diff options
author | Adam <you@example.com> | 2020-05-17 05:51:50 +0200 |
---|---|---|
committer | Adam <you@example.com> | 2020-05-17 05:51:50 +0200 |
commit | e611b132f9b8abe35b362e5870b74bce94a1e58e (patch) | |
tree | a5781d2ec0e085eeca33cf350cf878f2efea6fe5 /public/oak/inc/zwapi.h | |
download | NT4.0-e611b132f9b8abe35b362e5870b74bce94a1e58e.tar NT4.0-e611b132f9b8abe35b362e5870b74bce94a1e58e.tar.gz NT4.0-e611b132f9b8abe35b362e5870b74bce94a1e58e.tar.bz2 NT4.0-e611b132f9b8abe35b362e5870b74bce94a1e58e.tar.lz NT4.0-e611b132f9b8abe35b362e5870b74bce94a1e58e.tar.xz NT4.0-e611b132f9b8abe35b362e5870b74bce94a1e58e.tar.zst NT4.0-e611b132f9b8abe35b362e5870b74bce94a1e58e.zip |
Diffstat (limited to 'public/oak/inc/zwapi.h')
-rw-r--r-- | public/oak/inc/zwapi.h | 1920 |
1 files changed, 1920 insertions, 0 deletions
diff --git a/public/oak/inc/zwapi.h b/public/oak/inc/zwapi.h new file mode 100644 index 000000000..cecd12e32 --- /dev/null +++ b/public/oak/inc/zwapi.h @@ -0,0 +1,1920 @@ +NTSYSAPI +NTSTATUS +NTAPI +ZwDelayExecution ( + IN BOOLEAN Alertable, + IN PLARGE_INTEGER DelayInterval + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQuerySystemEnvironmentValue ( + IN PUNICODE_STRING VariableName, + OUT PWSTR VariableValue, + IN USHORT ValueLength, + OUT PUSHORT ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetSystemEnvironmentValue ( + IN PUNICODE_STRING VariableName, + IN PUNICODE_STRING VariableValue + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwClearEvent ( + IN HANDLE EventHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateEvent ( + OUT PHANDLE EventHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, + IN EVENT_TYPE EventType, + IN BOOLEAN InitialState + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenEvent ( + OUT PHANDLE EventHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwPulseEvent ( + IN HANDLE EventHandle, + OUT PLONG PreviousState OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryEvent ( + IN HANDLE EventHandle, + IN EVENT_INFORMATION_CLASS EventInformationClass, + OUT PVOID EventInformation, + IN ULONG EventInformationLength, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwResetEvent ( + IN HANDLE EventHandle, + OUT PLONG PreviousState OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetEvent ( + IN HANDLE EventHandle, + OUT PLONG PreviousState OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateEventPair ( + OUT PHANDLE EventPairHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenEventPair( + OUT PHANDLE EventPairHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwWaitLowEventPair( + IN HANDLE EventPairHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwWaitHighEventPair( + IN HANDLE EventPairHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetLowWaitHighEventPair( + IN HANDLE EventPairHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetHighWaitLowEventPair( + IN HANDLE EventPairHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetLowWaitHighThread( + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetHighWaitLowThread( + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetLowEventPair( + IN HANDLE EventPairHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetHighEventPair( + IN HANDLE EventPairHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateMutant ( + IN PHANDLE MutantHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, + IN BOOLEAN InitialOwner + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenMutant ( + OUT PHANDLE MutantHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryMutant ( + IN HANDLE MutantHandle, + IN MUTANT_INFORMATION_CLASS MutantInformationClass, + OUT PVOID MutantInformation, + IN ULONG MutantInformationLength, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwReleaseMutant ( + IN HANDLE MutantHandle, + OUT PLONG PreviousCount OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateSemaphore ( + OUT PHANDLE SemaphoreHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, + IN LONG InitialCount, + IN LONG MaximumCount + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenSemaphore( + OUT PHANDLE SemaphoreHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQuerySemaphore ( + IN HANDLE SemaphoreHandle, + IN SEMAPHORE_INFORMATION_CLASS SemaphoreInformationClass, + OUT PVOID SemaphoreInformation, + IN ULONG SemaphoreInformationLength, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwReleaseSemaphore( + IN HANDLE SemaphoreHandle, + IN LONG ReleaseCount, + OUT PLONG PreviousCount OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateTimer ( + OUT PHANDLE TimerHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, + IN TIMER_TYPE TimerType + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenTimer ( + OUT PHANDLE TimerHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCancelTimer ( + IN HANDLE TimerHandle, + OUT PBOOLEAN CurrentState OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryTimer ( + IN HANDLE TimerHandle, + IN TIMER_INFORMATION_CLASS TimerInformationClass, + OUT PVOID TimerInformation, + IN ULONG TimerInformationLength, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetTimer ( + IN HANDLE TimerHandle, + IN PLARGE_INTEGER DueTime, + IN PTIMER_APC_ROUTINE TimerApcRoutine OPTIONAL, + IN PVOID TimerContext OPTIONAL, + IN BOOLEAN ResumeTimer, + IN LONG Period OPTIONAL, + OUT PBOOLEAN PreviousState OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQuerySystemTime ( + OUT PLARGE_INTEGER SystemTime + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetSystemTime ( + IN PLARGE_INTEGER SystemTime, + OUT PLARGE_INTEGER PreviousTime OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryTimerResolution ( + OUT PULONG MaximumTime, + OUT PULONG MinimumTime, + OUT PULONG CurrentTime + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetTimerResolution ( + IN ULONG DesiredTime, + IN BOOLEAN SetResolution, + OUT PULONG ActualTime + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwAllocateLocallyUniqueId( + OUT PLUID Luid + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwAllocateUuids( + OUT PULARGE_INTEGER Time, + OUT PULONG Range, + OUT PULONG Sequence + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateProfile ( + OUT PHANDLE ProfileHandle, + IN HANDLE Process OPTIONAL, + IN PVOID ProfileBase, + IN ULONG ProfileSize, + IN ULONG BucketSize, + IN PULONG Buffer, + IN ULONG BufferSize, + IN KPROFILE_SOURCE ProfileSource, + IN KAFFINITY Affinity + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwStartProfile ( + IN HANDLE ProfileHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwStopProfile ( + IN HANDLE ProfileHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetIntervalProfile ( + IN ULONG Interval, + IN KPROFILE_SOURCE Source + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryIntervalProfile ( + IN KPROFILE_SOURCE ProfileSource, + OUT PULONG Interval + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryPerformanceCounter ( + OUT PLARGE_INTEGER PerformanceCounter, + OUT PLARGE_INTEGER PerformanceFrequency OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQuerySystemInformation ( + IN SYSTEM_INFORMATION_CLASS SystemInformationClass, + OUT PVOID SystemInformation, + IN ULONG SystemInformationLength, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetSystemInformation ( + IN SYSTEM_INFORMATION_CLASS SystemInformationClass, + IN PVOID SystemInformation, + IN ULONG SystemInformationLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSystemDebugControl ( + IN SYSDBG_COMMAND Command, + IN PVOID InputBuffer, + IN ULONG InputBufferLength, + OUT PVOID OutputBuffer, + IN ULONG OutputBufferLength, + OUT PULONG ReturnLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwRaiseHardError( + IN NTSTATUS ErrorStatus, + IN ULONG NumberOfParameters, + IN ULONG UnicodeStringParameterMask, + IN PULONG Parameters, + IN ULONG ValidResponseOptions, + OUT PULONG Response + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryDefaultLocale( + IN BOOLEAN UserProfile, + OUT PLCID DefaultLocaleId + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetDefaultLocale( + IN BOOLEAN UserProfile, + IN LCID DefaultLocaleId + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetDefaultHardErrorPort( + IN HANDLE DefaultHardErrorPort + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwShutdownSystem( + IN SHUTDOWN_ACTION Action + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwDisplayString( + IN PUNICODE_STRING String + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwAddAtom( + IN PWSTR AtomName OPTIONAL, + IN OUT PRTL_ATOM Atom OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwFindAtom( + IN PWSTR AtomName, + OUT PRTL_ATOM Atom OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwDeleteAtom( + IN RTL_ATOM Atom + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryInformationAtom( + IN RTL_ATOM Atom, + IN ATOM_INFORMATION_CLASS AtomInformationClass, + OUT PVOID AtomInformation, + IN ULONG AtomInformationLength, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCancelIoFile( + IN HANDLE FileHandle, + OUT PIO_STATUS_BLOCK IoStatusBlock + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateFile( + OUT PHANDLE FileHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN PLARGE_INTEGER AllocationSize OPTIONAL, + IN ULONG FileAttributes, + IN ULONG ShareAccess, + IN ULONG CreateDisposition, + IN ULONG CreateOptions, + IN PVOID EaBuffer OPTIONAL, + IN ULONG EaLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateNamedPipeFile( + OUT PHANDLE FileHandle, + IN ULONG DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN ULONG ShareAccess, + IN ULONG CreateDisposition, + IN ULONG CreateOptions, + IN ULONG NamedPipeType, + IN ULONG ReadMode, + IN ULONG CompletionMode, + IN ULONG MaximumInstances, + IN ULONG InboundQuota, + IN ULONG OutboundQuota, + IN PLARGE_INTEGER DefaultTimeout OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateMailslotFile( + OUT PHANDLE FileHandle, + IN ULONG DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes, + OUT PIO_STATUS_BLOCK IoStatusBlock, + ULONG CreateOptions, + IN ULONG MailslotQuota, + IN ULONG MaximumMessageSize, + IN PLARGE_INTEGER ReadTimeout + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwDeleteFile( + IN POBJECT_ATTRIBUTES ObjectAttributes + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwDeviceIoControlFile( + IN HANDLE FileHandle, + IN HANDLE Event OPTIONAL, + IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, + IN PVOID ApcContext OPTIONAL, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN ULONG IoControlCode, + IN PVOID InputBuffer OPTIONAL, + IN ULONG InputBufferLength, + OUT PVOID OutputBuffer OPTIONAL, + IN ULONG OutputBufferLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwFlushBuffersFile( + IN HANDLE FileHandle, + OUT PIO_STATUS_BLOCK IoStatusBlock + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwFsControlFile( + IN HANDLE FileHandle, + IN HANDLE Event OPTIONAL, + IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, + IN PVOID ApcContext OPTIONAL, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN ULONG FsControlCode, + IN PVOID InputBuffer OPTIONAL, + IN ULONG InputBufferLength, + OUT PVOID OutputBuffer OPTIONAL, + IN ULONG OutputBufferLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwLockFile( + IN HANDLE FileHandle, + IN HANDLE Event OPTIONAL, + IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, + IN PVOID ApcContext OPTIONAL, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN PLARGE_INTEGER ByteOffset, + IN PLARGE_INTEGER Length, + IN ULONG Key, + IN BOOLEAN FailImmediately, + IN BOOLEAN ExclusiveLock + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwNotifyChangeDirectoryFile( + IN HANDLE FileHandle, + IN HANDLE Event OPTIONAL, + IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, + IN PVOID ApcContext OPTIONAL, + OUT PIO_STATUS_BLOCK IoStatusBlock, + OUT PVOID Buffer, + IN ULONG Length, + IN ULONG CompletionFilter, + IN BOOLEAN WatchTree + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenFile( + OUT PHANDLE FileHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN ULONG ShareAccess, + IN ULONG OpenOptions + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryAttributesFile( + IN POBJECT_ATTRIBUTES ObjectAttributes, + OUT PFILE_BASIC_INFORMATION FileInformation + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryDirectoryFile( + IN HANDLE FileHandle, + IN HANDLE Event OPTIONAL, + IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, + IN PVOID ApcContext OPTIONAL, + OUT PIO_STATUS_BLOCK IoStatusBlock, + OUT PVOID FileInformation, + IN ULONG Length, + IN FILE_INFORMATION_CLASS FileInformationClass, + IN BOOLEAN ReturnSingleEntry, + IN PUNICODE_STRING FileName OPTIONAL, + IN BOOLEAN RestartScan + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryFullAttributesFile( + IN POBJECT_ATTRIBUTES ObjectAttributes, + OUT PFILE_NETWORK_OPEN_INFORMATION FileInformation + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryOleDirectoryFile( + IN HANDLE FileHandle, + IN HANDLE Event OPTIONAL, + IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, + IN PVOID ApcContext OPTIONAL, + OUT PIO_STATUS_BLOCK IoStatusBlock, + OUT PVOID FileInformation, + IN ULONG Length, + IN FILE_INFORMATION_CLASS FileInformationClass, + IN BOOLEAN ReturnSingleEntry, + IN PUNICODE_STRING FileName OPTIONAL, + IN BOOLEAN RestartScan + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryEaFile( + IN HANDLE FileHandle, + OUT PIO_STATUS_BLOCK IoStatusBlock, + OUT PVOID Buffer, + IN ULONG Length, + IN BOOLEAN ReturnSingleEntry, + IN PVOID EaList OPTIONAL, + IN ULONG EaListLength, + IN PULONG EaIndex OPTIONAL, + IN BOOLEAN RestartScan + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryInformationFile( + IN HANDLE FileHandle, + OUT PIO_STATUS_BLOCK IoStatusBlock, + OUT PVOID FileInformation, + IN ULONG Length, + IN FILE_INFORMATION_CLASS FileInformationClass + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryQuotaInformationFile( + IN HANDLE FileHandle, + OUT PIO_STATUS_BLOCK IoStatusBlock, + OUT PVOID Buffer, + IN ULONG Length, + IN BOOLEAN ReturnSingleEntry, + IN PVOID SidList OPTIONAL, + IN ULONG SidListLength, + IN PSID StartSid OPTIONAL, + IN BOOLEAN RestartScan + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryVolumeInformationFile( + IN HANDLE FileHandle, + OUT PIO_STATUS_BLOCK IoStatusBlock, + OUT PVOID FsInformation, + IN ULONG Length, + IN FS_INFORMATION_CLASS FsInformationClass + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwReadFile( + IN HANDLE FileHandle, + IN HANDLE Event OPTIONAL, + IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, + IN PVOID ApcContext OPTIONAL, + OUT PIO_STATUS_BLOCK IoStatusBlock, + OUT PVOID Buffer, + IN ULONG Length, + IN PLARGE_INTEGER ByteOffset OPTIONAL, + IN PULONG Key OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwReadFileScatter( + IN HANDLE FileHandle, + IN HANDLE Event OPTIONAL, + IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, + IN PVOID ApcContext OPTIONAL, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN PFILE_SEGMENT_ELEMENT SegmentArray, + IN ULONG Length, + IN PLARGE_INTEGER ByteOffset OPTIONAL, + IN PULONG Key OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetEaFile( + IN HANDLE FileHandle, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN PVOID Buffer, + IN ULONG Length + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetInformationFile( + IN HANDLE FileHandle, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN PVOID FileInformation, + IN ULONG Length, + IN FILE_INFORMATION_CLASS FileInformationClass + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetQuotaInformationFile( + IN HANDLE FileHandle, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN PVOID Buffer, + IN ULONG Length + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetVolumeInformationFile( + IN HANDLE FileHandle, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN PVOID FsInformation, + IN ULONG Length, + IN FS_INFORMATION_CLASS FsInformationClass + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwUnlockFile( + IN HANDLE FileHandle, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN PLARGE_INTEGER ByteOffset, + IN PLARGE_INTEGER Length, + IN ULONG Key + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwWriteFile( + IN HANDLE FileHandle, + IN HANDLE Event OPTIONAL, + IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, + IN PVOID ApcContext OPTIONAL, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN PVOID Buffer, + IN ULONG Length, + IN PLARGE_INTEGER ByteOffset OPTIONAL, + IN PULONG Key OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwWriteFileGather( + IN HANDLE FileHandle, + IN HANDLE Event OPTIONAL, + IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, + IN PVOID ApcContext OPTIONAL, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN PFILE_SEGMENT_ELEMENT SegmentArray, + IN ULONG Length, + IN PLARGE_INTEGER ByteOffset OPTIONAL, + IN PULONG Key OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwLoadDriver( + IN PUNICODE_STRING DriverServiceName + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwUnloadDriver( + IN PUNICODE_STRING DriverServiceName + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateIoCompletion ( + OUT PHANDLE IoCompletionHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, + IN ULONG Count OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenIoCompletion ( + OUT PHANDLE IoCompletionHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryIoCompletion ( + IN HANDLE IoCompletionHandle, + IN IO_COMPLETION_INFORMATION_CLASS IoCompletionInformationClass, + OUT PVOID IoCompletionInformation, + IN ULONG IoCompletionInformationLength, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetIoCompletion ( + IN HANDLE IoCompletionHandle, + IN ULONG KeyContext, + IN PVOID ApcContext, + IN NTSTATUS IoStatus, + IN ULONG IoStatusInformation + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwRemoveIoCompletion ( + IN HANDLE IoCompletionHandle, + OUT PVOID *KeyContext, + OUT PVOID *ApcContext, + PIO_STATUS_BLOCK IoStatusBlock, + IN PLARGE_INTEGER Timeout + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCallbackReturn ( + IN PVOID OutputBuffer OPTIONAL, + IN ULONG OutputLength, + IN NTSTATUS Status + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwW32Call ( + IN ULONG ApiNumber, + IN PVOID InputBuffer, + IN ULONG InputLength, + OUT PVOID *OutputBuffer, + OUT PULONG OutputLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwYieldExecution ( + VOID + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateChannel ( + OUT PHANDLE ChannelHandle, + IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenChannel ( + OUT PHANDLE ChannelHandle, + IN POBJECT_ATTRIBUTES ObjectAttributes + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwListenChannel ( + IN HANDLE ChannelHandle, + OUT PCHANNEL_MESSAGE *Message + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSendWaitReplyChannel ( + IN HANDLE ChannelHandle, + IN PVOID Text, + IN ULONG Length, + OUT PCHANNEL_MESSAGE *Message + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwReplyWaitSendChannel ( + IN PVOID Text, + IN ULONG Length, + OUT PCHANNEL_MESSAGE *Message + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetContextChannel ( + IN PVOID Context + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreatePort( + OUT PHANDLE PortHandle, + IN POBJECT_ATTRIBUTES ObjectAttributes, + IN ULONG MaxConnectionInfoLength, + IN ULONG MaxMessageLength, + IN ULONG MaxPoolUsage + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwConnectPort( + OUT PHANDLE PortHandle, + IN PUNICODE_STRING PortName, + IN PSECURITY_QUALITY_OF_SERVICE SecurityQos, + IN OUT PPORT_VIEW ClientView OPTIONAL, + OUT PREMOTE_PORT_VIEW ServerView OPTIONAL, + OUT PULONG MaxMessageLength OPTIONAL, + IN OUT PVOID ConnectionInformation OPTIONAL, + IN OUT PULONG ConnectionInformationLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwListenPort( + IN HANDLE PortHandle, + OUT PPORT_MESSAGE ConnectionRequest + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwAcceptConnectPort( + OUT PHANDLE PortHandle, + IN PVOID PortContext, + IN PPORT_MESSAGE ConnectionRequest, + IN BOOLEAN AcceptConnection, + IN OUT PPORT_VIEW ServerView OPTIONAL, + OUT PREMOTE_PORT_VIEW ClientView OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCompleteConnectPort( + IN HANDLE PortHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwRequestPort( + IN HANDLE PortHandle, + IN PPORT_MESSAGE RequestMessage + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwRequestWaitReplyPort( + IN HANDLE PortHandle, + IN PPORT_MESSAGE RequestMessage, + OUT PPORT_MESSAGE ReplyMessage + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwReplyPort( + IN HANDLE PortHandle, + IN PPORT_MESSAGE ReplyMessage + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwReplyWaitReplyPort( + IN HANDLE PortHandle, + IN OUT PPORT_MESSAGE ReplyMessage + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwReplyWaitReceivePort( + IN HANDLE PortHandle, + OUT PVOID *PortContext OPTIONAL, + IN PPORT_MESSAGE ReplyMessage OPTIONAL, + OUT PPORT_MESSAGE ReceiveMessage + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwImpersonateClientOfPort( + IN HANDLE PortHandle, + IN PPORT_MESSAGE Message + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwReadRequestData( + IN HANDLE PortHandle, + IN PPORT_MESSAGE Message, + IN ULONG DataEntryIndex, + OUT PVOID Buffer, + IN ULONG BufferSize, + OUT PULONG NumberOfBytesRead OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwWriteRequestData( + IN HANDLE PortHandle, + IN PPORT_MESSAGE Message, + IN ULONG DataEntryIndex, + IN PVOID Buffer, + IN ULONG BufferSize, + OUT PULONG NumberOfBytesWritten OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryInformationPort( + IN HANDLE PortHandle, + IN PORT_INFORMATION_CLASS PortInformationClass, + OUT PVOID PortInformation, + IN ULONG Length, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateSection ( + OUT PHANDLE SectionHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, + IN PLARGE_INTEGER MaximumSize OPTIONAL, + IN ULONG SectionPageProtection, + IN ULONG AllocationAttributes, + IN HANDLE FileHandle OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenSection( + OUT PHANDLE SectionHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwMapViewOfSection( + IN HANDLE SectionHandle, + IN HANDLE ProcessHandle, + IN OUT PVOID *BaseAddress, + IN ULONG ZeroBits, + IN ULONG CommitSize, + IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, + IN OUT PULONG ViewSize, + IN SECTION_INHERIT InheritDisposition, + IN ULONG AllocationType, + IN ULONG Protect + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwUnmapViewOfSection( + IN HANDLE ProcessHandle, + IN PVOID BaseAddress + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwExtendSection( + IN HANDLE SectionHandle, + IN OUT PLARGE_INTEGER NewSectionSize + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwAllocateVirtualMemory( + IN HANDLE ProcessHandle, + IN OUT PVOID *BaseAddress, + IN ULONG ZeroBits, + IN OUT PULONG RegionSize, + IN ULONG AllocationType, + IN ULONG Protect + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwFreeVirtualMemory( + IN HANDLE ProcessHandle, + IN OUT PVOID *BaseAddress, + IN OUT PULONG RegionSize, + IN ULONG FreeType + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwReadVirtualMemory( + IN HANDLE ProcessHandle, + IN PVOID BaseAddress, + OUT PVOID Buffer, + IN ULONG BufferSize, + OUT PULONG NumberOfBytesRead OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwWriteVirtualMemory( + IN HANDLE ProcessHandle, + OUT PVOID BaseAddress, + IN PVOID Buffer, + IN ULONG BufferSize, + OUT PULONG NumberOfBytesWritten OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwFlushVirtualMemory( + IN HANDLE ProcessHandle, + IN OUT PVOID *BaseAddress, + IN OUT PULONG RegionSize, + OUT PIO_STATUS_BLOCK IoStatus + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwLockVirtualMemory( + IN HANDLE ProcessHandle, + IN OUT PVOID *BaseAddress, + IN OUT PULONG RegionSize, + IN ULONG MapType + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwUnlockVirtualMemory( + IN HANDLE ProcessHandle, + IN OUT PVOID *BaseAddress, + IN OUT PULONG RegionSize, + IN ULONG MapType + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwProtectVirtualMemory( + IN HANDLE ProcessHandle, + IN OUT PVOID *BaseAddress, + IN OUT PULONG RegionSize, + IN ULONG NewProtect, + OUT PULONG OldProtect + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryVirtualMemory( + IN HANDLE ProcessHandle, + IN PVOID BaseAddress, + IN MEMORY_INFORMATION_CLASS MemoryInformationClass, + OUT PVOID MemoryInformation, + IN ULONG MemoryInformationLength, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQuerySection( + IN HANDLE SectionHandle, + IN SECTION_INFORMATION_CLASS SectionInformationClass, + OUT PVOID SectionInformation, + IN ULONG SectionInformationLength, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreatePagingFile ( + IN PUNICODE_STRING PageFileName, + IN PLARGE_INTEGER MinimumSize, + IN PLARGE_INTEGER MaximumSize, + IN ULONG Priority OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwFlushInstructionCache ( + IN HANDLE ProcessHandle, + IN PVOID BaseAddress OPTIONAL, + IN ULONG Length + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwFlushWriteBuffer ( + VOID + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryObject( + IN HANDLE Handle, + IN OBJECT_INFORMATION_CLASS ObjectInformationClass, + OUT PVOID ObjectInformation, + IN ULONG Length, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetInformationObject( + IN HANDLE Handle, + IN OBJECT_INFORMATION_CLASS ObjectInformationClass, + IN PVOID ObjectInformation, + IN ULONG ObjectInformationLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwDuplicateObject( + IN HANDLE SourceProcessHandle, + IN HANDLE SourceHandle, + IN HANDLE TargetProcessHandle OPTIONAL, + OUT PHANDLE TargetHandle OPTIONAL, + IN ACCESS_MASK DesiredAccess, + IN ULONG HandleAttributes, + IN ULONG Options + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwMakeTemporaryObject( + IN HANDLE Handle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSignalAndWaitForSingleObject( + IN HANDLE SignalHandle, + IN HANDLE WaitHandle, + IN BOOLEAN Alertable, + IN PLARGE_INTEGER Timeout OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwWaitForSingleObject( + IN HANDLE Handle, + IN BOOLEAN Alertable, + IN PLARGE_INTEGER Timeout OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwWaitForMultipleObjects( + IN ULONG Count, + IN HANDLE Handles[], + IN WAIT_TYPE WaitType, + IN BOOLEAN Alertable, + IN PLARGE_INTEGER Timeout OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetSecurityObject( + IN HANDLE Handle, + IN SECURITY_INFORMATION SecurityInformation, + IN PSECURITY_DESCRIPTOR SecurityDescriptor + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQuerySecurityObject( + IN HANDLE Handle, + IN SECURITY_INFORMATION SecurityInformation, + OUT PSECURITY_DESCRIPTOR SecurityDescriptor, + IN ULONG Length, + OUT PULONG LengthNeeded + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwClose( + IN HANDLE Handle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateDirectoryObject( + OUT PHANDLE DirectoryHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenDirectoryObject( + OUT PHANDLE DirectoryHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryDirectoryObject( + IN HANDLE DirectoryHandle, + OUT PVOID Buffer, + IN ULONG Length, + IN BOOLEAN ReturnSingleEntry, + IN BOOLEAN RestartScan, + IN OUT PULONG Context, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateSymbolicLinkObject( + OUT PHANDLE LinkHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes, + IN PUNICODE_STRING LinkTarget + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenSymbolicLinkObject( + OUT PHANDLE LinkHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQuerySymbolicLinkObject( + IN HANDLE LinkHandle, + IN OUT PUNICODE_STRING LinkTarget, + OUT PULONG ReturnedLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwGetPlugPlayEvent( + IN PPLUGPLAY_APC_ROUTINE PnPApcRoutine OPTIONAL, + IN PVOID PnPContext OPTIONAL, + OUT PPLUGPLAY_EVENT_BLOCK PnPEvent, + IN ULONG EventBufferLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwPlugPlayControl( + IN PLUGPLAY_CONTROL_CLASS PnPControlClass, + IN OUT PVOID PnPControlData, + IN ULONG PnPControlDataLength, + OUT PULONG RequiredLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetSystemPowerState( + IN POWER_STATE SystemPowerState, + IN BOOLEAN NoResumeAlarm, + IN BOOLEAN ForcePowerDown + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateProcess( + OUT PHANDLE ProcessHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, + IN HANDLE ParentProcess, + IN BOOLEAN InheritObjectTable, + IN HANDLE SectionHandle OPTIONAL, + IN HANDLE DebugPort OPTIONAL, + IN HANDLE ExceptionPort OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenProcess ( + OUT PHANDLE ProcessHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes, + IN PCLIENT_ID ClientId OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwTerminateProcess( + IN HANDLE ProcessHandle OPTIONAL, + IN NTSTATUS ExitStatus + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryInformationProcess( + IN HANDLE ProcessHandle, + IN PROCESSINFOCLASS ProcessInformationClass, + OUT PVOID ProcessInformation, + IN ULONG ProcessInformationLength, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetInformationProcess( + IN HANDLE ProcessHandle, + IN PROCESSINFOCLASS ProcessInformationClass, + IN PVOID ProcessInformation, + IN ULONG ProcessInformationLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateThread( + OUT PHANDLE ThreadHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, + IN HANDLE ProcessHandle, + OUT PCLIENT_ID ClientId, + IN PCONTEXT ThreadContext, + IN PINITIAL_TEB InitialTeb, + IN BOOLEAN CreateSuspended + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenThread ( + OUT PHANDLE ThreadHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes, + IN PCLIENT_ID ClientId OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwTerminateThread( + IN HANDLE ThreadHandle OPTIONAL, + IN NTSTATUS ExitStatus + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSuspendThread( + IN HANDLE ThreadHandle, + OUT PULONG PreviousSuspendCount OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwResumeThread( + IN HANDLE ThreadHandle, + OUT PULONG PreviousSuspendCount OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwGetContextThread( + IN HANDLE ThreadHandle, + IN OUT PCONTEXT ThreadContext + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetContextThread( + IN HANDLE ThreadHandle, + IN PCONTEXT ThreadContext + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryInformationThread( + IN HANDLE ThreadHandle, + IN THREADINFOCLASS ThreadInformationClass, + OUT PVOID ThreadInformation, + IN ULONG ThreadInformationLength, + OUT PULONG ReturnLength OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetInformationThread( + IN HANDLE ThreadHandle, + IN THREADINFOCLASS ThreadInformationClass, + IN PVOID ThreadInformation, + IN ULONG ThreadInformationLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwAlertThread( + IN HANDLE ThreadHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwAlertResumeThread( + IN HANDLE ThreadHandle, + OUT PULONG PreviousSuspendCount OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwImpersonateThread( + IN HANDLE ServerThreadHandle, + IN HANDLE ClientThreadHandle, + IN PSECURITY_QUALITY_OF_SERVICE SecurityQos + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwTestAlert( + VOID + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwRegisterThreadTerminatePort( + IN HANDLE PortHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetLdtEntries( + IN ULONG Selector0, + IN ULONG Entry0Low, + IN ULONG Entry0Hi, + IN ULONG Selector1, + IN ULONG Entry1Low, + IN ULONG Entry1High + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueueApcThread( + IN HANDLE ThreadHandle, + IN PPS_APC_ROUTINE ApcRoutine, + IN PVOID ApcArgument1, + IN PVOID ApcArgument2, + IN PVOID ApcArgument3 + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateKey( + OUT PHANDLE KeyHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes, + IN ULONG TitleIndex, + IN PUNICODE_STRING Class OPTIONAL, + IN ULONG CreateOptions, + OUT PULONG Disposition OPTIONAL + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwDeleteKey( + IN HANDLE KeyHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwDeleteValueKey( + IN HANDLE KeyHandle, + IN PUNICODE_STRING ValueName + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwEnumerateKey( + IN HANDLE KeyHandle, + IN ULONG Index, + IN KEY_INFORMATION_CLASS KeyInformationClass, + OUT PVOID KeyInformation, + IN ULONG Length, + OUT PULONG ResultLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwEnumerateValueKey( + IN HANDLE KeyHandle, + IN ULONG Index, + IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass, + OUT PVOID KeyValueInformation, + IN ULONG Length, + OUT PULONG ResultLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwFlushKey( + IN HANDLE KeyHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwInitializeRegistry( + IN BOOLEAN SetupBoot + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwNotifyChangeKey( + IN HANDLE KeyHandle, + IN HANDLE Event OPTIONAL, + IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, + IN PVOID ApcContext OPTIONAL, + OUT PIO_STATUS_BLOCK IoStatusBlock, + IN ULONG CompletionFilter, + IN BOOLEAN WatchTree, + OUT PVOID Buffer, + IN ULONG BufferSize, + IN BOOLEAN Asynchronous + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwLoadKey( + IN POBJECT_ATTRIBUTES TargetKey, + IN POBJECT_ATTRIBUTES SourceFile + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwLoadKey2( + IN POBJECT_ATTRIBUTES TargetKey, + IN POBJECT_ATTRIBUTES SourceFile, + IN ULONG Flags + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenKey( + OUT PHANDLE KeyHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryKey( + IN HANDLE KeyHandle, + IN KEY_INFORMATION_CLASS KeyInformationClass, + OUT PVOID KeyInformation, + IN ULONG Length, + OUT PULONG ResultLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryValueKey( + IN HANDLE KeyHandle, + IN PUNICODE_STRING ValueName, + IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass, + OUT PVOID KeyValueInformation, + IN ULONG Length, + OUT PULONG ResultLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryMultipleValueKey( + IN HANDLE KeyHandle, + IN PKEY_VALUE_ENTRY ValueEntries, + IN ULONG EntryCount, + OUT PVOID ValueBuffer, + IN OUT PULONG BufferLength, + OUT OPTIONAL PULONG RequiredBufferLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwReplaceKey( + IN POBJECT_ATTRIBUTES NewFile, + IN HANDLE TargetHandle, + IN POBJECT_ATTRIBUTES OldFile + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwRestoreKey( + IN HANDLE KeyHandle, + IN HANDLE FileHandle, + IN ULONG Flags + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSaveKey( + IN HANDLE KeyHandle, + IN HANDLE FileHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetValueKey( + IN HANDLE KeyHandle, + IN PUNICODE_STRING ValueName, + IN ULONG TitleIndex OPTIONAL, + IN ULONG Type, + IN PVOID Data, + IN ULONG DataSize + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwUnloadKey( + IN POBJECT_ATTRIBUTES TargetKey + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetInformationKey( + IN HANDLE KeyHandle, + IN KEY_SET_INFORMATION_CLASS KeySetInformationClass, + IN PVOID KeySetInformation, + IN ULONG KeySetInformationLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwAccessCheck ( + IN PSECURITY_DESCRIPTOR SecurityDescriptor, + IN HANDLE ClientToken, + IN ACCESS_MASK DesiredAccess, + IN PGENERIC_MAPPING GenericMapping, + OUT PPRIVILEGE_SET PrivilegeSet, + IN OUT PULONG PrivilegeSetLength, + OUT PACCESS_MASK GrantedAccess, + OUT PNTSTATUS AccessStatus + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCreateToken( + OUT PHANDLE TokenHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, + IN TOKEN_TYPE TokenType, + IN PLUID AuthenticationId, + IN PLARGE_INTEGER ExpirationTime, + IN PTOKEN_USER User, + IN PTOKEN_GROUPS Groups, + IN PTOKEN_PRIVILEGES Privileges, + IN PTOKEN_OWNER Owner OPTIONAL, + IN PTOKEN_PRIMARY_GROUP PrimaryGroup, + IN PTOKEN_DEFAULT_DACL DefaultDacl OPTIONAL, + IN PTOKEN_SOURCE TokenSource + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenProcessToken( + IN HANDLE ProcessHandle, + IN ACCESS_MASK DesiredAccess, + OUT PHANDLE TokenHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenThreadToken( + IN HANDLE ThreadHandle, + IN ACCESS_MASK DesiredAccess, + IN BOOLEAN OpenAsSelf, + OUT PHANDLE TokenHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwDuplicateToken( + IN HANDLE ExistingTokenHandle, + IN ACCESS_MASK DesiredAccess, + IN POBJECT_ATTRIBUTES ObjectAttributes, + IN BOOLEAN EffectiveOnly, + IN TOKEN_TYPE TokenType, + OUT PHANDLE NewTokenHandle + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwQueryInformationToken ( + IN HANDLE TokenHandle, + IN TOKEN_INFORMATION_CLASS TokenInformationClass, + OUT PVOID TokenInformation, + IN ULONG TokenInformationLength, + OUT PULONG ReturnLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwSetInformationToken ( + IN HANDLE TokenHandle, + IN TOKEN_INFORMATION_CLASS TokenInformationClass, + IN PVOID TokenInformation, + IN ULONG TokenInformationLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwAdjustPrivilegesToken ( + IN HANDLE TokenHandle, + IN BOOLEAN DisableAllPrivileges, + IN PTOKEN_PRIVILEGES NewState OPTIONAL, + IN ULONG BufferLength OPTIONAL, + IN PTOKEN_PRIVILEGES PreviousState OPTIONAL, + OUT PULONG ReturnLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwAdjustGroupsToken ( + IN HANDLE TokenHandle, + IN BOOLEAN ResetToDefault, + IN PTOKEN_GROUPS NewState OPTIONAL, + IN ULONG BufferLength OPTIONAL, + IN PTOKEN_GROUPS PreviousState OPTIONAL, + OUT PULONG ReturnLength + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwPrivilegeCheck ( + IN HANDLE ClientToken, + IN OUT PPRIVILEGE_SET RequiredPrivileges, + OUT PBOOLEAN Result + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwAccessCheckAndAuditAlarm ( + IN PUNICODE_STRING SubsystemName, + IN PVOID HandleId, + IN PUNICODE_STRING ObjectTypeName, + IN PUNICODE_STRING ObjectName, + IN PSECURITY_DESCRIPTOR SecurityDescriptor, + IN ACCESS_MASK DesiredAccess, + IN PGENERIC_MAPPING GenericMapping, + IN BOOLEAN ObjectCreation, + OUT PACCESS_MASK GrantedAccess, + OUT PNTSTATUS AccessStatus, + OUT PBOOLEAN GenerateOnClose + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwOpenObjectAuditAlarm ( + IN PUNICODE_STRING SubsystemName, + IN PVOID HandleId OPTIONAL, + IN PUNICODE_STRING ObjectTypeName, + IN PUNICODE_STRING ObjectName, + IN PSECURITY_DESCRIPTOR SecurityDescriptor OPTIONAL, + IN HANDLE ClientToken, + IN ACCESS_MASK DesiredAccess, + IN ACCESS_MASK GrantedAccess, + IN PPRIVILEGE_SET Privileges OPTIONAL, + IN BOOLEAN ObjectCreation, + IN BOOLEAN AccessGranted, + OUT PBOOLEAN GenerateOnClose + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwPrivilegeObjectAuditAlarm ( + IN PUNICODE_STRING SubsystemName, + IN PVOID HandleId, + IN HANDLE ClientToken, + IN ACCESS_MASK DesiredAccess, + IN PPRIVILEGE_SET Privileges, + IN BOOLEAN AccessGranted + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwCloseObjectAuditAlarm ( + IN PUNICODE_STRING SubsystemName, + IN PVOID HandleId, + IN BOOLEAN GenerateOnClose + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwDeleteObjectAuditAlarm ( + IN PUNICODE_STRING SubsystemName, + IN PVOID HandleId, + IN BOOLEAN GenerateOnClose + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwPrivilegedServiceAuditAlarm ( + IN PUNICODE_STRING SubsystemName, + IN PUNICODE_STRING ServiceName, + IN HANDLE ClientToken, + IN PPRIVILEGE_SET Privileges, + IN BOOLEAN AccessGranted + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwContinue ( + IN PCONTEXT ContextRecord, + IN BOOLEAN TestAlert + ); +NTSYSAPI +NTSTATUS +NTAPI +ZwRaiseException ( + IN PEXCEPTION_RECORD ExceptionRecord, + IN PCONTEXT ContextRecord, + IN BOOLEAN FirstChance + ); |