![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to winnt.h CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [WindowsNT SDKs] / mstools / h|
Return to winnt.h CVS log | Up to [WindowsNT SDKs] / mstools / h |
1.1.1.3 ! root 1: /*++ BUILD Version: 0082 // Increment this if a change has global effects 1.1 root 2: 1.1.1.2 root 3: Copyright (c) 1990-1992 Microsoft Corporation 1.1 root 4: 5: Module Name: 6: 7: winnt.h 8: 9: Abstract: 10: 11: This module defines the 32-Bit Windows types and constants that are 12: defined by NT, but exposed through the Win32 API. 13: 14: Revision History: 15: 16: --*/ 17: 18: #ifndef _WINNT_ 19: #define _WINNT_ 20: 1.1.1.2 root 21: #define ANYSIZE_ARRAY 1 1.1 root 22: #ifdef MIPS 23: #define UNALIGNED __unaligned 24: #else 25: #define UNALIGNED 26: #endif 27: typedef void *PVOID; 28: 29: // 30: // Basics 31: // 32: 33: #ifndef VOID 34: #define VOID void 35: typedef char CHAR; 36: typedef short SHORT; 37: typedef long LONG; 38: #endif 39: 40: // 1.1.1.2 root 41: // UNICODE (Wide Character) types 1.1 root 42: // 43: 44: typedef unsigned short WCHAR; // wc, 16-bit UNICODE character 45: 1.1.1.2 root 46: typedef WCHAR *PWCHAR; 47: typedef WCHAR *LPWCH, *PWCH; 48: typedef CONST WCHAR *LPCWCH, *PCWCH; 49: typedef WCHAR *NWPSTR; 50: typedef WCHAR *LPWSTR, *PWSTR; 51: 52: typedef CONST WCHAR *LPCWSTR, *PCWSTR; 1.1 root 53: 54: // 1.1.1.2 root 55: // ANSI (Multi-byte Character) types 1.1 root 56: // 1.1.1.2 root 57: typedef CHAR *PCHAR; 58: typedef CHAR *LPCH, *PCH; 59: 60: typedef CONST CHAR *LPCCH, *PCCH; 61: typedef CHAR *NPSTR; 62: typedef CHAR *LPSTR, *PSTR; 63: typedef CONST CHAR *LPCSTR, *PCSTR; 1.1 root 64: 1.1.1.2 root 65: 66: // 67: // Neutral ANSI/UNICODE types and macros 68: // 1.1 root 69: #ifdef UNICODE 1.1.1.3 ! root 70: #ifndef _TCHAR_DEFINED ! 71: typedef WCHAR TCHAR, *PTCHAR; ! 72: #define _TCHAR_DEFINED ! 73: #endif 1.1.1.2 root 74: typedef LPWSTR LPTCH, PTCH; 75: typedef LPWSTR PTSTR, LPTSTR; 76: typedef LPCWSTR LPCTSTR; 77: typedef LPWSTR LP; 1.1 root 78: #define TEXT(quote) L##quote 79: #else 1.1.1.3 ! root 80: #ifndef _TCHAR_DEFINED 1.1.1.2 root 81: typedef char TCHAR, *PTCHAR; 1.1.1.3 ! root 82: #define _TCHAR_DEFINED ! 83: #endif 1.1.1.2 root 84: typedef LPSTR LPTCH, PTCH; 85: typedef LPSTR PTSTR, LPTSTR; 86: typedef LPCSTR LPCTSTR; 1.1 root 87: #define TEXT(quote) quote 88: #endif 89: 90: 91: typedef SHORT *PSHORT; 92: typedef LONG *PLONG; 1.1.1.2 root 93: #ifdef STRICT 94: typedef const void *HANDLE; 95: #define DECLARE_HANDLE(name) struct name##__ { int unused; }; typedef const struct name##__ *name 96: 97: #else 98: typedef PVOID HANDLE; 99: #define DECLARE_HANDLE(name) typedef HANDLE name 100: #endif 101: typedef HANDLE *PHANDLE; 102: typedef char CCHAR; 103: /*lint -e624 */ 104: /*lint +e624 */ 105: #define APPLICATION_ERROR_MASK 0x20000000 106: #define ERROR_SEVERITY_SUCCESS 0x00000000 107: #define ERROR_SEVERITY_INFORMATIONAL 0x40000000 108: #define ERROR_SEVERITY_WARNING 0x80000000 109: #define ERROR_SEVERITY_ERROR 0xC0000000 110: 111: typedef struct _LARGE_INTEGER { 112: DWORD LowPart; 113: LONG HighPart; 114: } LARGE_INTEGER, *PLARGE_INTEGER; 115: 116: typedef struct _ULARGE_INTEGER { 117: DWORD LowPart; 118: DWORD HighPart; 119: } ULARGE_INTEGER, *PULARGE_INTEGER; 120: 121: typedef LARGE_INTEGER LUID; 122: typedef LUID *PLUID; 1.1 root 123: #define UNICODE_NULL ((WCHAR)0) 1.1.1.2 root 124: typedef CCHAR BOOLEAN; 125: typedef BOOLEAN *PBOOLEAN; 126: // 127: // Doubly linked list structure. Can be used as either a list head, or 128: // as link words. 129: // 130: 131: typedef struct _LIST_ENTRY { 132: struct _LIST_ENTRY *Flink; 133: struct _LIST_ENTRY *Blink; 134: } LIST_ENTRY; 135: typedef LIST_ENTRY *PLIST_ENTRY; 136: 137: // 138: // Singly linked list structure. Can be used as either a list head, or 139: // as link words. 140: // 141: 142: typedef struct _SINGLE_LIST_ENTRY { 143: struct _SINGLE_LIST_ENTRY *Next; 144: } SINGLE_LIST_ENTRY, *PSINGLE_LIST_ENTRY; 1.1 root 145: #define MINCHAR 0x80 146: #define MAXCHAR 0x7f 147: #define MINSHORT 0x8000 148: #define MAXSHORT 0x7fff 149: #define MINLONG 0x80000000 150: #define MAXLONG 0x7fffffff 151: #define MAXBYTE 0xff 152: #define MAXWORD 0xffff 153: #define MAXDWORD 0xffffffff 154: 155: // 156: // Macros used to eliminate compiler warning generated when formal 157: // parameters or local variables are not declared. 158: // 159: // Use DBG_UNREFERENCED_PARAMETER() when a parameter is not yet 160: // referenced but will be once the module is completely developed. 161: // 162: // Use DBG_UNREFERENCED_LOCAL_VARIABLE() when a local variable is not yet 163: // referenced but will be once the module is completely developed. 164: // 165: // Use UNREFERENCED_PARAMETER() if a parameter will never be referenced. 166: // 167: // DBG_UNREFERENCED_PARAMETER and DBG_UNREFERENCED_LOCAL_VARIABLE will 168: // eventually be made into a null macro to help determine whether there 169: // is unfinished work. 170: // 171: 172: #if ! (defined(lint) || defined(_lint)) 173: #define UNREFERENCED_PARAMETER(P) (P) 174: #define DBG_UNREFERENCED_PARAMETER(P) (P) 175: #define DBG_UNREFERENCED_LOCAL_VARIABLE(V) (V) 176: 177: #else // lint or _lint 178: 179: // Note: lint -e530 says don't complain about uninitialized variables for 180: // this. line +e530 turns that checking back on. Error 527 has to do with 181: // unreachable code. 182: 183: #define UNREFERENCED_PARAMETER(P) \ 184: /*lint -e527 -e530 */ \ 185: { \ 186: (P) = (P); \ 187: } \ 188: /*lint +e527 +e530 */ 189: #define DBG_UNREFERENCED_PARAMETER(P) \ 190: /*lint -e527 -e530 */ \ 191: { \ 192: (P) = (P); \ 193: } \ 194: /*lint +e527 +e530 */ 195: #define DBG_UNREFERENCED_LOCAL_VARIABLE(V) \ 196: /*lint -e527 -e530 */ \ 197: { \ 198: (V) = (V); \ 199: } \ 200: /*lint +e527 +e530 */ 201: 202: #endif // lint or _lint 203: 204: 1.1.1.2 root 205: /*lint -e767 */ 1.1 root 206: #define STATUS_WAIT_0 ((DWORD )0x00000000L) 207: #define STATUS_ABANDONED_WAIT_0 ((DWORD )0x00000080L) 1.1.1.2 root 208: #define STATUS_USER_APC ((DWORD )0x000000C0L) 1.1 root 209: #define STATUS_TIMEOUT ((DWORD )0x00000102L) 210: #define STATUS_PENDING ((DWORD )0x00000103L) 211: #define STATUS_DATATYPE_MISALIGNMENT ((DWORD )0x80000002L) 212: #define STATUS_BREAKPOINT ((DWORD )0x80000003L) 213: #define STATUS_SINGLE_STEP ((DWORD )0x80000004L) 214: #define STATUS_ACCESS_VIOLATION ((DWORD )0xC0000005L) 1.1.1.2 root 215: #define STATUS_ILLEGAL_INSTRUCTION ((DWORD )0xC000001DL) 1.1 root 216: #define STATUS_NONCONTINUABLE_EXCEPTION ((DWORD )0xC0000025L) 1.1.1.2 root 217: #define STATUS_INVALID_DISPOSITION ((DWORD )0xC0000026L) 218: #define STATUS_ARRAY_BOUNDS_EXCEEDED ((DWORD )0xC000008CL) 219: #define STATUS_FLOAT_DENORMAL_OPERAND ((DWORD )0xC000008DL) 220: #define STATUS_FLOAT_DIVIDE_BY_ZERO ((DWORD )0xC000008EL) 221: #define STATUS_FLOAT_INEXACT_RESULT ((DWORD )0xC000008FL) 222: #define STATUS_FLOAT_INVALID_OPERATION ((DWORD )0xC0000090L) 223: #define STATUS_FLOAT_OVERFLOW ((DWORD )0xC0000091L) 224: #define STATUS_FLOAT_STACK_CHECK ((DWORD )0xC0000092L) 225: #define STATUS_FLOAT_UNDERFLOW ((DWORD )0xC0000093L) 226: #define STATUS_INTEGER_DIVIDE_BY_ZERO ((DWORD )0xC0000094L) 227: #define STATUS_INTEGER_OVERFLOW ((DWORD )0xC0000095L) 228: #define STATUS_PRIVILEGED_INSTRUCTION ((DWORD )0xC0000096L) 229: #define STATUS_STACK_OVERFLOW ((DWORD )0xC00000FDL) 1.1 root 230: #define STATUS_CONTROL_C_EXIT ((DWORD )0xC000013AL) 1.1.1.2 root 231: /*lint +e767 */ 1.1 root 232: #define MAXIMUM_WAIT_OBJECTS 64 // Maximum number of wait objects 233: 234: #define MAXIMUM_SUSPEND_COUNT MAXCHAR // Maximum times thread can be suspended 235: typedef DWORD KSPIN_LOCK; 236: 237: #ifdef i386 238: 239: // 240: // Define the size of the 80387 save area, which is in the context frame. 241: // 242: 243: #define SIZE_OF_80387_REGISTERS 80 244: 245: // 246: // The following flags control the contents of the CONTEXT structure. 247: // 248: 249: #define CONTEXT_i386 0x00010000 // this assumes that i386 and 1.1.1.2 root 250: #define CONTEXT_i486 0x00010000 // i486 have identical context records 1.1 root 251: 252: #define CONTEXT_CONTROL (CONTEXT_i386 | 0x00000001L) // SS:SP, CS:IP, FLAGS, BP 253: #define CONTEXT_INTEGER (CONTEXT_i386 | 0x00000002L) // AX, BX, CX, DX, SI, DI 254: #define CONTEXT_SEGMENTS (CONTEXT_i386 | 0x00000004L) // DS, ES, FS, GS 255: #define CONTEXT_FLOATING_POINT (CONTEXT_i386 | 0x00000008L) // 387 state 256: #define CONTEXT_DEBUG_REGISTERS (CONTEXT_i386 | 0x00000010L) // DB 0-3,6,7 257: 258: #define CONTEXT_FULL (CONTEXT_CONTROL | CONTEXT_INTEGER |\ 1.1.1.2 root 259: CONTEXT_SEGMENTS) 1.1 root 260: 261: typedef struct _FLOATING_SAVE_AREA { 262: DWORD ControlWord; 263: DWORD StatusWord; 264: DWORD TagWord; 265: DWORD ErrorOffset; 266: DWORD ErrorSelector; 267: DWORD DataOffset; 268: DWORD DataSelector; 269: BYTE RegisterArea[SIZE_OF_80387_REGISTERS]; 1.1.1.2 root 270: DWORD Cr0NpxState; 1.1 root 271: } FLOATING_SAVE_AREA; 272: 273: typedef FLOATING_SAVE_AREA *PFLOATING_SAVE_AREA; 274: 275: // 276: // Context Frame 277: // 278: // This frame has a several purposes: 1) it is used as an argument to 279: // NtContinue, 2) is is used to constuct a call frame for APC delivery, 280: // and 3) it is used in the user level thread creation routines. 281: // 282: // The layout of the record conforms to a standard call frame. 283: // 284: 285: typedef struct _CONTEXT { 286: 287: // 288: // The flags values within this flag control the contents of 289: // a CONTEXT record. 290: // 291: // If the context record is used as an input parameter, then 292: // for each portion of the context record controlled by a flag 293: // whose value is set, it is assumed that that portion of the 294: // context record contains valid context. If the context record 295: // is being used to modify a threads context, then only that 296: // portion of the threads context will be modified. 297: // 298: // If the context record is used as an IN OUT parameter to capture 299: // the context of a thread, then only those portions of the thread's 300: // context corresponding to set flags will be returned. 301: // 302: // The context record is never used as an OUT only parameter. 303: // 304: 305: DWORD ContextFlags; 306: 307: // 308: // This section is specified/returned if CONTEXT_DEBUG_REGISTERS is 309: // set in ContextFlags. Note that CONTEXT_DEBUG_REGISTERS is NOT 310: // included in CONTEXT_FULL. 311: // 312: 313: DWORD Dr0; 314: DWORD Dr1; 315: DWORD Dr2; 316: DWORD Dr3; 317: DWORD Dr6; 318: DWORD Dr7; 319: 320: // 321: // This section is specified/returned if the 322: // ContextFlags word contians the flag CONTEXT_FLOATING_POINT. 323: // 324: 325: FLOATING_SAVE_AREA FloatSave; 326: 327: // 328: // This section is specified/returned if the 329: // ContextFlags word contians the flag CONTEXT_SEGMENTS. 330: // 331: 332: DWORD SegGs; 333: DWORD SegFs; 334: DWORD SegEs; 335: DWORD SegDs; 336: 337: // 338: // This section is specified/returned if the 339: // ContextFlags word contians the flag CONTEXT_INTEGER. 340: // 341: 342: DWORD Edi; 343: DWORD Esi; 344: DWORD Ebx; 345: DWORD Edx; 346: DWORD Ecx; 347: DWORD Eax; 348: 349: // 350: // This section is specified/returned if the 351: // ContextFlags word contians the flag CONTEXT_CONTROL. 352: // 353: 354: DWORD Ebp; 355: DWORD Eip; 356: DWORD SegCs; // MUST BE SANITIZED 357: DWORD EFlags; // MUST BE SANITIZED 358: DWORD Esp; 359: DWORD SegSs; 360: 361: } CONTEXT; 362: 363: 364: 365: typedef CONTEXT *PCONTEXT; 366: 367: #endif // i386 368: 369: typedef struct _LDT_ENTRY { 370: WORD LimitLow; 371: WORD BaseLow; 372: union { 373: struct { 374: BYTE BaseMid; 375: BYTE Flags1; // Declare as bytes to avoid alignment 376: BYTE Flags2; // Problems. 377: BYTE BaseHi; 378: } Bytes; 379: struct { 380: DWORD BaseMid : 8; 381: DWORD Type : 5; 382: DWORD Dpl : 2; 383: DWORD Pres : 1; 384: DWORD LimitHi : 4; 385: DWORD Sys : 1; 386: DWORD Reserved_0 : 1; 387: DWORD Default_Big : 1; 388: DWORD Granularity : 1; 389: DWORD BaseHi : 8; 390: } Bits; 391: } HighWord; 392: } LDT_ENTRY, *PLDT_ENTRY; 393: 394: 395: #ifdef MIPS 396: 397: // 398: // The following flags control the contents of the CONTEXT structure. 399: // 400: 401: #define CONTEXT_R3000 0x00010000 // this assumes that r3000 and 402: #define CONTEXT_R4000 0x00010000 // r4000 have identical context records 403: 404: #define CONTEXT_CONTROL (CONTEXT_R3000 | 0x00000001L) 405: #define CONTEXT_FLOATING_POINT (CONTEXT_R3000 | 0x00000002L) 406: #define CONTEXT_INTEGER (CONTEXT_R3000 | 0x00000004L) 407: 408: #define CONTEXT_FULL (CONTEXT_CONTROL | CONTEXT_FLOATING_POINT | CONTEXT_INTEGER) 409: 410: // 411: // Context Frame 412: // 413: // N.B. This frame must be exactly a multiple of 16 bytes in length. 414: // 415: // This frame has a several purposes: 1) it is used as an argument to 416: // NtContinue, 2) it is used to constuct a call frame for APC delivery, 417: // 3) it is used to construct a call frame for exception dispatching 418: // in user mode, and 4) it is used in the user level thread creation 419: // routines. 420: // 421: // The layout of the record conforms to a standard call frame. 422: // 423: 424: typedef struct _CONTEXT { 425: 426: // 427: // This section is always present and is used as an argument build 428: // area. 429: // 430: 431: DWORD Argument[4]; 432: 433: // 434: // This section is specified/returned if the ContextFlags word contains 435: // the flag CONTEXT_FLOATING_POINT. 436: // 437: 438: DWORD FltF0; 439: DWORD FltF1; 440: DWORD FltF2; 441: DWORD FltF3; 442: DWORD FltF4; 443: DWORD FltF5; 444: DWORD FltF6; 445: DWORD FltF7; 446: DWORD FltF8; 447: DWORD FltF9; 448: DWORD FltF10; 449: DWORD FltF11; 450: DWORD FltF12; 451: DWORD FltF13; 452: DWORD FltF14; 453: DWORD FltF15; 454: DWORD FltF16; 455: DWORD FltF17; 456: DWORD FltF18; 457: DWORD FltF19; 458: DWORD FltF20; 459: DWORD FltF21; 460: DWORD FltF22; 461: DWORD FltF23; 462: DWORD FltF24; 463: DWORD FltF25; 464: DWORD FltF26; 465: DWORD FltF27; 466: DWORD FltF28; 467: DWORD FltF29; 468: DWORD FltF30; 469: DWORD FltF31; 470: 471: // 472: // This section is specified/returned if the ContextFlags word contains 473: // the flag CONTEXT_INTEGER. 474: // 475: // N.B. The registers gp, sp, and ra are defined in this section, but are 476: // considered part of the control context rather than part of the integer 477: // context. 478: // 479: // N.B. Register zero is not stored in the frame. 480: // 481: 482: DWORD IntZero; 483: DWORD IntAt; 484: DWORD IntV0; 485: DWORD IntV1; 486: DWORD IntA0; 487: DWORD IntA1; 488: DWORD IntA2; 489: DWORD IntA3; 490: DWORD IntT0; 491: DWORD IntT1; 492: DWORD IntT2; 493: DWORD IntT3; 494: DWORD IntT4; 495: DWORD IntT5; 496: DWORD IntT6; 497: DWORD IntT7; 498: DWORD IntS0; 499: DWORD IntS1; 500: DWORD IntS2; 501: DWORD IntS3; 502: DWORD IntS4; 503: DWORD IntS5; 504: DWORD IntS6; 505: DWORD IntS7; 506: DWORD IntT8; 507: DWORD IntT9; 508: DWORD IntK0; 509: DWORD IntK1; 510: DWORD IntGp; 511: DWORD IntSp; 512: DWORD IntS8; 513: DWORD IntRa; 514: DWORD IntLo; 515: DWORD IntHi; 516: 517: // 518: // This section is specified/returned if the ContextFlags word contains 519: // the flag CONTEXT_FLOATING_POINT. 520: // 521: 522: DWORD Fsr; 523: 524: // 525: // This section is specified/returned if the ContextFlags word contains 526: // the flag CONTEXT_CONTROL. 527: // 528: // N.B. The registers gp, sp, and ra are defined in the integer section, 529: // but are considered part of the control context rather than part of 530: // the integer context. 531: // 532: 533: DWORD Fir; 534: DWORD Psr; 535: 536: // 537: // The flags values within this flag control the contents of 538: // a CONTEXT record. 539: // 540: // If the context record is used as an input parameter, then 541: // for each portion of the context record controlled by a flag 542: // whose value is set, it is assumed that that portion of the 543: // context record contains valid context. If the context record 544: // is being used to modify a thread's context, then only that 545: // portion of the threads context will be modified. 546: // 547: // If the context record is used as an IN OUT parameter to capture 548: // the context of a thread, then only those portions of the thread's 549: // context corresponding to set flags will be returned. 550: // 551: // The context record is never used as an OUT only parameter. 552: // 553: 554: DWORD ContextFlags; 555: 556: DWORD Fill[2]; 557: } CONTEXT, *PCONTEXT; 558: 559: #endif // MIPS 560: 561: 562: #ifdef MIPS 563: 564: VOID 565: __jump_unwind ( 566: PVOID Fp, 567: PVOID TargetPc 568: ); 569: 570: #endif // MIPS 571: 572: #define EXCEPTION_NONCONTINUABLE 0x1 // Noncontinuable exception 1.1.1.2 root 573: #define EXCEPTION_MAXIMUM_PARAMETERS 15 // maximum number of exception parameters 1.1 root 574: 575: // 576: // Exception record definition. 577: // 578: 579: typedef struct _EXCEPTION_RECORD { 1.1.1.2 root 580: /*lint -e18 */ // Don't complain about different definitions 1.1 root 581: DWORD ExceptionCode; 1.1.1.2 root 582: /*lint +e18 */ // Resume checking for different definitions 1.1 root 583: DWORD ExceptionFlags; 584: struct _EXCEPTION_RECORD *ExceptionRecord; 585: PVOID ExceptionAddress; 586: DWORD NumberParameters; 587: DWORD ExceptionInformation[EXCEPTION_MAXIMUM_PARAMETERS]; 588: } EXCEPTION_RECORD; 589: 590: typedef EXCEPTION_RECORD *PEXCEPTION_RECORD; 591: 592: // 593: // Typedef for pointer returned by exception_info() 594: // 595: 596: typedef struct _EXCEPTION_POINTERS { 597: PEXCEPTION_RECORD ExceptionRecord; 598: PCONTEXT ContextRecord; 599: } EXCEPTION_POINTERS, *PEXCEPTION_POINTERS; 600: #define PROCESS_TERMINATE (0x0001) 1.1.1.2 root 601: #define PROCESS_CREATE_THREAD (0x0002) 602: #define PROCESS_VM_OPERATION (0x0008) 1.1 root 603: #define PROCESS_VM_READ (0x0010) 604: #define PROCESS_VM_WRITE (0x0020) 605: #define PROCESS_DUP_HANDLE (0x0040) 606: #define PROCESS_CREATE_PROCESS (0x0080) 607: #define PROCESS_SET_INFORMATION (0x0200) 608: #define PROCESS_QUERY_INFORMATION (0x0400) 609: #define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | \ 610: 0xFFF) 1.1.1.2 root 611: 1.1 root 612: #define THREAD_TERMINATE (0x0001) 613: #define THREAD_SUSPEND_RESUME (0x0002) 614: #define THREAD_GET_CONTEXT (0x0008) 615: #define THREAD_SET_CONTEXT (0x0010) 616: #define THREAD_SET_INFORMATION (0x0020) 617: #define THREAD_QUERY_INFORMATION (0x0040) 618: #define THREAD_SET_THREAD_TOKEN (0x0080) 619: #define THREAD_IMPERSONATE (0x0100) 620: #define THREAD_DIRECT_IMPERSONATION (0x0200) 621: #define THREAD_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | \ 622: 0x3FF) 623: #define TLS_MINIMUM_AVAILABLE 64 1.1.1.3 ! root 624: #define THREAD_BASE_PRIORITY_LOWRT 15 // value that gets a thread to LowRealtime-1 1.1 root 625: #define THREAD_BASE_PRIORITY_MAX 2 // maximum thread base priority boost 626: #define THREAD_BASE_PRIORITY_MIN -2 // minimum thread base priority boost 1.1.1.3 ! root 627: #define THREAD_BASE_PRIORITY_IDLE -15 // value that gets a thread to idle 1.1 root 628: #define EVENT_MODIFY_STATE 0x0002 629: #define EVENT_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SYNCHRONIZE|0x3) 630: #define MUTANT_QUERY_STATE 0x0001 631: 632: #define MUTANT_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SYNCHRONIZE|\ 633: MUTANT_QUERY_STATE) 634: #define SEMAPHORE_MODIFY_STATE 0x0002 635: #define SEMAPHORE_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SYNCHRONIZE|0x3) 1.1.1.3 ! root 636: #define TIME_ZONE_ID_UNKNOWN 0 ! 637: #define TIME_ZONE_ID_STANDARD 1 ! 638: #define TIME_ZONE_ID_DAYLIGHT 2 1.1 root 639: 640: #define PROCESSOR_INTEL_386 386 641: #define PROCESSOR_INTEL_486 486 642: #define PROCESSOR_INTEL_860 860 643: #define PROCESSOR_MIPS_R2000 2000 644: #define PROCESSOR_MIPS_R3000 3000 645: #define PROCESSOR_MIPS_R4000 4000 646: 647: typedef struct _MEMORY_BASIC_INFORMATION { 648: PVOID BaseAddress; 649: PVOID AllocationBase; 650: DWORD AllocationProtect; 651: DWORD RegionSize; 652: DWORD State; 653: DWORD Protect; 654: DWORD Type; 1.1.1.2 root 655: } MEMORY_BASIC_INFORMATION, *PMEMORY_BASIC_INFORMATION; 1.1 root 656: #define SECTION_QUERY 0x0001 657: #define SECTION_MAP_WRITE 0x0002 658: #define SECTION_MAP_READ 0x0004 659: #define SECTION_MAP_EXECUTE 0x0008 660: #define SECTION_EXTEND_SIZE 0x0010 661: 662: #define SECTION_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SECTION_QUERY|\ 663: SECTION_MAP_WRITE | \ 664: SECTION_MAP_READ | \ 665: SECTION_MAP_EXECUTE | \ 666: SECTION_EXTEND_SIZE) 667: #define PAGE_NOACCESS 0x01 668: #define PAGE_READONLY 0x02 669: #define PAGE_READWRITE 0x04 670: #define MEM_COMMIT 0x1000 671: #define MEM_RESERVE 0x2000 672: #define MEM_DECOMMIT 0x4000 673: #define MEM_RELEASE 0x8000 674: #define MEM_FREE 0x10000 675: #define MEM_PRIVATE 0x20000 676: #define FILE_SHARE_READ 0x00000001 677: #define FILE_SHARE_WRITE 0x00000002 678: #define FILE_ATTRIBUTE_READONLY 0x00000001 679: #define FILE_ATTRIBUTE_HIDDEN 0x00000002 680: #define FILE_ATTRIBUTE_SYSTEM 0x00000004 1.1.1.2 root 681: #define FILE_ATTRIBUTE_DIRECTORY 0x00000010 1.1 root 682: #define FILE_ATTRIBUTE_ARCHIVE 0x00000020 683: #define FILE_ATTRIBUTE_NORMAL 0x00000080 1.1.1.2 root 684: #define FILE_ATTRIBUTE_TEMPORARY 0x00000100 685: #define FILE_ATTRIBUTE_ATOMIC_WRITE 0x00000200 686: #define FILE_ATTRIBUTE_XACTION_WRITE 0x00000400 687: #define FILE_NOTIFY_CHANGE_FILE_NAME 0x00000001 688: #define FILE_NOTIFY_CHANGE_DIR_NAME 0x00000002 689: #define FILE_NOTIFY_CHANGE_ATTRIBUTES 0x00000004 690: #define FILE_NOTIFY_CHANGE_SIZE 0x00000008 691: #define FILE_NOTIFY_CHANGE_LAST_WRITE 0x00000010 692: #define FILE_NOTIFY_CHANGE_SECURITY 0x00000100 1.1 root 693: #define FILE_CASE_SENSITIVE_SEARCH 0x00000001 694: #define FILE_CASE_PRESERVED_NAMES 0x00000002 695: #define FILE_UNICODE_ON_DISK 0x00000004 1.1.1.3 ! root 696: #define FILE_PERSISTENT_ACLS 0x00000008 1.1 root 697: #define DUPLICATE_CLOSE_SOURCE 0x00000001 698: #define DUPLICATE_SAME_ACCESS 0x00000002 1.1.1.2 root 699: typedef PVOID PACCESS_TOKEN; 1.1 root 700: typedef PVOID PSECURITY_DESCRIPTOR; 701: typedef PVOID PSID; 1.1.1.2 root 702: //////////////////////////////////////////////////////////////////////// 703: // // 704: // ACCESS MASK // 705: // // 706: //////////////////////////////////////////////////////////////////////// 707: 708: // 709: // Define the access mask as a longword sized structure divided up as 710: // follows: 711: // 712: // 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1 713: // 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 714: // +---------------+---------------+-------------------------------+ 715: // |G|G|G|G|Res'd|A| StandardRights| SpecificRights | 716: // |R|W|E|A| |S| | | 717: // +-+-------------+---------------+-------------------------------+ 718: // 719: // typedef struct _ACCESS_MASK { 720: // WORD SpecificRights; 721: // BYTE StandardRights; 722: // BYTE AccessSystemAcl : 1; 723: // BYTE Reserved : 3; 724: // BYTE GenericAll : 1; 725: // BYTE GenericExecute : 1; 726: // BYTE GenericWrite : 1; 727: // BYTE GenericRead : 1; 728: // } ACCESS_MASK; 729: // typedef ACCESS_MASK *PACCESS_MASK; 730: // 731: // but to make life simple for programmer's we'll allow them to specify 732: // a desired access mask by simply OR'ing together mulitple single rights 733: // and treat an access mask as a ulong. For example 734: // 735: // DesiredAccess = DELETE | READ_CONTROL 736: // 737: // So we'll declare ACCESS_MASK as DWORD 738: // 739: 740: typedef DWORD ACCESS_MASK; 741: typedef ACCESS_MASK *PACCESS_MASK; 742: 743: //////////////////////////////////////////////////////////////////////// 744: // // 745: // ACCESS TYPES // 746: // // 747: //////////////////////////////////////////////////////////////////////// 748: 749: 750: // 751: // The following are masks for the predefined standard access types 752: // 753: 1.1 root 754: #define DELETE (0x00010000L) 755: #define READ_CONTROL (0x00020000L) 756: #define WRITE_DAC (0x00040000L) 757: #define WRITE_OWNER (0x00080000L) 758: #define SYNCHRONIZE (0x00100000L) 759: 760: #define STANDARD_RIGHTS_REQUIRED (0x000F0000L) 761: 762: #define STANDARD_RIGHTS_READ (READ_CONTROL) 763: #define STANDARD_RIGHTS_WRITE (READ_CONTROL) 764: #define STANDARD_RIGHTS_EXECUTE (READ_CONTROL) 765: 766: #define STANDARD_RIGHTS_ALL (0x001F0000L) 767: 768: #define SPECIFIC_RIGHTS_ALL (0x0000FFFFL) 769: 770: // 771: // AccessSystemAcl access type 772: // 773: 774: #define ACCESS_SYSTEM_SECURITY (0x01000000L) 775: 776: // 777: // MaximumAllowed access type 778: // 779: 780: #define MAXIMUM_ALLOWED (0x02000000L) 781: 782: // 783: // These are the generic rights. 784: // 785: 786: #define GENERIC_READ (0x80000000L) 787: #define GENERIC_WRITE (0x40000000L) 788: #define GENERIC_EXECUTE (0x20000000L) 789: #define GENERIC_ALL (0x10000000L) 1.1.1.2 root 790: 791: 792: // 793: // Define the generic mapping array. This is used to denote the 794: // mapping of each generic access right to a specific access mask. 795: // 796: 797: typedef struct _GENERIC_MAPPING { 798: ACCESS_MASK GenericRead; 799: ACCESS_MASK GenericWrite; 800: ACCESS_MASK GenericExecute; 801: ACCESS_MASK GenericAll; 802: } GENERIC_MAPPING; 803: typedef GENERIC_MAPPING *PGENERIC_MAPPING; 804: 805: 806: 807: //////////////////////////////////////////////////////////////////////// 808: // // 809: // LUID_AND_ATTRIBUTES // 810: // // 811: //////////////////////////////////////////////////////////////////////// 812: // 813: // 814: 815: 816: typedef struct _LUID_AND_ATTRIBUTES { 817: LUID Luid; 818: DWORD Attributes; 819: } LUID_AND_ATTRIBUTES, * PLUID_AND_ATTRIBUTES; 820: 821: typedef LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY]; 822: typedef LUID_AND_ATTRIBUTES_ARRAY *PLUID_AND_ATTRIBUTES_ARRAY; 823: 824: 825: //////////////////////////////////////////////////////////////////////// 826: // // 827: // Security Id (SID) // 828: // // 829: //////////////////////////////////////////////////////////////////////// 830: // 831: // 832: // Pictorially the structure of an SID is as follows: 833: // 834: // 1 1 1 1 1 1 835: // 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 836: // +---------------------------------------------------------------+ 837: // | SubAuthorityCount |Reserved1 (SBZ)| Revision | 838: // +---------------------------------------------------------------+ 839: // | IdentifierAuthority[0] | 840: // +---------------------------------------------------------------+ 841: // | IdentifierAuthority[1] | 842: // +---------------------------------------------------------------+ 843: // | IdentifierAuthority[2] | 844: // +---------------------------------------------------------------+ 845: // | | 846: // +- - - - - - - - SubAuthority[] - - - - - - - - -+ 847: // | | 848: // +---------------------------------------------------------------+ 849: // 850: // 851: 852: typedef struct _SID_IDENTIFIER_AUTHORITY { 853: BYTE Value[6]; 854: } SID_IDENTIFIER_AUTHORITY, *PSID_IDENTIFIER_AUTHORITY; 855: 856: 857: typedef struct _SID { 858: BYTE Revision; 859: BYTE SubAuthorityCount; 860: SID_IDENTIFIER_AUTHORITY IdentifierAuthority; 861: #ifdef MIDL_PASS 862: [size_is(SubAuthorityCount)] DWORD SubAuthority[*]; 863: #else // MIDL_PASS 864: DWORD SubAuthority[ANYSIZE_ARRAY]; 865: #endif // MIDL_PASS 866: } SID, *PISID; 867: 868: 869: 870: 871: 872: 873: 874: #define SID_REVISION (1) // Current revision level 875: #define SID_MAX_SUB_AUTHORITIES (15) 876: #define SID_RECOMMENDED_SUB_AUTHORITIES (1) // Will change to around 6 877: // in a future release. 878: 879: typedef enum _SID_NAME_USE { 880: SidTypeUser = 1, 881: SidTypeGroup, 882: SidTypeDomain, 883: SidTypeAlias, 884: SidTypeWellKnownGroup, 885: SidTypeDeletedAccount, 886: SidTypeInvalid, 887: SidTypeUnknown 888: } SID_NAME_USE, *PSID_NAME_USE; 889: 890: 891: typedef struct _SID_AND_ATTRIBUTES { 892: PSID Sid; 893: DWORD Attributes; 894: } SID_AND_ATTRIBUTES, * PSID_AND_ATTRIBUTES; 895: 896: typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY]; 897: typedef SID_AND_ATTRIBUTES_ARRAY *PSID_AND_ATTRIBUTES_ARRAY; 898: 899: 900: 901: 902: 903: 904: 905: 906: 907: ///////////////////////////////////////////////////////////////////////////// 908: // // 909: // Universal well-known SIDs // 910: // // 911: // Null SID S-1-0-0 // 912: // World S-1-1-0 // 913: // Local S-1-2-0 // 914: // Creator Owner ID S-1-3-0 // 915: // Creator Group ID S-1-3-1 // 916: // // 917: ///////////////////////////////////////////////////////////////////////////// 918: 919: #define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0} 920: #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1} 921: #define SECURITY_LOCAL_SID_AUTHORITY {0,0,0,0,0,2} 922: #define SECURITY_CREATOR_SID_AUTHORITY {0,0,0,0,0,3} 923: 924: #define SECURITY_NULL_RID (0x00000000L) 925: #define SECURITY_WORLD_RID (0x00000000L) 926: #define SECURITY_LOCAL_RID (0X00000000L) 927: 928: #define SECURITY_CREATOR_OWNER_RID (0x00000000L) 929: #define SECURITY_CREATOR_GROUP_RID (0x00000001L) 930: 931: 932: 933: 934: ///////////////////////////////////////////////////////////////////////////// 935: // // 936: // NT well-known SIDs // 937: // // 938: // NT Authority S-1-5 // 939: // Dialup S-1-5-1 // 940: // // 941: // Network S-1-5-2 // 942: // Batch S-1-5-3 // 943: // Interactive S-1-5-4 // 944: // Service S-1-5-6 // 945: // // 946: // (Logon IDs) S-1-5-5-X-Y // 947: // // 948: // (Built-in domain) s-1-5-20 // 949: // // 950: ///////////////////////////////////////////////////////////////////////////// 951: 952: 953: #define SECURITY_NT_AUTHORITY {0,0,0,0,0,5} 954: 955: #define SECURITY_DIALUP_RID (0x00000001L) 956: #define SECURITY_NETWORK_RID (0x00000002L) 957: #define SECURITY_BATCH_RID (0x00000003L) 958: #define SECURITY_INTERACTIVE_RID (0x00000004L) 959: #define SECURITY_SERVICE_RID (0x00000006L) 960: 961: #define SECURITY_LOGON_IDS_RID (0x00000005L) 962: #define SECURITY_LOGON_IDS_RID_COUNT (3L) 963: 964: #define SECURITY_LOCAL_SYSTEM_RID (0x00000012L) 965: 966: #define SECURITY_BUILTIN_DOMAIN_RID (0x00000020L) 967: 968: 969: 970: 971: 972: ///////////////////////////////////////////////////////////////////////////// 973: // // 974: // well-known domain relative sub-authority values (RIDs)... // 975: // // 976: ///////////////////////////////////////////////////////////////////////////// 977: 978: // Well-known users ... 979: 980: #define DOMAIN_USER_RID_ADMIN (0x000001F4L) 981: #define DOMAIN_USER_RID_GUEST (0x000001F5L) 982: 983: 984: 985: // well-known groups ... 986: 987: #define DOMAIN_GROUP_RID_ADMINS (0x00000200L) 988: #define DOMAIN_GROUP_RID_USERS (0x00000201L) 989: 990: 991: 992: 993: // well-known aliases ... 994: 995: #define DOMAIN_ALIAS_RID_ADMINS (0x00000220L) 996: #define DOMAIN_ALIAS_RID_USERS (0x00000221L) 997: #define DOMAIN_ALIAS_RID_GUESTS (0x00000222L) 998: #define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L) 999: 1000: #define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L) 1001: #define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L) 1002: #define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L) 1003: #define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L) 1004: 1005: #define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L) 1006: 1007: 1008: 1009: 1010: 1011: 1012: // 1013: // Allocate the System Luid. The first 1000 LUIDs are reserved. 1014: // Use #999 here (0x3E7 = 999) 1015: // 1016: 1017: #define SYSTEM_LUID {0x0, 0x3E7} 1018: 1019: 1020: 1021: //////////////////////////////////////////////////////////////////////// 1022: // // 1023: // User and Group related SID attributes // 1024: // // 1025: //////////////////////////////////////////////////////////////////////// 1026: 1027: // 1028: // Group attributes 1029: // 1030: 1031: #define SE_GROUP_MANDATORY (0x00000001L) 1032: #define SE_GROUP_ENABLED_BY_DEFAULT (0x00000002L) 1033: #define SE_GROUP_ENABLED (0x00000004L) 1034: #define SE_GROUP_OWNER (0x00000008L) 1035: #define SE_GROUP_LOGON_ID (0xC0000000L) 1036: 1037: 1038: 1039: // 1040: // User attributes 1041: // 1042: 1043: // (None yet defined.) 1044: 1045: 1046: 1047: 1048: //////////////////////////////////////////////////////////////////////// 1049: // // 1050: // ACL and ACE // 1051: // // 1052: //////////////////////////////////////////////////////////////////////// 1053: 1054: // 1055: // Define an ACL and the ACE format. The structure of an ACL header 1056: // followed by one or more ACEs. Pictorally the structure of an ACL header 1057: // is as follows: 1058: // 1059: // 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1 1060: // 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 1061: // +-------------------------------+---------------+---------------+ 1062: // | AclSize | Sbz1 | AclRevision | 1063: // +-------------------------------+---------------+---------------+ 1064: // | Sbz2 | AceCount | 1065: // +-------------------------------+-------------------------------+ 1066: // 1067: // The current AclRevision is defined to be ACL_REVISION. 1068: // 1069: // AclSize is the size, in bytes, allocated for the ACL. This includes 1070: // the ACL header, ACES, and remaining free space in the buffer. 1071: // 1072: // AceCount is the number of ACES in the ACL. 1073: // 1074: 1075: // This is the *current* ACL revision 1076: 1077: #define ACL_REVISION (2) 1078: 1079: // This is the history of ACL revisions. Add a new one whenever 1080: // ACL_REVISION is updated 1081: 1082: #define ACL_REVISION1 (1) 1083: #define ACL_REVISION2 (2) 1084: 1085: typedef struct _ACL { 1086: BYTE AclRevision; 1087: BYTE Sbz1; 1088: WORD AclSize; 1089: WORD AceCount; 1090: WORD Sbz2; 1091: } ACL; 1092: typedef ACL *PACL; 1093: 1094: // 1095: // The structure of an ACE is a common ace header followed by ace type 1096: // specific data. Pictorally the structure of the common ace header is 1097: // as follows: 1098: // 1099: // 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1 1100: // 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 1101: // +---------------+-------+-------+---------------+---------------+ 1102: // | AceSize | AceFlags | AceType | 1103: // +---------------+-------+-------+---------------+---------------+ 1104: // 1105: // AceType denotes the type of the ace, there are some predefined ace 1106: // types 1107: // 1108: // AceSize is the size, in bytes, of ace. 1109: // 1110: // AceFlags are the Ace flags for audit and inheritance, defined shortly. 1111: 1112: typedef struct _ACE_HEADER { 1113: BYTE AceType; 1114: BYTE AceFlags; 1115: WORD AceSize; 1116: } ACE_HEADER; 1117: typedef ACE_HEADER *PACE_HEADER; 1118: 1119: // 1120: // The following are the predefined ace types that go into the AceType 1121: // field of an Ace header. 1122: // 1123: 1124: #define ACCESS_ALLOWED_ACE_TYPE (0x0) 1125: #define ACCESS_DENIED_ACE_TYPE (0x1) 1126: #define SYSTEM_AUDIT_ACE_TYPE (0x2) 1127: #define SYSTEM_ALARM_ACE_TYPE (0x3) 1128: 1129: // 1130: // The following are the inherit flags that go into the AceFlags field 1131: // of an Ace header. 1132: // 1133: 1134: #define OBJECT_INHERIT_ACE (0x1) 1135: #define CONTAINER_INHERIT_ACE (0x2) 1136: #define NO_PROPAGATE_INHERIT_ACE (0x4) 1137: #define INHERIT_ONLY_ACE (0x8) 1138: #define VALID_INHERIT_FLAGS (0xF) 1139: 1140: 1141: // The following are the currently defined ACE flags that go into the 1142: // AceFlags field of an ACE header. Each ACE type has its own set of 1143: // AceFlags. 1144: // 1145: // SUCCESSFUL_ACCESS_ACE_FLAG - used only with system audit and alarm ACE 1146: // types to indicate that a message is generated for successful accesses. 1147: // 1148: // FAILED_ACCESS_ACE_FLAG - used only with system audit and alarm ACE types 1149: // to indicate that a message is generated for failed accesses. 1150: // 1151: 1152: // 1153: // SYSTEM_AUDIT and SYSTEM_ALARM AceFlags 1154: // 1155: // These control the signaling of audit and alarms for success or failure. 1156: // 1157: 1158: #define SUCCESSFUL_ACCESS_ACE_FLAG (0x40) 1159: #define FAILED_ACCESS_ACE_FLAG (0x80) 1160: 1161: 1162: // 1163: // We'll define the structure of the predefined ACE types. Pictorally 1164: // the structure of the predefined ACE's is as follows: 1165: // 1166: // 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1 1167: // 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 1168: // +---------------+-------+-------+---------------+---------------+ 1169: // | AceFlags | Resd |Inherit| AceSize | AceType | 1170: // +---------------+-------+-------+---------------+---------------+ 1171: // | Mask | 1172: // +---------------------------------------------------------------+ 1173: // | | 1174: // + + 1175: // | | 1176: // + Sid + 1177: // | | 1178: // + + 1179: // | | 1180: // +---------------------------------------------------------------+ 1181: // 1182: // Mask is the access mask associated with the ACE. This is either the 1183: // access allowed, access denied, audit, or alarm mask. 1184: // 1185: // Sid is the Sid associated with the ACE. 1186: // 1187: 1188: // The following are the four predefined ACE types. 1189: 1190: // Examine the AceType field in the Header to determine 1191: // which structure is appropriate to use for casting. 1192: 1193: typedef struct _ACCESS_ALLOWED_ACE { 1194: ACE_HEADER Header; 1195: ACCESS_MASK Mask; 1196: DWORD SidStart; 1197: } ACCESS_ALLOWED_ACE; 1198: 1199: typedef ACCESS_ALLOWED_ACE *PACCESS_ALLOWED_ACE; 1200: 1201: typedef struct _ACCESS_DENIED_ACE { 1202: ACE_HEADER Header; 1203: ACCESS_MASK Mask; 1204: DWORD SidStart; 1205: } ACCESS_DENIED_ACE; 1206: typedef ACCESS_DENIED_ACE *PACCESS_DENIED_ACE; 1207: 1208: typedef struct _SYSTEM_AUDIT_ACE { 1209: ACE_HEADER Header; 1210: ACCESS_MASK Mask; 1211: DWORD SidStart; 1212: } SYSTEM_AUDIT_ACE; 1213: typedef SYSTEM_AUDIT_ACE *PSYSTEM_AUDIT_ACE; 1214: 1215: typedef struct _SYSTEM_ALARM_ACE { 1216: ACE_HEADER Header; 1217: ACCESS_MASK Mask; 1218: DWORD SidStart; 1219: } SYSTEM_ALARM_ACE; 1220: typedef SYSTEM_ALARM_ACE *PSYSTEM_ALARM_ACE; 1221: 1222: 1223: 1224: // 1225: // The following declarations are used for setting and querying information 1226: // about and ACL. First are the various information classes available to 1227: // the user. 1228: // 1229: 1230: typedef enum _ACL_INFORMATION_CLASS { 1231: AclRevisionInformation = 1, 1232: AclSizeInformation 1233: } ACL_INFORMATION_CLASS; 1234: 1235: // 1236: // This record is returned/sent if the user is requesting/setting the 1237: // AclRevisionInformation 1238: // 1239: 1240: typedef struct _ACL_REVISION_INFORMATION { 1241: DWORD AclRevision; 1242: } ACL_REVISION_INFORMATION; 1243: typedef ACL_REVISION_INFORMATION *PACL_REVISION_INFORMATION; 1244: 1245: // 1246: // This record is returned if the user is requesting AclSizeInformation 1247: // 1248: 1249: typedef struct _ACL_SIZE_INFORMATION { 1250: DWORD AceCount; 1251: DWORD AclBytesInUse; 1252: DWORD AclBytesFree; 1253: } ACL_SIZE_INFORMATION; 1254: typedef ACL_SIZE_INFORMATION *PACL_SIZE_INFORMATION; 1255: 1256: 1257: //////////////////////////////////////////////////////////////////////// 1258: // // 1259: // SECURITY_DESCRIPTOR // 1260: // // 1261: //////////////////////////////////////////////////////////////////////// 1262: // 1263: // Define the Security Descriptor and related data types. 1264: // This is an opaque data structure. 1265: // 1266: 1267: // 1268: // Current security descriptor revision value 1269: // 1270: 1271: #define SECURITY_DESCRIPTOR_REVISION (1) 1272: #define SECURITY_DESCRIPTOR_REVISION1 (1) 1273: 1274: // 1275: // Minimum length, in bytes, needed to build a security descriptor 1276: // (NOTE: This must manually be kept consistent with the) 1277: // (sizeof(SECURITY_DESCRIPTOR) ) 1278: // 1279: 1280: #define SECURITY_DESCRIPTOR_MIN_LENGTH (20) 1281: 1282: 1283: typedef WORD SECURITY_DESCRIPTOR_CONTROL, *PSECURITY_DESCRIPTOR_CONTROL; 1284: 1285: #define SE_OWNER_DEFAULTED (0x0001) 1286: #define SE_GROUP_DEFAULTED (0x0002) 1287: #define SE_DACL_PRESENT (0x0004) 1288: #define SE_DACL_DEFAULTED (0x0008) 1289: #define SE_SACL_PRESENT (0x0010) 1290: #define SE_SACL_DEFAULTED (0x0020) 1291: #define SE_SELF_RELATIVE (0x8000) 1292: 1293: // 1294: // Where: 1295: // 1296: // SE_OWNER_DEFAULTED - This boolean flag, when set, indicates that the 1297: // SID pointed to by the Owner field was provided by a 1298: // defaulting mechanism rather than explicitly provided by the 1299: // original provider of the security descriptor. This may 1300: // affect the treatment of the SID with respect to inheritence 1301: // of an owner. 1302: // 1303: // SE_GROUP_DEFAULTED - This boolean flag, when set, indicates that the 1304: // SID in the Group field was provided by a defaulting mechanism 1305: // rather than explicitly provided by the original provider of 1306: // the security descriptor. This may affect the treatment of 1307: // the SID with respect to inheritence of a primary group. 1308: // 1309: // SE_DACL_PRESENT - This boolean flag, when set, indicates that the 1310: // security descriptor contains a discretionary ACL. If this 1311: // flag is set and the Dacl field of the SECURITY_DESCRIPTOR is 1312: // null, then a null ACL is explicitly being specified. 1313: // 1314: // SE_DACL_DEFAULTED - This boolean flag, when set, indicates that the 1315: // ACL pointed to by the Dacl field was provided by a defaulting 1316: // mechanism rather than explicitly provided by the original 1317: // provider of the security descriptor. This may affect the 1318: // treatment of the ACL with respect to inheritence of an ACL. 1319: // This flag is ignored if the DaclPresent flag is not set. 1320: // 1321: // SE_SACL_PRESENT - This boolean flag, when set, indicates that the 1322: // security descriptor contains a system ACL pointed to by the 1323: // Sacl field. If this flag is set and the Sacl field of the 1324: // SECURITY_DESCRIPTOR is null, then an empty (but present) 1325: // ACL is being specified. 1326: // 1327: // SE_SACL_DEFAULTED - This boolean flag, when set, indicates that the 1328: // ACL pointed to by the Sacl field was provided by a defaulting 1329: // mechanism rather than explicitly provided by the original 1330: // provider of the security descriptor. This may affect the 1331: // treatment of the ACL with respect to inheritence of an ACL. 1332: // This flag is ignored if the SaclPresent flag is not set. 1333: // 1334: // SE_SELF_RELATIVE - This boolean flag, when set, indicates that the 1335: // security descriptor is in self-relative form. In this form, 1336: // all fields of the security descriptor are contiguous in memory 1337: // and all pointer fields are expressed as offsets from the 1338: // beginning of the security descriptor. This form is useful 1339: // for treating security descriptors as opaque data structures 1340: // for transmission in communication protocol or for storage on 1341: // secondary media. 1342: // 1343: // 1344: // 1345: // Pictorially the structure of a security descriptor is as follows: 1346: // 1347: // 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1 1348: // 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 1349: // +---------------------------------------------------------------+ 1350: // | Control |Reserved1 (SBZ)| Revision | 1351: // +---------------------------------------------------------------+ 1352: // | Owner | 1353: // +---------------------------------------------------------------+ 1354: // | Group | 1355: // +---------------------------------------------------------------+ 1356: // | Sacl | 1357: // +---------------------------------------------------------------+ 1358: // | Dacl | 1359: // +---------------------------------------------------------------+ 1360: // 1361: // In general, this data structure should be treated opaquely to ensure future 1362: // compatibility. 1363: // 1364: // 1365: 1366: typedef struct _SECURITY_DESCRIPTOR { 1367: BYTE Revision; 1368: BYTE Sbz1; 1369: SECURITY_DESCRIPTOR_CONTROL Control; 1370: PSID Owner; 1371: PSID Group; 1372: PACL Sacl; 1373: PACL Dacl; 1374: } SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR; 1375: 1376: 1377: // Where: 1378: // 1379: // Revision - Contains the revision level of the security 1380: // descriptor. This allows this structure to be passed between 1381: // systems or stored on disk even though it is expected to 1382: // change in the future. 1383: // 1384: // Control - A set of flags which qualify the meaning of the 1385: // security descriptor or individual fields of the security 1386: // descriptor. 1387: // 1388: // Owner - is a pointer to an SID representing an object's owner. 1389: // If this field is null, then no owner SID is present in the 1390: // security descriptor. If the security descriptor is in 1391: // self-relative form, then this field contains an offset to 1392: // the SID, rather than a pointer. 1393: // 1394: // Group - is a pointer to an SID representing an object's primary 1395: // group. If this field is null, then no primary group SID is 1396: // present in the security descriptor. If the security descriptor 1397: // is in self-relative form, then this field contains an offset to 1398: // the SID, rather than a pointer. 1399: // 1400: // Sacl - is a pointer to a system ACL. This field value is only 1401: // valid if the DaclPresent control flag is set. If the 1402: // SaclPresent flag is set and this field is null, then a null 1403: // ACL is specified. If the security descriptor is in 1404: // self-relative form, then this field contains an offset to 1405: // the ACL, rather than a pointer. 1406: // 1407: // Dacl - is a pointer to a discretionary ACL. This field value is 1408: // only valid if the DaclPresent control flag is set. If the 1409: // DaclPresent flag is set and this field is null, then a null 1410: // ACL (unconditionally granting access) is specified. If the 1411: // security descriptor is in self-relative form, then this field 1412: // contains an offset to the ACL, rather than a pointer. 1413: // 1414: 1415: 1416: 1417: //////////////////////////////////////////////////////////////////////// 1418: // // 1419: // Privilege Related Data Structures // 1420: // // 1421: //////////////////////////////////////////////////////////////////////// 1422: 1423: 1424: // 1425: // Privilege attributes 1426: // 1427: 1428: #define SE_PRIVILEGE_ENABLED_BY_DEFAULT (0x00000001L) 1429: #define SE_PRIVILEGE_ENABLED (0x00000002L) 1430: #define SE_PRIVILEGE_USED_FOR_ACCESS (0x80000000L) 1431: 1432: 1433: 1434: 1435: // 1436: // Privilege Set Control flags 1437: // 1438: 1439: #define PRIVILEGE_SET_ALL_NECESSARY (1) 1440: 1441: 1442: // 1443: // Privilege Set - This is defined for a privilege set of one. 1444: // If more than one privilege is needed, then this structure 1445: // will need to be allocated with more space. 1446: // 1447: // Note: don't change this structure without fixing the INITIAL_PRIVILEGE_SET 1448: // structure (defined in se.h) 1449: // 1450: 1451: typedef struct _PRIVILEGE_SET { 1452: DWORD PrivilegeCount; 1453: DWORD Control; 1454: LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]; 1455: } PRIVILEGE_SET, * PPRIVILEGE_SET; 1456: 1457: 1458: //////////////////////////////////////////////////////////////////////// 1459: // // 1460: // NT Defined Privileges // 1461: // // 1462: //////////////////////////////////////////////////////////////////////// 1463: 1.1.1.3 ! root 1464: #define SE_CREATE_TOKEN_NAME TEXT("SeCreateTokenPrivilege") ! 1465: #define SE_ASSIGNPRIMARYTOKEN_NAME TEXT("SeAssignPrimaryTokenPrivilege") ! 1466: #define SE_LOCK_MEMORY_NAME TEXT("SeLockMemoryPrivilege") ! 1467: #define SE_INCREASE_QUOTA_NAME TEXT("SeIncreaseQuotaPrivilege") ! 1468: #define SE_UNSOLICITED_INPUT_NAME TEXT("SeUnsolicitedInputPrivilege") ! 1469: #define SE_TCB_NAME TEXT("SeTcbPrivilege") ! 1470: #define SE_SECURITY_NAME TEXT("SeSecurityPrivilege") ! 1471: #define SE_TAKE_OWNERSHIP_NAME TEXT("SeTakeOwnershipPrivilege") ! 1472: #define SE_LOAD_DRIVER_NAME TEXT("SeLoadDriverPrivilege") ! 1473: #define SE_SYSTEM_PROFILE_NAME TEXT("SeSystemProfilePrivilege") ! 1474: #define SE_SYSTEMTIME_NAME TEXT("SeSystemtimePrivilege") ! 1475: #define SE_PROF_SINGLE_PROCESS_NAME TEXT("SeProfileSingleProcessPrivilege") ! 1476: #define SE_INC_BASE_PRIORITY_NAME TEXT("SeIncreaseBasePriorityPrivilege") ! 1477: #define SE_CREATE_PAGEFILE_NAME TEXT("SeCreatePagefilePrivilege") ! 1478: #define SE_CREATE_PERMANENT_NAME TEXT("SeCreatePermanentPrivilege") ! 1479: #define SE_BACKUP_NAME TEXT("SeBackupPrivilege") ! 1480: #define SE_RESTORE_NAME TEXT("SeRestorePrivilege") ! 1481: #define SE_SHUTDOWN_NAME TEXT("SeShutdownPrivilege") ! 1482: #define SE_DEBUG_NAME TEXT("SeDebugPrivilege") ! 1483: #define SE_AUDIT_NAME TEXT("SeAuditPrivilege") ! 1484: #define SE_SYSTEM_ENVIRONMENT_NAME TEXT("SeSystemEnvironmentPrivilege") ! 1485: #define SE_CHANGE_NOTIFY_NAME TEXT("SeChangeNotifyPrivilege") ! 1486: #define SE_REMOTE_SHUTDOWN_NAME TEXT("SeRemoteShutdownPrivilege") 1.1.1.2 root 1487: 1488: 1489: //////////////////////////////////////////////////////////////////// 1490: // // 1491: // Security Quality Of Service // 1492: // // 1493: // // 1494: //////////////////////////////////////////////////////////////////// 1495: 1496: // 1497: // Impersonation Level 1498: // 1499: // Impersonation level is represented by a pair of bits in Windows. 1500: // If a new impersonation level is added or lowest value is changed from 1501: // 0 to something else, fix the Windows CreateFile call. 1502: // 1503: 1504: typedef enum _SECURITY_IMPERSONATION_LEVEL { 1505: SecurityAnonymous, 1506: SecurityIdentification, 1507: SecurityImpersonation, 1508: SecurityDelegation 1509: } SECURITY_IMPERSONATION_LEVEL, * PSECURITY_IMPERSONATION_LEVEL; 1510: 1511: #define SECURITY_MAX_IMPERSONATION_LEVEL SecurityDelegation 1512: 1513: #define DEFAULT_IMPERSONATION_LEVEL SecurityImpersonation 1514: 1515: 1516: // 1517: // Security Tracking Mode 1518: // 1519: 1520: #define SECURITY_DYNAMIC_TRACKING (TRUE) 1521: #define SECURITY_STATIC_TRACKING (FALSE) 1522: 1523: typedef BOOLEAN SECURITY_CONTEXT_TRACKING_MODE, 1524: * PSECURITY_CONTEXT_TRACKING_MODE; 1525: 1526: 1527: 1528: // 1529: // Quality Of Service 1530: // 1531: 1532: typedef struct _SECURITY_QUALITY_OF_SERVICE { 1533: DWORD Length; 1534: SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; 1535: SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode; 1536: BOOLEAN EffectiveOnly; 1537: } SECURITY_QUALITY_OF_SERVICE, * PSECURITY_QUALITY_OF_SERVICE; 1538: 1539: 1540: // 1541: // Used to represent information related to a thread impersonation 1542: // 1543: 1544: typedef struct _SE_IMPERSONATION_STATE { 1545: PACCESS_TOKEN Token; 1546: BOOLEAN CopyOnOpen; 1547: BOOLEAN EffectiveOnly; 1548: SECURITY_IMPERSONATION_LEVEL Level; 1549: } SE_IMPERSONATION_STATE, *PSE_IMPERSONATION_STATE; 1550: 1551: 1552: //////////////////////////////////////////////////////////////////// 1553: // // 1554: // Token Object Definitions // 1555: // // 1556: // // 1557: //////////////////////////////////////////////////////////////////// 1558: 1559: 1560: // 1561: // Token Specific Access Rights. 1562: // 1563: 1564: #define TOKEN_ASSIGN_PRIMARY (0x0001) 1565: #define TOKEN_DUPLICATE (0x0002) 1566: #define TOKEN_IMPERSONATE (0x0004) 1567: #define TOKEN_QUERY (0x0008) 1568: #define TOKEN_QUERY_SOURCE (0x0010) 1569: #define TOKEN_ADJUST_PRIVILEGES (0x0020) 1570: #define TOKEN_ADJUST_GROUPS (0x0040) 1571: #define TOKEN_ADJUST_DEFAULT (0x0080) 1572: 1573: #define TOKEN_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED |\ 1574: TOKEN_ASSIGN_PRIMARY |\ 1575: TOKEN_DUPLICATE |\ 1576: TOKEN_IMPERSONATE |\ 1577: TOKEN_QUERY |\ 1578: TOKEN_QUERY_SOURCE |\ 1579: TOKEN_ADJUST_PRIVILEGES |\ 1580: TOKEN_ADJUST_GROUPS |\ 1581: TOKEN_ADJUST_DEFAULT) 1582: 1583: 1584: #define TOKEN_READ (STANDARD_RIGHTS_READ |\ 1585: TOKEN_QUERY) 1586: 1587: 1588: #define TOKEN_WRITE (STANDARD_RIGHTS_WRITE |\ 1589: TOKEN_ADJUST_PRIVILEGES |\ 1590: TOKEN_ADJUST_GROUPS |\ 1591: TOKEN_ADJUST_DEFAULT) 1592: 1593: #define TOKEN_EXECUTE (STANDARD_RIGHTS_EXECUTE |\ 1594: TOKEN_IMPERSONATE) 1595: 1596: 1597: // 1598: // Token Types 1599: // 1600: 1601: typedef enum _TOKEN_TYPE { 1602: TokenPrimary = 1, 1603: TokenImpersonation 1604: } TOKEN_TYPE; 1605: typedef TOKEN_TYPE *PTOKEN_TYPE; 1606: 1607: 1608: // 1609: // Token Information Classes. 1610: // 1611: 1612: 1613: typedef enum _TOKEN_INFORMATION_CLASS { 1614: TokenUser = 1, 1615: TokenGroups, 1616: TokenPrivileges, 1617: TokenOwner, 1618: TokenPrimaryGroup, 1619: TokenDefaultDacl, 1620: TokenSource, 1621: TokenType, 1622: TokenImpersonationLevel, 1623: TokenStatistics 1624: } TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS; 1625: 1626: // 1627: // Token information class structures 1628: // 1629: 1630: typedef struct _TOKEN_USER { 1631: SID_AND_ATTRIBUTES User; 1632: } TOKEN_USER, *PTOKEN_USER; 1633: 1634: 1635: typedef struct _TOKEN_GROUPS { 1636: DWORD GroupCount; 1637: SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]; 1638: } TOKEN_GROUPS, *PTOKEN_GROUPS; 1639: 1640: 1641: typedef struct _TOKEN_PRIVILEGES { 1642: DWORD PrivilegeCount; 1643: LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]; 1644: } TOKEN_PRIVILEGES, *PTOKEN_PRIVILEGES; 1645: 1646: 1647: typedef struct _TOKEN_OWNER { 1648: PSID Owner; 1649: } TOKEN_OWNER, *PTOKEN_OWNER; 1650: 1651: 1652: typedef struct _TOKEN_PRIMARY_GROUP { 1653: PSID PrimaryGroup; 1654: } TOKEN_PRIMARY_GROUP, *PTOKEN_PRIMARY_GROUP; 1655: 1656: 1657: typedef struct _TOKEN_DEFAULT_DACL { 1658: PACL DefaultDacl; 1659: } TOKEN_DEFAULT_DACL, *PTOKEN_DEFAULT_DACL; 1660: 1661: 1662: 1663: #define TOKEN_SOURCE_LENGTH 8 1664: 1665: typedef struct _TOKEN_SOURCE { 1666: CHAR SourceName[TOKEN_SOURCE_LENGTH]; 1667: LUID SourceIdentifier; 1668: } TOKEN_SOURCE, *PTOKEN_SOURCE; 1669: 1670: 1671: typedef struct _TOKEN_STATISTICS { 1672: LUID TokenId; 1673: LUID AuthenticationId; 1674: LARGE_INTEGER ExpirationTime; 1675: TOKEN_TYPE TokenType; 1676: SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; 1677: DWORD DynamicCharged; 1678: DWORD DynamicAvailable; 1679: DWORD GroupCount; 1680: DWORD PrivilegeCount; 1681: LUID ModifiedId; 1682: } TOKEN_STATISTICS, *PTOKEN_STATISTICS; 1683: 1684: 1685: typedef struct _TOKEN_CONTROL { 1686: LUID TokenId; 1687: LUID AuthenticationId; 1688: LUID ModifiedId; 1689: TOKEN_SOURCE TokenSource; 1690: } TOKEN_CONTROL, *PTOKEN_CONTROL; 1.1 root 1691: 1692: 1693: typedef DWORD SECURITY_INFORMATION, *PSECURITY_INFORMATION; 1694: 1695: #define OWNER_SECURITY_INFORMATION (0X00000001L) 1696: #define GROUP_SECURITY_INFORMATION (0X00000002L) 1697: #define DACL_SECURITY_INFORMATION (0X00000004L) 1698: #define SACL_SECURITY_INFORMATION (0X00000008L) 1.1.1.3 ! root 1699: #define HEAP_SERIALIZE 0x00000001 1.1 root 1700: 1.1.1.3 ! root 1701: typedef struct _RTL_CRITICAL_SECTION_DEBUG { 1.1.1.2 root 1702: WORD Type; 1.1.1.3 ! root 1703: WORD CreatorBackTraceIndex; ! 1704: struct _RTL_CRITICAL_SECTION *CriticalSection; 1.1.1.2 root 1705: LIST_ENTRY ProcessLocksList; 1.1.1.3 ! root 1706: DWORD EntryCount; ! 1707: DWORD ContentionCount; ! 1708: DWORD Depth; ! 1709: PVOID OwnerBackTrace[ 5 ]; ! 1710: } RTL_CRITICAL_SECTION_DEBUG, *PRTL_CRITICAL_SECTION_DEBUG; ! 1711: ! 1712: #define RTL_CRITSECT_TYPE 0 ! 1713: #define RTL_RESOURCE_TYPE 1 ! 1714: ! 1715: typedef struct _RTL_CRITICAL_SECTION { ! 1716: PRTL_CRITICAL_SECTION_DEBUG DebugInfo; 1.1 root 1717: 1718: // 1719: // The following three fields control entering and exiting the critical 1720: // section for the resource 1721: // 1722: 1723: LONG LockCount; 1724: LONG RecursionCount; 1725: HANDLE OwningThread; // from the thread's ClientId->UniqueThread 1726: HANDLE LockSemaphore; 1.1.1.2 root 1727: DWORD Reserved; 1728: } RTL_CRITICAL_SECTION, *PRTL_CRITICAL_SECTION; 1.1 root 1729: #define DLL_PROCESS_ATTACH 1 1730: #define DLL_THREAD_ATTACH 2 1731: #define DLL_THREAD_DETACH 3 1732: #define DLL_PROCESS_DETACH 0 1733: 1734: // 1735: // Defines for the READ flags for Eventlogging 1736: // 1.1.1.2 root 1737: #define EVENTLOG_SEQUENTIAL_READ 0X0001 1738: #define EVENTLOG_SEEK_READ 0X0002 1739: #define EVENTLOG_FORWARDS_READ 0X0004 1740: #define EVENTLOG_BACKWARDS_READ 0X0008 1.1 root 1741: 1742: // 1743: // The types of events that can be logged. 1744: // 1.1.1.2 root 1745: #define EVENTLOG_SUCCESS 0X0000 1746: #define EVENTLOG_ERROR_TYPE 0x0001 1747: #define EVENTLOG_WARNING_TYPE 0x0002 1748: #define EVENTLOG_INFORMATION_TYPE 0x0004 1749: #define EVENTLOG_AUDIT_SUCCESS 0x0008 1750: #define EVENTLOG_AUDIT_FAILURE 0x0010 1751: 1752: // 1753: // Defines for the WRITE flags used by Auditing for paired events 1754: // These are not implemented in Product 1 1755: // 1756: 1757: #define EVENTLOG_START_PAIRED_EVENT 0x0001 1758: #define EVENTLOG_END_PAIRED_EVENT 0x0002 1759: #define EVENTLOG_END_ALL_PAIRED_EVENTS 0x0004 1760: #define EVENTLOG_PAIRED_EVENT_ACTIVE 0x0008 1761: #define EVENTLOG_PAIRED_EVENT_INACTIVE 0x000C 1762: 1763: // 1764: // Structure that defines the header of the Eventlog record. This is the 1765: // fixed-sized portion before all the variable-length strings, binary 1766: // data and pad bytes. 1767: // 1768: // TimeGenerated is the time it was generated at the client. 1769: // TimeWritten is the time it was put into the log at the server end. 1770: // 1771: 1772: typedef struct _EVENTLOGRECORD { 1773: DWORD Length; // Length of full record 1774: DWORD Reserved; // Used by the service 1775: DWORD RecordNumber; // Absolute record number 1776: DWORD TimeGenerated; // Seconds since 1-1-1970 1777: DWORD TimeWritten; // Seconds since 1-1-1970 1778: DWORD EventID; 1779: WORD EventType; 1780: WORD NumStrings; 1781: WORD EventCategory; 1782: WORD ReservedFlags; // For use with paired events (auditing) 1783: DWORD ClosingRecordNumber; // For use with paired events (auditing) 1784: DWORD StringOffset; // Offset from beginning of record 1785: DWORD UserSidLength; 1786: DWORD UserSidOffset; 1787: DWORD DataLength; 1788: DWORD DataOffset; // Offset from beginning of record 1789: // 1790: // Then follow: 1791: // 1792: // WCHAR SourceName[] 1793: // WCHAR Computername[] 1794: // SID UserSid 1795: // WCHAR Strings[] 1796: // BYTE Data[] 1797: // CHAR Pad[] 1798: // DWORD Length; 1799: // 1800: } EVENTLOGRECORD, *PEVENTLOGRECORD; 1.1 root 1801: 1802: #define DBG_CONTINUE ((DWORD )0x00010002L) 1803: #define DBG_TERMINATE_THREAD ((DWORD )0x40010003L) 1804: #define DBG_TERMINATE_PROCESS ((DWORD )0x40010004L) 1805: #define DBG_CONTROL_C ((DWORD )0x40010005L) 1806: #define DBG_EXCEPTION_NOT_HANDLED ((DWORD )0x80010001L) 1.1.1.2 root 1807: // 1808: 1809: // 1810: // Registry Specific Access Rights. 1811: // 1812: 1813: #define KEY_QUERY_VALUE (0x0001) 1814: #define KEY_SET_VALUE (0x0002) 1815: #define KEY_CREATE_SUB_KEY (0x0004) 1816: #define KEY_ENUMERATE_SUB_KEYS (0x0008) 1817: #define KEY_NOTIFY (0x0010) 1818: #define KEY_CREATE_LINK (0x0020) 1819: 1820: #define KEY_READ ((STANDARD_RIGHTS_READ |\ 1821: KEY_QUERY_VALUE |\ 1822: KEY_ENUMERATE_SUB_KEYS |\ 1823: KEY_NOTIFY) \ 1824: & \ 1825: (~SYNCHRONIZE)) 1826: 1827: 1828: #define KEY_WRITE ((STANDARD_RIGHTS_WRITE |\ 1829: KEY_SET_VALUE |\ 1830: KEY_CREATE_SUB_KEY) \ 1831: & \ 1832: (~SYNCHRONIZE)) 1833: 1834: #define KEY_EXECUTE ((KEY_READ) \ 1835: & \ 1836: (~SYNCHRONIZE)) 1837: 1838: #define KEY_ALL_ACCESS ((STANDARD_RIGHTS_ALL |\ 1839: KEY_QUERY_VALUE |\ 1840: KEY_SET_VALUE |\ 1841: KEY_CREATE_SUB_KEY |\ 1842: KEY_ENUMERATE_SUB_KEYS |\ 1843: KEY_NOTIFY |\ 1844: KEY_CREATE_LINK) \ 1845: & \ 1846: (~SYNCHRONIZE)) 1847: 1848: 1849: 1850: // 1851: // Open/Create Options 1852: // 1853: 1854: #define REG_OPTION_RESERVED (0x00000000L) // Parameter is reserved 1855: 1856: #define REG_OPTION_NON_VOLATILE (0x00000000L) // Key is preserved 1857: // when system is rebooted 1858: 1859: #define REG_OPTION_VOLATILE (0x00000001L) // Key is not preserved 1860: // when system is rebooted 1861: 1862: #define REG_OPTION_CREATE_LINK (0x00000002L) // Created key is a 1863: // symbolic link 1864: 1865: // 1866: // Key creation/open disposition 1867: // 1868: 1869: #define REG_CREATED_NEW_KEY (0x00000001L) // New Registry Key created 1870: #define REG_OPENED_EXISTING_KEY (0x00000002L) // Existing Key opened 1871: 1872: // 1873: // Key restore flags 1874: // 1875: 1876: #define REG_WHOLE_HIVE_VOLATILE (0x00000001L) // Restore whole hive volatile 1877: 1878: // 1879: // Notify filter values 1880: // 1881: #define REG_NOTIFY_CHANGE_NAME (0x00000001L) // Create or delete (child) 1882: #define REG_NOTIFY_CHANGE_ATTRIBUTES (0x00000002L) 1883: #define REG_NOTIFY_CHANGE_LAST_SET (0x00000004L) // time stamp 1884: #define REG_NOTIFY_CHANGE_SECURITY (0x00000008L) 1885: 1886: #define REG_LEGAL_CHANGE_FILTER \ 1887: (REG_NOTIFY_CHANGE_NAME |\ 1888: REG_NOTIFY_CHANGE_ATTRIBUTES |\ 1889: REG_NOTIFY_CHANGE_LAST_SET |\ 1890: REG_NOTIFY_CHANGE_SECURITY) 1891: 1892: // 1893: // 1894: 1895: // 1896: // Predefined Value Types. 1897: // 1898: 1899: #define REG_NONE ( 0 ) // No value type 1900: #define REG_SZ ( 1 ) // Unicode nul terminated string 1901: #define REG_EXPAND_SZ ( 2 ) // Unicode nul terminated string 1902: // (with environment variable references) 1903: #define REG_BINARY ( 3 ) // Free form binary 1904: #define REG_DWORD ( 4 ) // 32-bit number 1905: #define REG_DWORD_LITTLE_ENDIAN ( 4 ) // 32-bit number (same as REG_DWORD) 1906: #define REG_DWORD_BIG_ENDIAN ( 5 ) // 32-bit number 1907: #define REG_LINK ( 6 ) // Symbolic Link (unicode) 1908: #define REG_MULTI_SZ ( 7 ) // Multiple Unicode strings 1909: #define REG_RESOURCE_LIST ( 8 ) // Resource list in the resource map 1910: #define REG_FULL_RESOURCE_DESCRIPTOR ( 9 ) // Resource list in the hardware description 1911: 1912: 1913: // 1914: // Service Types (Bit Mask) 1915: // 1916: #define SERVICE_KERNEL_DRIVER 0x00000001 1917: #define SERVICE_FILE_SYSTEM_DRIVER 0x00000002 1918: #define SERVICE_DRIVER (SERVICE_KERNEL_DRIVER | \ 1919: SERVICE_FILE_SYSTEM_DRIVER) 1920: 1921: #define SERVICE_ADAPTER 0x00000004 1922: 1923: #define SERVICE_WIN32_OWN_PROCESS 0x00000010 1924: #define SERVICE_WIN32_SHARE_PROCESS 0x00000020 1925: #define SERVICE_WIN32 (SERVICE_WIN32_OWN_PROCESS | \ 1926: SERVICE_WIN32_SHARE_PROCESS) 1927: 1928: #define SERVICE_TYPE_ALL (SERVICE_WIN32 | \ 1929: SERVICE_ADAPTER | \ 1930: SERVICE_DRIVER) 1931: 1932: // 1933: // Start Type 1934: // 1935: 1936: #define SERVICE_BOOT_START 0x00000000 1937: #define SERVICE_SYSTEM_START 0x00000001 1938: #define SERVICE_AUTO_START 0x00000002 1939: #define SERVICE_DEMAND_START 0x00000003 1940: #define SERVICE_DISABLED 0x00000004 1941: 1942: // 1943: // Error control type 1944: // 1945: 1946: #define SERVICE_ERROR_NORMAL 0x00000001 1947: #define SERVICE_ERROR_SEVERE 0x00000002 1948: #define SERVICE_ERROR_CRITICAL 0x00000003 1949: 1950: // 1951: // 1952: // Define the registry driver node enumerations 1953: // 1954: 1955: typedef enum _CM_SERVICE_NODE_TYPE { 1956: DriverType = SERVICE_KERNEL_DRIVER, 1957: FileSystemType = SERVICE_FILE_SYSTEM_DRIVER, 1958: Win32ServiceOwnProcess = SERVICE_WIN32_OWN_PROCESS, 1959: Win32ServiceShareProcess = SERVICE_WIN32_SHARE_PROCESS, 1960: AdapterType = SERVICE_ADAPTER 1961: } SERVICE_NODE_TYPE; 1962: 1963: typedef enum _CM_SERVICE_LOAD_TYPE { 1964: BootLoad = SERVICE_BOOT_START, 1965: SystemLoad = SERVICE_SYSTEM_START, 1966: AutoLoad = SERVICE_AUTO_START, 1967: DemandLoad = SERVICE_DEMAND_START, 1968: DisableLoad = SERVICE_DISABLED 1969: } SERVICE_LOAD_TYPE; 1970: 1971: typedef enum _CM_ERROR_CONTROL_TYPE { 1972: NormalError = SERVICE_ERROR_NORMAL, 1973: SevereError = SERVICE_ERROR_SEVERE, 1974: CriticalError = SERVICE_ERROR_CRITICAL 1975: } SERVICE_ERROR_TYPE; 1976: 1977: // 1978: 1979: // 1980: // IOCTL_TAPE_ERASE definitions 1981: // 1982: 1.1.1.3 ! root 1983: #define TAPE_ERASE_SHORT 0L ! 1984: #define TAPE_ERASE_SHORT_IMMED 1L ! 1985: #define TAPE_ERASE_LONG 2L ! 1986: #define TAPE_ERASE_LONG_IMMED 3L 1.1.1.2 root 1987: 1988: typedef struct _TAPE_ERASE { 1989: DWORD Type; 1990: } TAPE_ERASE, *PTAPE_ERASE; 1991: 1992: // 1993: // IOCTL_TAPE_PREPARE definitions 1994: // 1995: 1.1.1.3 ! root 1996: #define TAPE_LOAD 0L ! 1997: #define TAPE_LOAD_IMMED 1L ! 1998: #define TAPE_UNLOAD 2L ! 1999: #define TAPE_UNLOAD_IMMED 3L ! 2000: #define TAPE_TENSION 4L ! 2001: #define TAPE_TENSION_IMMED 5L ! 2002: #define TAPE_LOCK 6L ! 2003: #define TAPE_UNLOCK 7L 1.1.1.2 root 2004: 2005: typedef struct _TAPE_PREPARE { 2006: DWORD Operation; 2007: } TAPE_PREPARE, *PTAPE_PREPARE; 2008: 2009: // 2010: // IOCTL_TAPE_WRITE_MARKS definitions 2011: // 2012: 1.1.1.3 ! root 2013: #define TAPE_SETMARKS 0L ! 2014: #define TAPE_SETMARKS_IMMED 1L ! 2015: #define TAPE_FILEMARKS 2L ! 2016: #define TAPE_FILEMARKS_IMMED 3L ! 2017: #define TAPE_SHORT_FILEMARKS 4L ! 2018: #define TAPE_SHORT_FILEMARKS_IMMED 5L ! 2019: #define TAPE_LONG_FILEMARKS 6L ! 2020: #define TAPE_LONG_FILEMARKS_IMMED 7L 1.1.1.2 root 2021: 2022: typedef struct _TAPE_WRITE_MARKS { 2023: DWORD Type; 2024: DWORD Count; 2025: } TAPE_WRITE_MARKS, *PTAPE_WRITE_MARKS; 2026: 2027: // 1.1.1.3 ! root 2028: // IOCTL_TAPE_GET_POSITION definitions 1.1.1.2 root 2029: // 2030: 1.1.1.3 ! root 2031: #define TAPE_ABSOLUTE_POSITION 0L ! 2032: #define TAPE_LOGICAL_POSITION 1L 1.1.1.2 root 2033: 1.1.1.3 ! root 2034: typedef struct _TAPE_GET_POSITION { ! 2035: DWORD Type; ! 2036: DWORD Partition; ! 2037: DWORD OffsetLow; ! 2038: DWORD OffsetHigh; ! 2039: } TAPE_GET_POSITION, *PTAPE_GET_POSITION; ! 2040: ! 2041: // ! 2042: // IOCTL_TAPE_SET_POSITION definitions ! 2043: // ! 2044: ! 2045: #define TAPE_REWIND 0L ! 2046: #define TAPE_REWIND_IMMED 1L ! 2047: #define TAPE_ABSOLUTE_BLOCK 2L ! 2048: #define TAPE_ABSOLUTE_BLOCK_IMMED 3L ! 2049: #define TAPE_LOGICAL_BLOCK 4L ! 2050: #define TAPE_LOGICAL_BLOCK_IMMED 5L ! 2051: #define TAPE_SPACE_END_OF_DATA 6L ! 2052: #define TAPE_SPACE_RELATIVE_BLOCKS 7L ! 2053: #define TAPE_SPACE_FILEMARKS 8L ! 2054: #define TAPE_SPACE_SEQUENTIAL_FMKS 9L ! 2055: #define TAPE_SPACE_SETMARKS 10L ! 2056: #define TAPE_SPACE_SEQUENTIAL_SMKS 11L ! 2057: ! 2058: typedef struct _TAPE_SET_POSITION { 1.1.1.2 root 2059: DWORD Method; 2060: DWORD Partition; 1.1.1.3 ! root 2061: DWORD OffsetLow; ! 2062: DWORD OffsetHigh; ! 2063: } TAPE_SET_POSITION, *PTAPE_SET_POSITION; ! 2064: ! 2065: // ! 2066: // IOCTL_TAPE_GET_DRIVE_PARAMS definitions ! 2067: // 1.1.1.2 root 2068: 2069: // 1.1.1.3 ! root 2070: // Definitions for FeaturesLow parameter ! 2071: // ! 2072: ! 2073: #define TAPE_DRIVE_FIXED 0x00000001 ! 2074: #define TAPE_DRIVE_SELECT 0x00000002 ! 2075: #define TAPE_DRIVE_INITIATOR 0x00000004 ! 2076: ! 2077: #define TAPE_DRIVE_ERASE_SHORT 0x00000010 ! 2078: #define TAPE_DRIVE_ERASE_LONG 0x00000020 ! 2079: #define TAPE_DRIVE_ERASE_BOP_ONLY 0x00000040 ! 2080: ! 2081: #define TAPE_DRIVE_TAPE_CAPACITY 0x00000100 ! 2082: #define TAPE_DRIVE_TAPE_REMAINING 0x00000200 ! 2083: #define TAPE_DRIVE_FIXED_BLOCK 0x00000400 ! 2084: #define TAPE_DRIVE_VARIABLE_BLOCK 0x00000800 ! 2085: #define TAPE_DRIVE_WRITE_PROTECT 0x00001000 ! 2086: ! 2087: #define TAPE_DRIVE_ECC 0x00010000 ! 2088: #define TAPE_DRIVE_COMPRESSION 0x00020000 ! 2089: #define TAPE_DRIVE_PADDING 0x00040000 ! 2090: #define TAPE_DRIVE_REPORT_SMKS 0x00080000 ! 2091: ! 2092: #define TAPE_DRIVE_GET_ABSOLUTE_BLK 0x00100000 ! 2093: #define TAPE_DRIVE_GET_LOGICAL_BLK 0x00200000 ! 2094: ! 2095: // ! 2096: // Definitions for FeaturesHigh parameter ! 2097: // ! 2098: ! 2099: #define TAPE_DRIVE_LOAD_UNLOAD 0x00000001 ! 2100: #define TAPE_DRIVE_TENSION 0x00000002 ! 2101: #define TAPE_DRIVE_LOCK_UNLOCK 0x00000004 ! 2102: ! 2103: #define TAPE_DRIVE_SET_BLOCK_SIZE 0x00000010 ! 2104: ! 2105: #define TAPE_DRIVE_SET_ECC 0x00000100 ! 2106: #define TAPE_DRIVE_SET_COMPRESSION 0x00000200 ! 2107: #define TAPE_DRIVE_SET_PADDING 0x00000400 ! 2108: #define TAPE_DRIVE_SET_REPORT_SMKS 0x00000800 ! 2109: ! 2110: #define TAPE_DRIVE_ABSOLUTE_BLK 0x00001000 ! 2111: #define TAPE_DRIVE_ABS_BLK_IMMED 0x00002000 ! 2112: #define TAPE_DRIVE_LOGICAL_BLK 0x00004000 ! 2113: #define TAPE_DRIVE_LOG_BLK_IMMED 0x00008000 ! 2114: #define TAPE_DRIVE_END_OF_DATA 0x00010000 ! 2115: #define TAPE_DRIVE_RELATIVE_BLKS 0x00020000 ! 2116: #define TAPE_DRIVE_FILEMARKS 0x00040000 ! 2117: #define TAPE_DRIVE_SEQUENTIAL_FMKS 0x00080000 ! 2118: #define TAPE_DRIVE_SETMARKS 0x00100000 ! 2119: #define TAPE_DRIVE_SEQUENTIAL_SMKS 0x00200000 ! 2120: #define TAPE_DRIVE_REVERSE_POSITION 0x00400000 ! 2121: ! 2122: #define TAPE_DRIVE_WRITE_SETMARKS 0x01000000 ! 2123: #define TAPE_DRIVE_WRITE_FILEMARKS 0x02000000 ! 2124: #define TAPE_DRIVE_WRITE_SHORT_FMKS 0x04000000 ! 2125: #define TAPE_DRIVE_WRITE_LONG_FMKS 0x08000000 ! 2126: ! 2127: typedef struct _TAPE_GET_DRIVE_PARAMETERS { ! 2128: BOOLEAN ECC; ! 2129: BOOLEAN Compression; ! 2130: BOOLEAN DataPadding; ! 2131: BOOLEAN ReportSetmarks; ! 2132: DWORD DefaultBlockSize; ! 2133: DWORD MaximumBlockSize; ! 2134: DWORD MinimumBlockSize; ! 2135: DWORD MaximumPartitionCount; ! 2136: DWORD FeaturesLow; ! 2137: DWORD FeaturesHigh; ! 2138: } TAPE_GET_DRIVE_PARAMETERS, *PTAPE_GET_DRIVE_PARAMETERS; ! 2139: ! 2140: // ! 2141: // IOCTL_TAPE_SET_DRIVE_PARAMETERS definitions ! 2142: // ! 2143: ! 2144: typedef struct _TAPE_SET_DRIVE_PARAMETERS { ! 2145: BOOLEAN ECC; ! 2146: BOOLEAN Compression; ! 2147: BOOLEAN DataPadding; ! 2148: BOOLEAN ReportSetmarks; ! 2149: } TAPE_SET_DRIVE_PARAMETERS, *PTAPE_SET_DRIVE_PARAMETERS; ! 2150: ! 2151: // ! 2152: // IOCTL_TAPE_GET_MEDIA_PARAMETERS definitions 1.1.1.2 root 2153: // 2154: 2155: typedef struct _TAPE_GET_MEDIA_PARAMETERS { 1.1.1.3 ! root 2156: DWORD CapacityLow; ! 2157: DWORD CapacityHigh; ! 2158: DWORD RemainingLow; ! 2159: DWORD RemainingHigh; 1.1.1.2 root 2160: DWORD BlockSize; 1.1.1.3 ! root 2161: DWORD PartitionCount; 1.1.1.2 root 2162: BOOLEAN WriteProtected; 2163: } TAPE_GET_MEDIA_PARAMETERS, *PTAPE_GET_MEDIA_PARAMETERS; 2164: 2165: // 1.1.1.3 ! root 2166: // IOCTL_TAPE_SET_MEDIA_PARAMETERS definitions 1.1.1.2 root 2167: // 2168: 2169: typedef struct _TAPE_SET_MEDIA_PARAMETERS { 2170: DWORD BlockSize; 2171: } TAPE_SET_MEDIA_PARAMETERS, *PTAPE_SET_MEDIA_PARAMETERS; 2172: 1.1.1.3 ! root 2173: // ! 2174: // IOCTL_TAPE_CREATE_PARTITION definitions ! 2175: // ! 2176: ! 2177: #define TAPE_FIXED_PARTITIONS 0L ! 2178: #define TAPE_SELECT_PARTITIONS 1L ! 2179: #define TAPE_INITIATOR_PARTITIONS 2L ! 2180: ! 2181: typedef struct _TAPE_CREATE_PARTITION { ! 2182: DWORD Method; ! 2183: DWORD Count; ! 2184: DWORD Size; ! 2185: } TAPE_CREATE_PARTITION, *PTAPE_CREATE_PARTITION; ! 2186: ! 2187: 1.1.1.2 root 2188: 2189: // 1.1.1.3 ! root 2190: // Image Format 1.1.1.2 root 2191: // 2192: 1.1.1.3 ! root 2193: #ifndef RC_INVOKED ! 2194: #pragma pack (1) ! 2195: #endif // !RC_INVOKED ! 2196: ! 2197: #define IMAGE_DOS_SIGNATURE 0x5A4D // MZ ! 2198: #define IMAGE_OS2_SIGNATURE 0x454E // NE ! 2199: #define IMAGE_OS2_SIGNATURE_LE 0x454C // LE ! 2200: #define IMAGE_NT_SIGNATURE 0x00004550 // PE00 ! 2201: ! 2202: typedef struct _IMAGE_DOS_HEADER { // DOS .EXE header ! 2203: WORD e_magic; // Magic number ! 2204: WORD e_cblp; // Bytes on last page of file ! 2205: WORD e_cp; // Pages in file ! 2206: WORD e_crlc; // Relocations ! 2207: WORD e_cparhdr; // Size of header in paragraphs ! 2208: WORD e_minalloc; // Minimum extra paragraphs needed ! 2209: WORD e_maxalloc; // Maximum extra paragraphs needed ! 2210: WORD e_ss; // Initial (relative) SS value ! 2211: WORD e_sp; // Initial SP value ! 2212: WORD e_csum; // Checksum ! 2213: WORD e_ip; // Initial IP value ! 2214: WORD e_cs; // Initial (relative) CS value ! 2215: WORD e_lfarlc; // File address of relocation table ! 2216: WORD e_ovno; // Overlay number ! 2217: WORD e_res[4]; // Reserved words ! 2218: WORD e_oemid; // OEM identifier (for e_oeminfo) ! 2219: WORD e_oeminfo; // OEM information; e_oemid specific ! 2220: WORD e_res2[10]; // Reserved words ! 2221: LONG e_lfanew; // File address of new exe header ! 2222: } IMAGE_DOS_HEADER, *PIMAGE_DOS_HEADER; ! 2223: ! 2224: typedef struct _IMAGE_OS2_HEADER { // OS/2 .EXE header ! 2225: WORD ne_magic; // Magic number ! 2226: CHAR ne_ver; // Version number ! 2227: CHAR ne_rev; // Revision number ! 2228: WORD ne_enttab; // Offset of Entry Table ! 2229: WORD ne_cbenttab; // Number of bytes in Entry Table ! 2230: LONG ne_crc; // Checksum of whole file ! 2231: WORD ne_flags; // Flag word ! 2232: WORD ne_autodata; // Automatic data segment number ! 2233: WORD ne_heap; // Initial heap allocation ! 2234: WORD ne_stack; // Initial stack allocation ! 2235: LONG ne_csip; // Initial CS:IP setting ! 2236: LONG ne_sssp; // Initial SS:SP setting ! 2237: WORD ne_cseg; // Count of file segments ! 2238: WORD ne_cmod; // Entries in Module Reference Table ! 2239: WORD ne_cbnrestab; // Size of non-resident name table ! 2240: WORD ne_segtab; // Offset of Segment Table ! 2241: WORD ne_rsrctab; // Offset of Resource Table ! 2242: WORD ne_restab; // Offset of resident name table ! 2243: WORD ne_modtab; // Offset of Module Reference Table ! 2244: WORD ne_imptab; // Offset of Imported Names Table ! 2245: LONG ne_nrestab; // Offset of Non-resident Names Table ! 2246: WORD ne_cmovent; // Count of movable entries ! 2247: WORD ne_align; // Segment alignment shift count ! 2248: WORD ne_cres; // Count of resource segments ! 2249: BYTE ne_exetyp; // Target Operating system ! 2250: BYTE ne_flagsothers; // Other .EXE flags ! 2251: WORD ne_pretthunks; // offset to return thunks ! 2252: WORD ne_psegrefbytes; // offset to segment ref. bytes ! 2253: WORD ne_swaparea; // Minimum code swap area size ! 2254: WORD ne_expver; // Expected Windows version number ! 2255: } IMAGE_OS2_HEADER, *PIMAGE_OS2_HEADER; ! 2256: ! 2257: // ! 2258: // File header format. ! 2259: // ! 2260: ! 2261: typedef struct _IMAGE_FILE_HEADER { ! 2262: WORD Machine; ! 2263: WORD NumberOfSections; ! 2264: DWORD TimeDateStamp; ! 2265: DWORD PointerToSymbolTable; ! 2266: DWORD NumberOfSymbols; ! 2267: WORD SizeOfOptionalHeader; ! 2268: WORD Characteristics; ! 2269: } IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER; ! 2270: ! 2271: #define IMAGE_SIZEOF_FILE_HEADER 20 ! 2272: ! 2273: #define IMAGE_FILE_RELOCS_STRIPPED 0x0001 // Relocation info stripped from file. ! 2274: #define IMAGE_FILE_EXECUTABLE_IMAGE 0x0002 // File is executable (i.e. no unresolved externel references). ! 2275: #define IMAGE_FILE_LINE_NUMS_STRIPPED 0x0004 // Line nunbers stripped from file. ! 2276: #define IMAGE_FILE_LOCAL_SYMS_STRIPPED 0x0008 // Local symbols stripped from file. ! 2277: #define IMAGE_FILE_MINIMAL_OBJECT 0x0010 // Reserved. ! 2278: #define IMAGE_FILE_UPDATE_OBJECT 0x0020 // Reserved. ! 2279: #define IMAGE_FILE_16BIT_MACHINE 0x0040 // 16 bit word machine. ! 2280: #define IMAGE_FILE_BYTES_REVERSED_LO 0x0080 // Bytes of machine word are reversed. ! 2281: #define IMAGE_FILE_32BIT_MACHINE 0x0100 // 32 bit word machine. ! 2282: #define IMAGE_FILE_PATCH 0x0400 // Reserved. ! 2283: #define IMAGE_FILE_SYSTEM 0x1000 // System File. ! 2284: #define IMAGE_FILE_DLL 0x2000 // File is a DLL. ! 2285: #define IMAGE_FILE_BYTES_REVERSED_HI 0x8000 // Bytes of machine word are reversed. ! 2286: ! 2287: #define IMAGE_FILE_MACHINE_UNKNOWN 0 ! 2288: #define IMAGE_FILE_MACHINE_I860 0x14d // Intel 860. ! 2289: #define IMAGE_FILE_MACHINE_I386 0x14c // Intel 386. ! 2290: #define IMAGE_FILE_MACHINE_R3000 0x162 // MIPS little-endian, 0540 big-endian ! 2291: #define IMAGE_FILE_MACHINE_R4000 0x166 // MIPS little-endian ! 2292: ! 2293: // ! 2294: // Directory format. ! 2295: // ! 2296: ! 2297: typedef struct _IMAGE_DATA_DIRECTORY { ! 2298: DWORD VirtualAddress; ! 2299: DWORD Size; ! 2300: } IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY; ! 2301: ! 2302: #define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16 ! 2303: ! 2304: // ! 2305: // Optional header format. ! 2306: // ! 2307: ! 2308: typedef struct _IMAGE_OPTIONAL_HEADER { ! 2309: // ! 2310: // Standard fields. ! 2311: // ! 2312: ! 2313: WORD Magic; ! 2314: BYTE MajorLinkerVersion; ! 2315: BYTE MinorLinkerVersion; ! 2316: DWORD SizeOfCode; ! 2317: DWORD SizeOfInitializedData; ! 2318: DWORD SizeOfUninitializedData; ! 2319: DWORD AddressOfEntryPoint; ! 2320: DWORD BaseOfCode; ! 2321: DWORD BaseOfData; ! 2322: ! 2323: // ! 2324: // NT additional fields. ! 2325: // ! 2326: ! 2327: DWORD ImageBase; ! 2328: DWORD SectionAlignment; ! 2329: DWORD FileAlignment; ! 2330: WORD MajorOperatingSystemVersion; ! 2331: WORD MinorOperatingSystemVersion; ! 2332: WORD MajorImageVersion; ! 2333: WORD MinorImageVersion; ! 2334: WORD MajorSubsystemVersion; ! 2335: WORD MinorSubsystemVersion; ! 2336: DWORD Reserved1; ! 2337: DWORD SizeOfImage; ! 2338: DWORD SizeOfHeaders; ! 2339: DWORD CheckSum; ! 2340: WORD Subsystem; ! 2341: WORD DllCharacteristics; ! 2342: DWORD SizeOfStackReserve; ! 2343: DWORD SizeOfStackCommit; ! 2344: DWORD SizeOfHeapReserve; ! 2345: DWORD SizeOfHeapCommit; ! 2346: DWORD AddressOfTlsIndex; ! 2347: DWORD NumberOfRvaAndSizes; ! 2348: IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; ! 2349: } IMAGE_OPTIONAL_HEADER, *PIMAGE_OPTIONAL_HEADER; ! 2350: ! 2351: #define IMAGE_SIZEOF_STD_OPTIONAL_HEADER 28 ! 2352: #define IMAGE_SIZEOF_NT_OPTIONAL_HEADER 224 ! 2353: ! 2354: typedef struct _IMAGE_NT_HEADERS { ! 2355: DWORD Signature; ! 2356: IMAGE_FILE_HEADER FileHeader; ! 2357: IMAGE_OPTIONAL_HEADER OptionalHeader; ! 2358: } IMAGE_NT_HEADERS, *PIMAGE_NT_HEADERS; ! 2359: ! 2360: #define IMAGE_FIRST_SECTION( ntheader ) ((PIMAGE_SECTION_HEADER) \ ! 2361: ((DWORD)ntheader + \ ! 2362: FIELD_OFFSET( IMAGE_NT_HEADERS, OptionalHeader ) + \ ! 2363: ((PIMAGE_NT_HEADERS)(ntheader))->FileHeader.SizeOfOptionalHeader \ ! 2364: )) ! 2365: ! 2366: ! 2367: // Subsystem Values ! 2368: ! 2369: #define IMAGE_SUBSYSTEM_UNKNOWN 0 // Unknown subsystem. ! 2370: #define IMAGE_SUBSYSTEM_NATIVE 1 // Image doesn't require a subsystem. ! 2371: #define IMAGE_SUBSYSTEM_WINDOWS_GUI 2 // Image runs in the Windows GUI subsystem. ! 2372: #define IMAGE_SUBSYSTEM_WINDOWS_CUI 3 // Image runs in the Windows character subsystem. ! 2373: #define IMAGE_SUBSYSTEM_OS2_CUI 5 // image runs in the OS/2 character subsystem. ! 2374: #define IMAGE_SUBSYSTEM_POSIX_CUI 7 // image run in the Posix character subsystem. ! 2375: ! 2376: // Dll Characteristics ! 2377: ! 2378: #define IMAGE_LIBRARY_PROCESS_INIT 1 // Dll has a process initialization routine. ! 2379: #define IMAGE_LIBRARY_PROCESS_TERM 2 // Dll has a thread termination routine. ! 2380: #define IMAGE_LIBRARY_THREAD_INIT 4 // Dll has a thread initialization routine. ! 2381: #define IMAGE_LIBRARY_THREAD_TERM 8 // Dll has a thread termination routine. ! 2382: ! 2383: // Directory Entries ! 2384: ! 2385: #define IMAGE_DIRECTORY_ENTRY_EXPORT 0 // Export Directory ! 2386: #define IMAGE_DIRECTORY_ENTRY_IMPORT 1 // Import Directory ! 2387: #define IMAGE_DIRECTORY_ENTRY_RESOURCE 2 // Resource Directory ! 2388: #define IMAGE_DIRECTORY_ENTRY_EXCEPTION 3 // Exception Directory ! 2389: #define IMAGE_DIRECTORY_ENTRY_SECURITY 4 // Security Directory ! 2390: #define IMAGE_DIRECTORY_ENTRY_BASERELOC 5 // Base Relocation Table ! 2391: #define IMAGE_DIRECTORY_ENTRY_DEBUG 6 // Debug Directory ! 2392: #define IMAGE_DIRECTORY_ENTRY_COPYRIGHT 7 // Description String ! 2393: #define IMAGE_DIRECTORY_ENTRY_GLOBALPTR 8 // Machine Value (MIPS GP) ! 2394: #define IMAGE_DIRECTORY_ENTRY_THREAD_SPACE 9 // Thread Local Storage ! 2395: #define IMAGE_DIRECTORY_ENTRY_CALLBACKS 10 // Other interesting entrypoints ! 2396: ! 2397: // ! 2398: // Section header format. ! 2399: // ! 2400: ! 2401: #define IMAGE_SIZEOF_SHORT_NAME 8 ! 2402: ! 2403: typedef struct _IMAGE_SECTION_HEADER { ! 2404: BYTE Name[IMAGE_SIZEOF_SHORT_NAME]; ! 2405: union { ! 2406: DWORD PhysicalAddress; ! 2407: DWORD VirtualSize; ! 2408: } Misc; ! 2409: DWORD VirtualAddress; ! 2410: DWORD SizeOfRawData; ! 2411: DWORD PointerToRawData; ! 2412: DWORD PointerToRelocations; ! 2413: DWORD PointerToLinenumbers; ! 2414: WORD NumberOfRelocations; ! 2415: WORD NumberOfLinenumbers; ! 2416: DWORD Characteristics; ! 2417: } IMAGE_SECTION_HEADER, *PIMAGE_SECTION_HEADER; ! 2418: ! 2419: #define IMAGE_SIZEOF_SECTION_HEADER 40 ! 2420: ! 2421: #define IMAGE_SCN_TYPE_REGULAR 0x00000000 // ! 2422: #define IMAGE_SCN_TYPE_DUMMY 0x00000001 // Reserved. ! 2423: #define IMAGE_SCN_TYPE_NO_LOAD 0x00000002 // ! 2424: #define IMAGE_SCN_TYPE_GROUPED 0x00000004 // Used for 16-bit offset code. ! 2425: #define IMAGE_SCN_TYPE_NO_PAD 0x00000008 // Specifies if section should not be padded to next boundary. ! 2426: #define IMAGE_SCN_TYPE_COPY 0x00000010 // Reserved. ! 2427: #define IMAGE_SCN_CNT_CODE 0x00000020 // Section contains code. ! 2428: #define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040 // Section contains initialized data. ! 2429: #define IMAGE_SCN_CNT_UNINITIALIZED_DATA 0x00000080 // Section contains uninitialized data. ! 2430: #define IMAGE_SCN_LNK_OTHER 0x00000100 // Reserved. ! 2431: #define IMAGE_SCN_LNK_INFO 0x00000200 // Section contains comments or some other type of information. ! 2432: #define IMAGE_SCN_LNK_OVERLAY 0x00000400 // Section contains an overlay. ! 2433: #define IMAGE_SCN_LNK_REMOVE 0x00000800 // Section contents will not become part of image. ! 2434: #define IMAGE_SCN_LNK_COMDAT 0x00001000 // Section contents comdat. ! 2435: #define IMAGE_SCN_MEM_DISCARDABLE 0x02000000 // Section can be discarded. ! 2436: #define IMAGE_SCN_MEM_NOT_CACHED 0x04000000 // Section is not cachable. ! 2437: #define IMAGE_SCN_MEM_NOT_PAGED 0x08000000 // Section is not pageable. ! 2438: #define IMAGE_SCN_MEM_SHARED 0x10000000 // Section is shareable. ! 2439: #define IMAGE_SCN_MEM_EXECUTE 0x20000000 // Section is executable. ! 2440: #define IMAGE_SCN_MEM_READ 0x40000000 // Section is readable. ! 2441: #define IMAGE_SCN_MEM_WRITE 0x80000000 // Section is writeable. 1.1.1.2 root 2442: 2443: // 1.1.1.3 ! root 2444: // Symbol format. 1.1.1.2 root 2445: // 2446: 1.1.1.3 ! root 2447: typedef struct _IMAGE_SYMBOL { ! 2448: union { ! 2449: BYTE ShortName[8]; ! 2450: struct { ! 2451: DWORD Short; // if 0, use LongName ! 2452: DWORD Long; // offset into string table ! 2453: } Name; ! 2454: PBYTE LongName[2]; ! 2455: } N; ! 2456: DWORD Value; ! 2457: SHORT SectionNumber; ! 2458: WORD Type; ! 2459: BYTE StorageClass; ! 2460: BYTE NumberOfAuxSymbols; ! 2461: } IMAGE_SYMBOL; ! 2462: typedef IMAGE_SYMBOL UNALIGNED *PIMAGE_SYMBOL; ! 2463: ! 2464: #define IMAGE_SIZEOF_SYMBOL 18 ! 2465: ! 2466: // ! 2467: // Section values. ! 2468: // ! 2469: // Symbols have a section number of the section in which they are ! 2470: // defined. Otherwise, section numbers have the following meanings: ! 2471: // ! 2472: ! 2473: #define IMAGE_SYM_UNDEFINED (SHORT)0 // Symbol is undefined or is common. ! 2474: #define IMAGE_SYM_ABSOLUTE (SHORT)-1 // Symbol is an absolute value. ! 2475: #define IMAGE_SYM_DEBUG (SHORT)-2 // Symbol is a special debug item. ! 2476: ! 2477: // ! 2478: // Type (fundamental) values. ! 2479: // ! 2480: ! 2481: #define IMAGE_SYM_TYPE_NULL 0 // no type. ! 2482: #define IMAGE_SYM_TYPE_VOID 1 // ! 2483: #define IMAGE_SYM_TYPE_CHAR 2 // type character. ! 2484: #define IMAGE_SYM_TYPE_SHORT 3 // type short integer. ! 2485: #define IMAGE_SYM_TYPE_INT 4 // ! 2486: #define IMAGE_SYM_TYPE_LONG 5 // ! 2487: #define IMAGE_SYM_TYPE_FLOAT 6 // ! 2488: #define IMAGE_SYM_TYPE_DOUBLE 7 // ! 2489: #define IMAGE_SYM_TYPE_STRUCT 8 // ! 2490: #define IMAGE_SYM_TYPE_UNION 9 // ! 2491: #define IMAGE_SYM_TYPE_ENUM 10 // enumeration. ! 2492: #define IMAGE_SYM_TYPE_MOE 11 // member of enumeration. ! 2493: #define IMAGE_SYM_TYPE_BYTE 12 // ! 2494: #define IMAGE_SYM_TYPE_WORD 13 // ! 2495: #define IMAGE_SYM_TYPE_UINT 14 // ! 2496: #define IMAGE_SYM_TYPE_DWORD 15 // ! 2497: ! 2498: // ! 2499: // Type (derived) values. ! 2500: // ! 2501: ! 2502: #define IMAGE_SYM_DTYPE_NULL 0 // no derived type. ! 2503: #define IMAGE_SYM_DTYPE_POINTER 1 // pointer. ! 2504: #define IMAGE_SYM_DTYPE_FUNCTION 2 // function. ! 2505: #define IMAGE_SYM_DTYPE_ARRAY 3 // array. ! 2506: ! 2507: // ! 2508: // Storage classes. ! 2509: // ! 2510: ! 2511: #define IMAGE_SYM_CLASS_END_OF_FUNCTION (BYTE )-1 ! 2512: #define IMAGE_SYM_CLASS_NULL 0 ! 2513: #define IMAGE_SYM_CLASS_AUTOMATIC 1 ! 2514: #define IMAGE_SYM_CLASS_EXTERNAL 2 ! 2515: #define IMAGE_SYM_CLASS_STATIC 3 ! 2516: #define IMAGE_SYM_CLASS_REGISTER 4 ! 2517: #define IMAGE_SYM_CLASS_EXTERNAL_DEF 5 ! 2518: #define IMAGE_SYM_CLASS_LABEL 6 ! 2519: #define IMAGE_SYM_CLASS_UNDEFINED_LABEL 7 ! 2520: #define IMAGE_SYM_CLASS_MEMBER_OF_STRUCT 8 ! 2521: #define IMAGE_SYM_CLASS_ARGUMENT 9 ! 2522: #define IMAGE_SYM_CLASS_STRUCT_TAG 10 ! 2523: #define IMAGE_SYM_CLASS_MEMBER_OF_UNION 11 ! 2524: #define IMAGE_SYM_CLASS_UNION_TAG 12 ! 2525: #define IMAGE_SYM_CLASS_TYPE_DEFINITION 13 ! 2526: #define IMAGE_SYM_CLASS_UNDEFINED_STATIC 14 ! 2527: #define IMAGE_SYM_CLASS_ENUM_TAG 15 ! 2528: #define IMAGE_SYM_CLASS_MEMBER_OF_ENUM 16 ! 2529: #define IMAGE_SYM_CLASS_REGISTER_PARAM 17 ! 2530: #define IMAGE_SYM_CLASS_BIT_FIELD 18 ! 2531: #define IMAGE_SYM_CLASS_BLOCK 100 ! 2532: #define IMAGE_SYM_CLASS_FUNCTION 101 ! 2533: #define IMAGE_SYM_CLASS_END_OF_STRUCT 102 ! 2534: #define IMAGE_SYM_CLASS_FILE 103 ! 2535: // new ! 2536: #define IMAGE_SYM_CLASS_SECTION 104 ! 2537: #define IMAGE_SYM_CLASS_WEAK_EXTERNAL 105 ! 2538: ! 2539: // type packing constants ! 2540: ! 2541: #define N_BTMASK 017 ! 2542: #define N_TMASK 060 ! 2543: #define N_TMASK1 0300 ! 2544: #define N_TMASK2 0360 ! 2545: #define N_BTSHFT 4 ! 2546: #define N_TSHIFT 2 ! 2547: ! 2548: // MACROS ! 2549: ! 2550: // Basic Type of x ! 2551: #define BTYPE(x) ((x) & N_BTMASK) ! 2552: ! 2553: // Is x a pointer? ! 2554: #ifndef ISPTR ! 2555: #define ISPTR(x) (((x) & N_TMASK) == (IMAGE_SYM_DTYPE_POINTER << N_BTSHFT)) ! 2556: #endif 1.1.1.2 root 2557: 1.1.1.3 ! root 2558: // Is x a function? ! 2559: #ifndef ISFCN ! 2560: #define ISFCN(x) (((x) & N_TMASK) == (IMAGE_SYM_DTYPE_FUNCTION << N_BTSHFT)) ! 2561: #endif 1.1.1.2 root 2562: 1.1.1.3 ! root 2563: // Is x an array? 1.1.1.2 root 2564: 1.1.1.3 ! root 2565: #ifndef ISARY ! 2566: #define ISARY(x) (((x) & N_TMASK) == (IMAGE_SYM_DTYPE_ARRAY << N_BTSHFT)) ! 2567: #endif ! 2568: ! 2569: // Is x a structure, union, or enumeration TAG? ! 2570: #ifndef ISTAG ! 2571: #define ISTAG(x) ((x)==IMAGE_SYM_CLASS_STRUCT_TAG || (x)==IMAGE_SYM_CLASS_UNION_TAG || (x)==IMAGE_SYM_CLASS_ENUM_TAG) ! 2572: #endif ! 2573: ! 2574: #ifndef INCREF ! 2575: #define INCREF(x) ((((x)&~N_BTMASK)<<N_TSHIFT)|(IMAGE_SYM_DTYPE_POINTER<<N_BTSHFT)|(x&N_BTMASK)) ! 2576: #endif ! 2577: #ifndef DECREF ! 2578: #define DECREF(x) ((((x)>>N_TSHIFT)&~N_BTMASK)|((x)&N_BTMASK)) ! 2579: #endif 1.1.1.2 root 2580: 2581: // 1.1.1.3 ! root 2582: // Auxiliary entry format. 1.1.1.2 root 2583: // 2584: 1.1.1.3 ! root 2585: typedef union _IMAGE_AUX_SYMBOL { ! 2586: struct { ! 2587: DWORD TagIndex; // struct, union, or enum tag index ! 2588: union { ! 2589: struct { ! 2590: WORD Linenumber; // declaration line number ! 2591: WORD Size; // size of struct, union, or enum ! 2592: } LnSz; ! 2593: DWORD TotalSize; ! 2594: } Misc; ! 2595: union { ! 2596: struct { // if ISFCN, tag, or .bb ! 2597: DWORD PointerToLinenumber; ! 2598: DWORD PointerToNextFunction; ! 2599: } Function; ! 2600: struct { // if ISARY, up to 4 dimen. ! 2601: WORD Dimension[4]; ! 2602: } Array; ! 2603: } FcnAry; ! 2604: WORD TvIndex; // tv index ! 2605: } Sym; ! 2606: struct { ! 2607: BYTE Name[IMAGE_SIZEOF_SYMBOL]; ! 2608: } File; ! 2609: struct { ! 2610: DWORD Length; // section length ! 2611: WORD NumberOfRelocations; // number of relocation entries ! 2612: WORD NumberOfLinenumbers; // number of line numbers ! 2613: DWORD CheckSum; // checksum for communal ! 2614: SHORT Number; // section number to associate with ! 2615: BYTE Selection; // communal selection type ! 2616: } Section; ! 2617: } IMAGE_AUX_SYMBOL; ! 2618: typedef IMAGE_AUX_SYMBOL UNALIGNED *PIMAGE_AUX_SYMBOL; ! 2619: ! 2620: #define IMAGE_SIZEOF_AUX_SYMBOL 18 1.1.1.2 root 2621: 2622: // 1.1.1.3 ! root 2623: // Communal selection types. 1.1.1.2 root 2624: // 2625: 1.1.1.3 ! root 2626: #define IMAGE_COMDAT_SELECT_UNKNOWN 0 ! 2627: #define IMAGE_COMDAT_SELECT_NODUPLICATES 1 ! 2628: #define IMAGE_COMDAT_SELECT_ANY 2 ! 2629: #define IMAGE_COMDAT_SELECT_SAME_SIZE 3 ! 2630: #define IMAGE_COMDAT_SELECT_EXACT_MATCH 4 ! 2631: #define IMAGE_COMDAT_SELECT_ASSOCIATIVE 5 1.1.1.2 root 2632: 1.1.1.3 ! root 2633: #define IMAGE_WEAK_EXTERN_SEARCH_UNKNOWN 0 ! 2634: #define IMAGE_WEAK_EXTERN_SEARCH_NOLIBRARY 1 ! 2635: #define IMAGE_WEAK_EXTERN_SEARCH_LIBRARY 2 ! 2636: ! 2637: ! 2638: // ! 2639: // Relocation format. ! 2640: // ! 2641: ! 2642: typedef struct _IMAGE_RELOCATION { ! 2643: DWORD VirtualAddress; ! 2644: DWORD SymbolTableIndex; ! 2645: WORD Type; ! 2646: } IMAGE_RELOCATION; ! 2647: typedef IMAGE_RELOCATION UNALIGNED *PIMAGE_RELOCATION; ! 2648: ! 2649: #define IMAGE_SIZEOF_RELOCATION 10 ! 2650: ! 2651: // ! 2652: // I860 relocation types. ! 2653: // ! 2654: ! 2655: #define IMAGE_REL_I860_ABSOLUTE 0 // Reference is absolute, no relocation is necessary ! 2656: #define IMAGE_REL_I860_DIR32 06 // Direct 32-bit reference to the symbols virtual address ! 2657: #define IMAGE_REL_I860_DIR32NB 07 ! 2658: #define IMAGE_REL_I860_SECTION 012 ! 2659: #define IMAGE_REL_I860_SECREL 013 ! 2660: #define IMAGE_REL_I860_PAIR 034 ! 2661: #define IMAGE_REL_I860_HIGH 036 ! 2662: #define IMAGE_REL_I860_LOW0 037 ! 2663: #define IMAGE_REL_I860_LOW1 040 ! 2664: #define IMAGE_REL_I860_LOW2 041 ! 2665: #define IMAGE_REL_I860_LOW3 042 ! 2666: #define IMAGE_REL_I860_LOW4 043 ! 2667: #define IMAGE_REL_I860_SPLIT0 044 ! 2668: #define IMAGE_REL_I860_SPLIT1 045 ! 2669: #define IMAGE_REL_I860_SPLIT2 046 ! 2670: #define IMAGE_REL_I860_HIGHADJ 047 ! 2671: #define IMAGE_REL_I860_BRADDR 050 ! 2672: ! 2673: // ! 2674: // I386 relocation types. ! 2675: // ! 2676: ! 2677: #define IMAGE_REL_I386_ABSOLUTE 0 // Reference is absolute, no relocation is necessary ! 2678: #define IMAGE_REL_I386_DIR16 01 // Direct 16-bit reference to the symbols virtual address ! 2679: #define IMAGE_REL_I386_REL16 02 // PC-relative 16-bit reference to the symbols virtual address ! 2680: #define IMAGE_REL_I386_DIR32 06 // Direct 32-bit reference to the symbols virtual address ! 2681: #define IMAGE_REL_I386_DIR32NB 07 // Direct 32-bit reference to the symbols virtual address, base not included ! 2682: #define IMAGE_REL_I386_SEG12 011 // Direct 16-bit reference to the segment-selector bits of a 32-bit virtual address ! 2683: #define IMAGE_REL_I386_SECTION 012 ! 2684: #define IMAGE_REL_I386_SECREL 013 ! 2685: #define IMAGE_REL_I386_REL32 024 // PC-relative 32-bit reference to the symbols virtual address ! 2686: ! 2687: // ! 2688: // MIPS relocation types. ! 2689: // ! 2690: ! 2691: #define IMAGE_REL_MIPS_ABSOLUTE 0 // Reference is absolute, no relocation is necessary ! 2692: #define IMAGE_REL_MIPS_REFHALF 01 ! 2693: #define IMAGE_REL_MIPS_REFWORD 02 ! 2694: #define IMAGE_REL_MIPS_JMPADDR 03 ! 2695: #define IMAGE_REL_MIPS_REFHI 04 ! 2696: #define IMAGE_REL_MIPS_REFLO 05 ! 2697: #define IMAGE_REL_MIPS_GPREL 06 ! 2698: #define IMAGE_REL_MIPS_LITERAL 07 ! 2699: #define IMAGE_REL_MIPS_SECTION 012 ! 2700: #define IMAGE_REL_MIPS_SECREL 013 ! 2701: #define IMAGE_REL_MIPS_REFWORDNB 042 ! 2702: #define IMAGE_REL_MIPS_PAIR 045 ! 2703: ! 2704: // ! 2705: // Based relocation format. ! 2706: // ! 2707: ! 2708: typedef struct _IMAGE_BASE_RELOCATION { ! 2709: DWORD VirtualAddress; ! 2710: DWORD SizeOfBlock; ! 2711: // WORD TypeOffset[1]; ! 2712: } IMAGE_BASE_RELOCATION, *PIMAGE_BASE_RELOCATION; ! 2713: ! 2714: #define IMAGE_SIZEOF_BASE_RELOCATION 8 ! 2715: ! 2716: // ! 2717: // Based relocation types. ! 2718: // ! 2719: ! 2720: #define IMAGE_REL_BASED_ABSOLUTE 0 ! 2721: #define IMAGE_REL_BASED_HIGH 1 ! 2722: #define IMAGE_REL_BASED_LOW 2 ! 2723: #define IMAGE_REL_BASED_HIGHLOW 3 ! 2724: #define IMAGE_REL_BASED_HIGHADJ 4 ! 2725: #define IMAGE_REL_BASED_MIPS_JMPADDR 5 ! 2726: #define IMAGE_REL_BASED_I860_BRADDR 6 ! 2727: #define IMAGE_REL_BASED_I860_SPLIT 7 ! 2728: ! 2729: // ! 2730: // Line number format. ! 2731: // ! 2732: ! 2733: typedef struct _IMAGE_LINENUMBER { ! 2734: union { ! 2735: DWORD SymbolTableIndex; // Symbol table index of function name if Linenumber is 0. ! 2736: DWORD VirtualAddress; // Virtual address of line number. ! 2737: } Type; ! 2738: WORD Linenumber; // Line number. ! 2739: } IMAGE_LINENUMBER; ! 2740: typedef IMAGE_LINENUMBER UNALIGNED *PIMAGE_LINENUMBER; ! 2741: ! 2742: #define IMAGE_SIZEOF_LINENUMBER 6 ! 2743: ! 2744: // ! 2745: // Archive format. ! 2746: // ! 2747: ! 2748: #define IMAGE_ARCHIVE_START_SIZE 8 ! 2749: #define IMAGE_ARCHIVE_START "!<arch>\n" ! 2750: #define IMAGE_ARCHIVE_END "`\n" ! 2751: #define IMAGE_ARCHIVE_PAD "\n" ! 2752: #define IMAGE_ARCHIVE_LINKER_MEMBER "/ " ! 2753: #define IMAGE_ARCHIVE_LONGNAMES_MEMBER "// " ! 2754: ! 2755: typedef struct _IMAGE_ARCHIVE_MEMBER_HEADER { ! 2756: BYTE Name[16]; // File member name - `/' terminated. ! 2757: BYTE Date[12]; // File member date - decimal. ! 2758: BYTE UserID[6]; // File member user id - decimal. ! 2759: BYTE GroupID[6]; // File member group id - decimal. ! 2760: BYTE Mode[8]; // File member mode - octal. ! 2761: BYTE Size[10]; // File member size - decimal. ! 2762: BYTE EndHeader[2]; // String to end header. ! 2763: } IMAGE_ARCHIVE_MEMBER_HEADER, *PIMAGE_ARCHIVE_MEMBER_HEADER; ! 2764: ! 2765: #define IMAGE_SIZEOF_ARCHIVE_MEMBER_HDR 60 ! 2766: ! 2767: // ! 2768: // DLL support. ! 2769: // ! 2770: ! 2771: // ! 2772: // Export Format ! 2773: // ! 2774: ! 2775: typedef struct _IMAGE_EXPORT_DIRECTORY { ! 2776: DWORD Characteristics; ! 2777: DWORD TimeDateStamp; ! 2778: WORD MajorVersion; ! 2779: WORD MinorVersion; ! 2780: DWORD Name; ! 2781: DWORD Base; ! 2782: DWORD NumberOfFunctions; ! 2783: DWORD NumberOfNames; ! 2784: PDWORD *AddressOfFunctions; ! 2785: PDWORD *AddressOfNames; ! 2786: PWORD *AddressOfNameOrdinals; ! 2787: } IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY; ! 2788: ! 2789: // ! 2790: // Import Format ! 2791: // ! 2792: ! 2793: typedef struct _IMAGE_IMPORT_BY_NAME { ! 2794: WORD Hint; ! 2795: BYTE Name[1]; ! 2796: } IMAGE_IMPORT_BY_NAME, *PIMAGE_IMPORT_BY_NAME; ! 2797: ! 2798: typedef struct _IMAGE_THUNK_DATA { ! 2799: union { ! 2800: PDWORD Function; ! 2801: DWORD Ordinal; ! 2802: PIMAGE_IMPORT_BY_NAME AddressOfData; ! 2803: } u1; ! 2804: } IMAGE_THUNK_DATA, *PIMAGE_THUNK_DATA; ! 2805: ! 2806: #define IMAGE_ORDINAL_FLAG 0x80000000 ! 2807: #define IMAGE_SNAP_BY_ORDINAL(Ordinal) ((Ordinal & IMAGE_ORDINAL_FLAG) != 0) ! 2808: #define IMAGE_ORDINAL(Ordinal) (Ordinal & 0xffff) ! 2809: ! 2810: typedef struct _IMAGE_IMPORT_DESCRIPTOR { ! 2811: DWORD Characteristics; ! 2812: DWORD TimeDateStamp; ! 2813: WORD MajorVersion; ! 2814: WORD MinorVersion; ! 2815: DWORD Name; ! 2816: PIMAGE_THUNK_DATA FirstThunk; ! 2817: } IMAGE_IMPORT_DESCRIPTOR, *PIMAGE_IMPORT_DESCRIPTOR; ! 2818: ! 2819: // ! 2820: // Resource Format. ! 2821: // ! 2822: ! 2823: // ! 2824: // Resource directory consists of two counts, following by a variable length ! 2825: // array of directory entries. The first count is the number of entries at ! 2826: // beginning of the array that have actual names associated with each entry. ! 2827: // The entries are in ascending order, case insensitive strings. The second ! 2828: // count is the number of entries that immediately follow the named entries. ! 2829: // This second count identifies the number of entries that have 31-bit integer ! 2830: // Ids as their name. These entries are also sorted in ascending order. ! 2831: // ! 2832: // This structure allows fast lookup by either name or number, but for any ! 2833: // given resource entry only one form of lookup is supported, not both. ! 2834: // This is consistant with the syntax of the .RC file and the .RES file. ! 2835: // ! 2836: ! 2837: typedef struct _IMAGE_RESOURCE_DIRECTORY { ! 2838: DWORD Characteristics; ! 2839: DWORD TimeDateStamp; ! 2840: WORD MajorVersion; ! 2841: WORD MinorVersion; ! 2842: WORD NumberOfNamedEntries; ! 2843: WORD NumberOfIdEntries; ! 2844: // IMAGE_RESOURCE_DIRECTORY_ENTRY DirectoryEntries[]; ! 2845: } IMAGE_RESOURCE_DIRECTORY, *PIMAGE_RESOURCE_DIRECTORY; ! 2846: ! 2847: #define IMAGE_RESOURCE_NAME_IS_STRING 0x80000000 ! 2848: #define IMAGE_RESOURCE_DATA_IS_DIRECTORY 0x80000000 ! 2849: ! 2850: // ! 2851: // Each directory contains the 32-bit Name of the entry and an offset, ! 2852: // relative to the beginning of the resource directory of the data associated ! 2853: // with this directory entry. If the name of the entry is an actual text ! 2854: // string instead of an integer Id, then the high order bit of the name field ! 2855: // is set to one and the low order 31-bits are an offset, relative to the ! 2856: // beginning of the resource directory of the string, which is of type ! 2857: // IMAGE_RESOURCE_DIRECTORY_STRING. Otherwise the high bit is clear and the ! 2858: // low-order 31-bits are the integer Id that identify this resource directory ! 2859: // entry. If the directory entry is yet another resource directory (i.e. a ! 2860: // subdirectory), then the high order bit of the offset field will be ! 2861: // set to indicate this. Otherwise the high bit is clear and the offset ! 2862: // field points to a resource data entry. ! 2863: // ! 2864: ! 2865: typedef struct _IMAGE_RESOURCE_DIRECTORY_ENTRY { ! 2866: DWORD Name; ! 2867: DWORD OffsetToData; ! 2868: } IMAGE_RESOURCE_DIRECTORY_ENTRY, *PIMAGE_RESOURCE_DIRECTORY_ENTRY; ! 2869: ! 2870: // ! 2871: // For resource directory entries that have actual string names, the Name ! 2872: // field of the directory entry points to an object of the following type. ! 2873: // All of these string objects are stored together after the last resource ! 2874: // directory entry and before the first resource data object. This minimizes ! 2875: // the impact of these variable length objects on the alignment of the fixed ! 2876: // size directory entry objects. ! 2877: // ! 2878: ! 2879: typedef struct _IMAGE_RESOURCE_DIRECTORY_STRING { ! 2880: WORD Length; ! 2881: CHAR NameString[ 1 ]; ! 2882: } IMAGE_RESOURCE_DIRECTORY_STRING, *PIMAGE_RESOURCE_DIRECTORY_STRING; ! 2883: ! 2884: ! 2885: typedef struct _IMAGE_RESOURCE_DIR_STRING_U { ! 2886: WORD Length; ! 2887: WCHAR NameString[ 1 ]; ! 2888: } IMAGE_RESOURCE_DIR_STRING_U, *PIMAGE_RESOURCE_DIR_STRING_U; ! 2889: ! 2890: ! 2891: // ! 2892: // Each resource data entry describes a leaf node in the resource directory ! 2893: // tree. It contains an offset, relative to the beginning of the resource ! 2894: // directory of the data for the resource, a size field that gives the number ! 2895: // of bytes of data at that offset, a CodePage that should be used when ! 2896: // decoding code point values within the resource data. Typically for new ! 2897: // applications the code page would be the unicode code page. ! 2898: // ! 2899: ! 2900: typedef struct _IMAGE_RESOURCE_DATA_ENTRY { ! 2901: DWORD OffsetToData; ! 2902: DWORD Size; ! 2903: DWORD CodePage; ! 2904: DWORD Reserved; ! 2905: } IMAGE_RESOURCE_DATA_ENTRY, *PIMAGE_RESOURCE_DATA_ENTRY; ! 2906: ! 2907: // ! 2908: // Debug Format ! 2909: // ! 2910: ! 2911: typedef struct _IMAGE_DEBUG_DIRECTORY { ! 2912: DWORD Characteristics; ! 2913: DWORD TimeDateStamp; ! 2914: WORD MajorVersion; ! 2915: WORD MinorVersion; ! 2916: DWORD Type; ! 2917: DWORD SizeOfData; ! 2918: DWORD AddressOfRawData; ! 2919: DWORD PointerToRawData; ! 2920: } IMAGE_DEBUG_DIRECTORY, *PIMAGE_DEBUG_DIRECTORY; ! 2921: ! 2922: #define IMAGE_DEBUG_TYPE_UNKNOWN 0 ! 2923: #define IMAGE_DEBUG_TYPE_COFF 1 ! 2924: #define IMAGE_DEBUG_TYPE_CODEVIEW 2 ! 2925: ! 2926: typedef struct _IMAGE_DEBUG_INFO { ! 2927: DWORD NumberOfSymbols; ! 2928: DWORD LvaToFirstSymbol; ! 2929: DWORD NumberOfLinenumbers; ! 2930: DWORD LvaToFirstLinenumber; ! 2931: DWORD RvaToFirstByteOfCode; ! 2932: DWORD RvaToLastByteOfCode; ! 2933: DWORD RvaToFirstByteOfData; ! 2934: DWORD RvaToLastByteOfData; ! 2935: } IMAGE_DEBUG_INFO, *PIMAGE_DEBUG_INFO; ! 2936: ! 2937: #ifndef RC_INVOKED ! 2938: #pragma pack () ! 2939: #endif // !RC_INVOKED ! 2940: ! 2941: // ! 2942: // End Image Format ! 2943: // 1.1.1.2 root 2944: 2945: 2946: #endif // _WINNT_ 1.1 root 2947:
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.