2234 fn ZwSetDefaultHardErrorPort(
2235 DefaultHardErrorPort: HANDLE,
2236 ) -> NTSTATUS;
2237 fn ZwSetDefaultLocale(
2238 UserProfile: BOOLEAN,
2239 DefaultLocaleId: LCID,
2240 ) -> NTSTATUS;
2241 fn ZwSetDefaultUILanguage(
2242 DefaultUILanguageId: LANGID,
2243 ) -> NTSTATUS;
2244 fn ZwSetDriverEntryOrder(
2245 Ids: PULONG,
2246 Count: ULONG,
2247 ) -> NTSTATUS;
2248 fn ZwSetEaFile(
2249 FileHandle: HANDLE,
2250 IoStatusBlock: PIO_STATUS_BLOCK,
2251 Buffer: PVOID,
2252 Length: ULONG,
2253 ) -> NTSTATUS;
2254 fn ZwSetEvent(
2255 EventHandle: HANDLE,
2256 PreviousState: PLONG,
2257 ) -> NTSTATUS;
2258 fn ZwSetEventBoostPriority(
2259 EventHandle: HANDLE,
2260 ) -> NTSTATUS;
2261 fn ZwSetHighEventPair(
2262 EventPairHandle: HANDLE,
2263 ) -> NTSTATUS;
2264 fn ZwSetHighWaitLowEventPair(
2265 EventPairHandle: HANDLE,
2266 ) -> NTSTATUS;
2267 fn ZwSetIRTimer(
2268 TimerHandle: HANDLE,
2269 DueTime: PLARGE_INTEGER,
2270 ) -> NTSTATUS;
2271 fn ZwSetInformationDebugObject(
2272 DebugObjectHandle: HANDLE,
2273 DebugObjectInformationClass: DEBUGOBJECTINFOCLASS,
2274 DebugInformation: PVOID,
2275 DebugInformationLength: ULONG,
2276 ReturnLength: PULONG,
2277 ) -> NTSTATUS;
2278 fn ZwSetInformationEnlistment(
2279 EnlistmentHandle: HANDLE,
2280 EnlistmentInformationClass: ENLISTMENT_INFORMATION_CLASS,
2281 EnlistmentInformation: PVOID,
2282 EnlistmentInformationLength: ULONG,
2283 ) -> NTSTATUS;
2284 fn ZwSetInformationFile(
2285 FileHandle: HANDLE,
2286 IoStatusBlock: PIO_STATUS_BLOCK,
2287 FileInformation: PVOID,
2288 Length: ULONG,
2289 FileInformationClass: FILE_INFORMATION_CLASS,
2290 ) -> NTSTATUS;
2291 fn ZwSetInformationJobObject(
2292 JobHandle: HANDLE,
2293 JobObjectInformationClass: JOBOBJECTINFOCLASS,
2294 JobObjectInformation: PVOID,
2295 JobObjectInformationLength: ULONG,
2296 ) -> NTSTATUS;
2297 fn ZwSetInformationKey(
2298 KeyHandle: HANDLE,
2299 KeySetInformationClass: KEY_SET_INFORMATION_CLASS,
2300 KeySetInformation: PVOID,
2301 KeySetInformationLength: ULONG,
2302 ) -> NTSTATUS;
2303 fn ZwSetInformationObject(
2304 Handle: HANDLE,
2305 ObjectInformationClass: OBJECT_INFORMATION_CLASS,
2306 ObjectInformation: PVOID,
2307 ObjectInformationLength: ULONG,
2308 ) -> NTSTATUS;
2309 fn ZwSetInformationProcess(
2310 ProcessHandle: HANDLE,
2311 ProcessInformationClass: PROCESSINFOCLASS,
2312 ProcessInformation: PVOID,
2313 ProcessInformationLength: ULONG,
2314 ) -> NTSTATUS;
2315 fn ZwSetInformationResourceManager(
2316 ResourceManagerHandle: HANDLE,
2317 ResourceManagerInformationClass: RESOURCEMANAGER_INFORMATION_CLASS,
2318 ResourceManagerInformation: PVOID,
2319 ResourceManagerInformationLength: ULONG,
2320 ) -> NTSTATUS;
2321 fn ZwSetInformationThread(
2322 ThreadHandle: HANDLE,
2323 ThreadInformationClass: THREADINFOCLASS,
2324 ThreadInformation: PVOID,
2325 ThreadInformationLength: ULONG,
2326 ) -> NTSTATUS;
2327 fn ZwSetInformationToken(
2328 TokenHandle: HANDLE,
2329 TokenInformationClass: TOKEN_INFORMATION_CLASS,
2330 TokenInformation: PVOID,
2331 TokenInformationLength: ULONG,
2332 ) -> NTSTATUS;
2333 fn ZwSetInformationTransaction(
2334 TransactionHandle: HANDLE,
2335 TransactionInformationClass: TRANSACTION_INFORMATION_CLASS,
2336 TransactionInformation: PVOID,
2337 TransactionInformationLength: ULONG,
2338 ) -> NTSTATUS;
2339 fn ZwSetInformationTransactionManager(
2340 TmHandle: HANDLE,
2341 TransactionManagerInformationClass: TRANSACTIONMANAGER_INFORMATION_CLASS,
2342 TransactionManagerInformation: PVOID,
2343 TransactionManagerInformationLength: ULONG,
2344 ) -> NTSTATUS;
2345 fn ZwSetInformationVirtualMemory(
2346 ProcessHandle: HANDLE,
2347 VmInformationClass: VIRTUAL_MEMORY_INFORMATION_CLASS,
2348 NumberOfEntries: ULONG_PTR,
2349 VirtualAddresses: PMEMORY_RANGE_ENTRY,
2350 VmInformation: PVOID,
2351 VmInformationLength: ULONG,
2352 ) -> NTSTATUS;
2353 fn ZwSetInformationWorkerFactory(
2354 WorkerFactoryHandle: HANDLE,
2355 WorkerFactoryInformationClass: WORKERFACTORYINFOCLASS,
2356 WorkerFactoryInformation: PVOID,
2357 WorkerFactoryInformationLength: ULONG,
2358 ) -> NTSTATUS;
2359 fn ZwSetIntervalProfile(
2360 Interval: ULONG,
2361 Source: KPROFILE_SOURCE,
2362 ) -> NTSTATUS;
2363 fn ZwSetIoCompletion(
2364 IoCompletionHandle: HANDLE,
2365 KeyContext: PVOID,
2366 ApcContext: PVOID,
2367 IoStatus: NTSTATUS,
2368 IoStatusInformation: ULONG_PTR,
2369 ) -> NTSTATUS;
2370 fn ZwSetIoCompletionEx(
2371 IoCompletionHandle: HANDLE,
2372 IoCompletionPacketHandle: HANDLE,
2373 KeyContext: PVOID,
2374 ApcContext: PVOID,
2375 IoStatus: NTSTATUS,
2376 IoStatusInformation: ULONG_PTR,
2377 ) -> NTSTATUS;
2378 fn ZwSetLdtEntries(
2379 Selector0: ULONG,
2380 Entry0Low: ULONG,
2381 Entry0Hi: ULONG,
2382 Selector1: ULONG,
2383 Entry1Low: ULONG,
2384 Entry1Hi: ULONG,
2385 ) -> NTSTATUS;
2386 fn ZwSetLowEventPair(
2387 EventPairHandle: HANDLE,
2388 ) -> NTSTATUS;
2389 fn ZwSetLowWaitHighEventPair(
2390 EventPairHandle: HANDLE,
2391 ) -> NTSTATUS;
2392 fn ZwSetQuotaInformationFile(
2393 FileHandle: HANDLE,
2394 IoStatusBlock: PIO_STATUS_BLOCK,
2395 Buffer: PVOID,
2396 Length: ULONG,
2397 ) -> NTSTATUS;
2398 fn ZwSetSecurityObject(
2399 Handle: HANDLE,
2400 SecurityInformation: SECURITY_INFORMATION,
2401 SecurityDescriptor: PSECURITY_DESCRIPTOR,
2402 ) -> NTSTATUS;
2403 fn ZwSetSystemEnvironmentValue(
2404 VariableName: PUNICODE_STRING,
2405 VariableValue: PUNICODE_STRING,
2406 ) -> NTSTATUS;
2407 fn ZwSetSystemEnvironmentValueEx(
2408 VariableName: PUNICODE_STRING,
2409 VendorGuid: LPGUID,
2410 Value: PVOID,
2411 ValueLength: ULONG,
2412 Attributes: ULONG,
2413 ) -> NTSTATUS;
2414 fn ZwSetSystemInformation(
2415 SystemInformationClass: SYSTEM_INFORMATION_CLASS,
2416 SystemInformation: PVOID,
2417 SystemInformationLength: ULONG,
2418 ) -> NTSTATUS;
2419 fn ZwSetSystemPowerState(
2420 SystemAction: POWER_ACTION,
2421 LightestSystemState: SYSTEM_POWER_STATE,
2422 Flags: ULONG,
2423 ) -> NTSTATUS;
2424 fn ZwSetSystemTime(
2425 SystemTime: PLARGE_INTEGER,
2426 PreviousTime: PLARGE_INTEGER,
2427 ) -> NTSTATUS;
2428 fn ZwSetThreadExecutionState(
2429 NewFlags: EXECUTION_STATE,
2430 PreviousFlags: *mut EXECUTION_STATE,
2431 ) -> NTSTATUS;
2432 fn ZwSetTimer(
2433 TimerHandle: HANDLE,
2434 DueTime: PLARGE_INTEGER,
2435 TimerApcRoutine: PTIMER_APC_ROUTINE,
2436 TimerContext: PVOID,
2437 ResumeTimer: BOOLEAN,
2438 Period: LONG,
2439 PreviousState: PBOOLEAN,
2440 ) -> NTSTATUS;
2441 fn ZwSetTimer2(
2442 TimerHandle: HANDLE,
2443 DueTime: PLARGE_INTEGER,
2444 Period: PLARGE_INTEGER,
2445 Parameters: PT2_SET_PARAMETERS,
2446 ) -> NTSTATUS;
2447 fn ZwSetTimerEx(
2448 TimerHandle: HANDLE,
2449 TimerSetInformationClass: TIMER_SET_INFORMATION_CLASS,
2450 TimerSetInformation: PVOID,
2451 TimerSetInformationLength: ULONG,
2452 ) -> NTSTATUS;
2453 fn ZwSetTimerResolution(
2454 DesiredTime: ULONG,
2455 SetResolution: BOOLEAN,
2456 ActualTime: PULONG,
2457 ) -> NTSTATUS;
2458 fn ZwSetUuidSeed(
2459 Seed: PCHAR,
2460 ) -> NTSTATUS;
2461 fn ZwSetValueKey(
2462 KeyHandle: HANDLE,
2463 ValueName: PUNICODE_STRING,
2464 TitleIndex: ULONG,
2465 Type: ULONG,
2466 Data: PVOID,
2467 DataSize: ULONG,
2468 ) -> NTSTATUS;
2469 fn ZwSetVolumeInformationFile(
2470 FileHandle: HANDLE,
2471 IoStatusBlock: PIO_STATUS_BLOCK,
2472 FsInformation: PVOID,
2473 Length: ULONG,
2474 FsInformationClass: FS_INFORMATION_CLASS,
2475 ) -> NTSTATUS;
2476 fn ZwSetWnfProcessNotificationEvent(
2477 NotificationEvent: HANDLE,
2478 ) -> NTSTATUS;
2479 fn ZwShutdownSystem(
2480 Action: SHUTDOWN_ACTION,
2481 ) -> NTSTATUS;
2482 fn ZwShutdownWorkerFactory(
2483 WorkerFactoryHandle: HANDLE,
2484 PendingWorkerCount: *mut LONG,
2485 ) -> NTSTATUS;
2486 fn ZwSignalAndWaitForSingleObject(
2487 SignalHandle: HANDLE,
2488 WaitHandle: HANDLE,
2489 Alertable: BOOLEAN,
2490 Timeout: PLARGE_INTEGER,
2491 ) -> NTSTATUS;
2492 fn ZwSinglePhaseReject(
2493 EnlistmentHandle: HANDLE,
2494 TmVirtualClock: PLARGE_INTEGER,
2495 ) -> NTSTATUS;
2496 fn ZwStartProfile(
2497 ProfileHandle: HANDLE,
2498 ) -> NTSTATUS;
2499 fn ZwStopProfile(
2500 ProfileHandle: HANDLE,
2501 ) -> NTSTATUS;
2502 fn ZwSubscribeWnfStateChange(
2503 StateName: PCWNF_STATE_NAME,
2504 ChangeStamp: WNF_CHANGE_STAMP,
2505 EventMask: ULONG,
2506 SubscriptionId: PULONG64,
2507 ) -> NTSTATUS;
2508 fn ZwSuspendProcess(
2509 ProcessHandle: HANDLE,
2510 ) -> NTSTATUS;
2511 fn ZwSuspendThread(
2512 ThreadHandle: HANDLE,
2513 PreviousSuspendCount: PULONG,
2514 ) -> NTSTATUS;
2515 fn ZwSystemDebugControl(
2516 Command: SYSDBG_COMMAND,
2517 InputBuffer: PVOID,
2518 InputBufferLength: ULONG,
2519 OutputBuffer: PVOID,
2520 OutputBufferLength: ULONG,
2521 ReturnLength: PULONG,
2522 ) -> NTSTATUS;
2523 fn ZwTerminateJobObject(
2524 JobHandle: HANDLE,
2525 ExitStatus: NTSTATUS,
2526 ) -> NTSTATUS;
2527 fn ZwTerminateProcess(
2528 ProcessHandle: HANDLE,
2529 ExitStatus: NTSTATUS,
2530 ) -> NTSTATUS;
2531 fn ZwTerminateThread(
2532 ThreadHandle: HANDLE,
2533 ExitStatus: NTSTATUS,
2534 ) -> NTSTATUS;
2535 fn ZwTestAlert() -> NTSTATUS;
2536 fn ZwThawRegistry() -> NTSTATUS;
2537 fn ZwThawTransactions() -> NTSTATUS;
2538 fn ZwTraceControl(
2539 FunctionCode: ULONG,
2540 InBuffer: PVOID,
2541 InBufferLen: ULONG,
2542 OutBuffer: PVOID,
2543 OutBufferLen: ULONG,
2544 ReturnLength: PULONG,
2545 ) -> NTSTATUS;
2546 fn ZwTraceEvent(
2547 TraceHandle: HANDLE,
2548 Flags: ULONG,
2549 FieldSize: ULONG,
2550 Fields: PVOID,
2551 ) -> NTSTATUS;
2552 fn ZwTranslateFilePath(
2553 InputFilePath: PFILE_PATH,
2554 OutputType: ULONG,
2555 OutputFilePath: PFILE_PATH,
2556 OutputFilePathLength: PULONG,
2557 ) -> NTSTATUS;
2558 fn ZwUmsThreadYield(
2559 SchedulerParam: PVOID,
2560 ) -> NTSTATUS;
2561 fn ZwUnloadDriver(
2562 DriverServiceName: PUNICODE_STRING,
2563 ) -> NTSTATUS;
2564 fn ZwUnloadKey(
2565 TargetKey: POBJECT_ATTRIBUTES,
2566 ) -> NTSTATUS;
2567 fn ZwUnloadKey2(
2568 TargetKey: POBJECT_ATTRIBUTES,
2569 Flags: ULONG,
2570 ) -> NTSTATUS;
2571 fn ZwUnloadKeyEx(
2572 TargetKey: POBJECT_ATTRIBUTES,
2573 Event: HANDLE,
2574 ) -> NTSTATUS;
2575 fn ZwUnlockFile(
2576 FileHandle: HANDLE,
2577 IoStatusBlock: PIO_STATUS_BLOCK,
2578 ByteOffset: PLARGE_INTEGER,
2579 Length: PLARGE_INTEGER,
2580 Key: ULONG,
2581 ) -> NTSTATUS;
2582 fn ZwUnlockVirtualMemory(
2583 ProcessHandle: HANDLE,
2584 BaseAddress: *mut PVOID,
2585 RegionSize: PSIZE_T,
2586 MapType: ULONG,
2587 ) -> NTSTATUS;
2588 fn ZwUnmapViewOfSection(
2589 ProcessHandle: HANDLE,
2590 BaseAddress: PVOID,
2591 ) -> NTSTATUS;
2592 fn ZwUnmapViewOfSectionEx(
2593 ProcessHandle: HANDLE,
2594 BaseAddress: PVOID,
2595 Flags: ULONG,
2596 ) -> NTSTATUS;
2597 fn ZwUnsubscribeWnfStateChange(
2598 StateName: PCWNF_STATE_NAME,
2599 ) -> NTSTATUS;
2600 fn ZwUpdateWnfStateData(
2601 StateName: PCWNF_STATE_NAME,
2602 Buffer: *const VOID,
2603 Length: ULONG,
2604 TypeId: PCWNF_TYPE_ID,
2605 ExplicitScope: *const VOID,
2606 MatchingChangeStamp: WNF_CHANGE_STAMP,
2607 CheckStamp: LOGICAL,
2608 ) -> NTSTATUS;
2609 fn ZwVdmControl(
2610 Service: VDMSERVICECLASS,
2611 ServiceData: PVOID,
2612 ) -> NTSTATUS;
2613 fn ZwWaitForAlertByThreadId(
2614 Address: PVOID,
2615 Timeout: PLARGE_INTEGER,
2616 ) -> NTSTATUS;
2617 fn ZwWaitForDebugEvent(
2618 DebugObjectHandle: HANDLE,
2619 Alertable: BOOLEAN,
2620 Timeout: PLARGE_INTEGER,
2621 WaitStateChange: PVOID,
2622 ) -> NTSTATUS;
2623 fn ZwWaitForKeyedEvent(
2624 KeyedEventHandle: HANDLE,
2625 KeyValue: PVOID,
2626 Alertable: BOOLEAN,
2627 Timeout: PLARGE_INTEGER,
2628 ) -> NTSTATUS;
2629 fn ZwWaitForMultipleObjects(
2630 Count: ULONG,
2631 Handles: *mut HANDLE,
2632 WaitType: WAIT_TYPE,
2633 Alertable: BOOLEAN,
2634 Timeout: PLARGE_INTEGER,
2635 ) -> NTSTATUS;
2636 fn ZwWaitForMultipleObjects32(
2637 Count: ULONG,
2638 Handles: *mut LONG,
2639 WaitType: WAIT_TYPE,
2640 Alertable: BOOLEAN,
2641 Timeout: PLARGE_INTEGER,
2642 ) -> NTSTATUS;
2643 fn ZwWaitForSingleObject(
2644 Handle: HANDLE,
2645 Alertable: BOOLEAN,
2646 Timeout: PLARGE_INTEGER,
2647 ) -> NTSTATUS;
2648 fn ZwWaitForWorkViaWorkerFactory(
2649 WorkerFactoryHandle: HANDLE,
2650 MiniPacket: *mut FILE_IO_COMPLETION_INFORMATION,
2651 ) -> NTSTATUS;
2652 fn ZwWaitHighEventPair(
2653 EventPairHandle: HANDLE,
2654 ) -> NTSTATUS;
2655 fn ZwWaitLowEventPair(
2656 EventPairHandle: HANDLE,
2657 ) -> NTSTATUS;
2658 fn ZwWorkerFactoryWorkerReady(
2659 WorkerFactoryHandle: HANDLE,
2660 ) -> NTSTATUS;
2661 fn ZwWriteFile(
2662 FileHandle: HANDLE,
2663 Event: HANDLE,
2664 ApcRoutine: PIO_APC_ROUTINE,
2665 ApcContext: PVOID,
2666 IoStatusBlock: PIO_STATUS_BLOCK,
2667 Buffer: PVOID,
2668 Length: ULONG,
2669 ByteOffset: PLARGE_INTEGER,
2670 Key: PULONG,
2671 ) -> NTSTATUS;
2672 fn ZwWriteFileGather(
2673 FileHandle: HANDLE,
2674 Event: HANDLE,
2675 ApcRoutine: PIO_APC_ROUTINE,
2676 ApcContext: PVOID,
2677 IoStatusBlock: PIO_STATUS_BLOCK,
2678 SegmentArray: PFILE_SEGMENT_ELEMENT,
2679 Length: ULONG,
2680 ByteOffset: PLARGE_INTEGER,
2681 Key: PULONG,
2682 ) -> NTSTATUS;
2683 fn ZwWriteRequestData(
2684 PortHandle: HANDLE,
2685 Message: PPORT_MESSAGE,
2686 DataEntryIndex: ULONG,
2687 Buffer: PVOID,
2688 BufferSize: SIZE_T,
2689 NumberOfBytesWritten: PSIZE_T,
2690 ) -> NTSTATUS;
2691 fn ZwWriteVirtualMemory(
2692 ProcessHandle: HANDLE,
2693 BaseAddress: PVOID,
2694 Buffer: PVOID,
2695 BufferSize: SIZE_T,
2696 NumberOfBytesWritten: PSIZE_T,
2697 ) -> NTSTATUS;
2698 fn ZwYieldExecution() -> NTSTATUS;
2699 }}
backport for Debian buster