summaryrefslogtreecommitdiffstats
path: root/vendor/ntapi/src/ntrtl.rs
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/ntapi/src/ntrtl.rs')
-rw-r--r--vendor/ntapi/src/ntrtl.rs4373
1 files changed, 0 insertions, 4373 deletions
diff --git a/vendor/ntapi/src/ntrtl.rs b/vendor/ntapi/src/ntrtl.rs
deleted file mode 100644
index abbc3862a..000000000
--- a/vendor/ntapi/src/ntrtl.rs
+++ /dev/null
@@ -1,4373 +0,0 @@
-use core::ptr::null_mut;
-use crate::ntapi_base::{CLIENT_ID, PCLIENT_ID};
-use crate::ntexapi::{RTL_PROCESS_BACKTRACES, RTL_PROCESS_LOCKS};
-use crate::ntioapi::FILE_INFORMATION_CLASS;
-use crate::ntldr::{RTL_PROCESS_MODULES, RTL_PROCESS_MODULE_INFORMATION_EX};
-use crate::ntmmapi::SECTION_IMAGE_INFORMATION;
-use crate::ntnls::{PCPTABLEINFO, PNLSTABLEINFO};
-use crate::ntpebteb::{PPEB, PTEB_ACTIVE_FRAME};
-use crate::ntpsapi::{PINITIAL_TEB, PPS_APC_ROUTINE, PS_PROTECTION};
-use crate::ntapi_base::{PRTL_ATOM, RTL_ATOM};
-use crate::string::UTF16Const;
-use winapi::ctypes::c_void;
-use winapi::shared::basetsd::{PULONG64, ULONG32, ULONG64, PSIZE_T, PULONG_PTR, SIZE_T, ULONG_PTR};
-use winapi::shared::guiddef::GUID;
-use winapi::shared::in6addr::in6_addr;
-use winapi::shared::inaddr::in_addr;
-use winapi::shared::minwindef::{BOOL, DWORD, PBOOL};
-#[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))]
-use winapi::shared::ntdef::{LARGE_INTEGER, RTL_BALANCED_NODE};
-use winapi::shared::ntdef::{
- BOOLEAN, CCHAR, CHAR, CLONG, CSHORT, HANDLE, LCID, LIST_ENTRY, LOGICAL, LONG, LUID, NTSTATUS,
- PANSI_STRING, PBOOLEAN, PCANSI_STRING, PCCH, PCH, PCHAR, PCOEM_STRING, PCSZ, PCUNICODE_STRING,
- PCWCH, PCWSTR, PHANDLE, PLARGE_INTEGER, PLCID, PLIST_ENTRY, PLONG, PLUID, PNT_PRODUCT_TYPE,
- POEM_STRING, PPROCESSOR_NUMBER, PRTL_BALANCED_NODE, PSINGLE_LIST_ENTRY, PSTR, PSTRING, PUCHAR,
- PULONG, PULONGLONG, PUNICODE_STRING, PUSHORT, PVOID, PWCH, PWCHAR, PWSTR, SINGLE_LIST_ENTRY,
- STRING, UCHAR, ULONG, ULONGLONG, UNICODE_STRING, USHORT, VOID, WCHAR,
-};
-use winapi::um::minwinbase::PTHREAD_START_ROUTINE;
-#[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))]
-use winapi::um::winnt::{PGET_RUNTIME_FUNCTION_CALLBACK, PRUNTIME_FUNCTION, PWOW64_CONTEXT};
-use winapi::um::winnt::{
- ACCESS_MASK, ACL_INFORMATION_CLASS, APC_CALLBACK_FUNCTION, HEAP_INFORMATION_CLASS,
- HEAP_REALLOC_IN_PLACE_ONLY, HEAP_ZERO_MEMORY, OS_DEPLOYEMENT_STATE_VALUES, PACCESS_MASK, PACL,
- PCONTEXT, PEXCEPTION_POINTERS, PEXCEPTION_RECORD, PFLS_CALLBACK_FUNCTION, PGENERIC_MAPPING,
- PIMAGE_NT_HEADERS, PIMAGE_SECTION_HEADER, PLUID_AND_ATTRIBUTES, PMESSAGE_RESOURCE_ENTRY,
- PPERFORMANCE_DATA, PRTL_BARRIER, PRTL_CONDITION_VARIABLE, PRTL_CRITICAL_SECTION,
- PRTL_OSVERSIONINFOEXW, PRTL_OSVERSIONINFOW, PRTL_RESOURCE_DEBUG, PRTL_SRWLOCK,
- PSECURITY_DESCRIPTOR, PSECURITY_DESCRIPTOR_CONTROL, PSID, PSID_AND_ATTRIBUTES,
- PSID_AND_ATTRIBUTES_HASH, PSID_IDENTIFIER_AUTHORITY, PVECTORED_EXCEPTION_HANDLER,
- PXSAVE_AREA_HEADER, RTL_CRITICAL_SECTION, RTL_SRWLOCK, SECURITY_DESCRIPTOR_CONTROL,
- SECURITY_IMPERSONATION_LEVEL, SECURITY_INFORMATION, WAITORTIMERCALLBACKFUNC,
- WORKERCALLBACKFUNC,
-};
-use winapi::vc::vadefs::va_list;
-#[inline]
-pub fn InitializeListHead(ListHead: &mut LIST_ENTRY) {
- ListHead.Flink = ListHead;
- ListHead.Blink = ListHead;
-}
-#[inline]
-pub fn IsListEmpty(ListHead: &LIST_ENTRY) -> bool {
- ListHead.Flink as *const _ == ListHead as *const _
-}
-#[inline]
-pub unsafe fn RemoveEntryList(Entry: &mut LIST_ENTRY) -> bool {
- let (Blink, Flink) = (Entry.Blink, Entry.Flink);
- (*Blink).Flink = Flink;
- (*Flink).Blink = Blink;
- Flink == Blink
-}
-#[inline]
-pub unsafe fn RemoveHeadList(ListHead: &mut LIST_ENTRY) -> PLIST_ENTRY {
- let Entry = ListHead.Flink;
- let Flink = (*Entry).Flink;
- ListHead.Flink = Flink;
- (*Flink).Blink = ListHead;
- Entry
-}
-#[inline]
-pub unsafe fn RemoveTailList(ListHead: &mut LIST_ENTRY) -> PLIST_ENTRY {
- let Entry = ListHead.Blink;
- let Blink = (*Entry).Blink;
- ListHead.Blink = Blink;
- (*Blink).Flink = ListHead;
- Entry
-}
-#[inline]
-pub unsafe fn InsertTailList(ListHead: &mut LIST_ENTRY, Entry: &mut LIST_ENTRY) {
- let Blink = ListHead.Blink;
- Entry.Flink = ListHead;
- Entry.Blink = Blink;
- (*Blink).Flink = Entry;
- ListHead.Blink = Entry;
-}
-#[inline]
-pub unsafe fn InsertHeadList(ListHead: &mut LIST_ENTRY, Entry: &mut LIST_ENTRY) {
- let Flink = ListHead.Flink;
- Entry.Flink = Flink;
- Entry.Blink = ListHead;
- (*Flink).Blink = Entry;
- ListHead.Flink = Entry;
-}
-#[inline]
-pub unsafe fn AppendTailList(ListHead: &mut LIST_ENTRY, ListToAppend: &mut LIST_ENTRY) {
- let ListEnd = ListHead.Blink;
- (*ListHead.Blink).Flink = ListToAppend;
- ListHead.Blink = ListToAppend.Blink;
- (*ListToAppend.Blink).Flink = ListHead;
- ListToAppend.Blink = ListEnd;
-}
-#[inline]
-pub unsafe fn PopEntryList(ListHead: &mut SINGLE_LIST_ENTRY) -> PSINGLE_LIST_ENTRY {
- let FirstEntry = ListHead.Next;
- if !FirstEntry.is_null() {
- ListHead.Next = (*FirstEntry).Next;
- }
- FirstEntry
-}
-#[inline]
-pub fn PushEntryList(ListHead: &mut SINGLE_LIST_ENTRY, Entry: &mut SINGLE_LIST_ENTRY) {
- Entry.Next = ListHead.Next;
- ListHead.Next = Entry;
-}
-ENUM!{enum TABLE_SEARCH_RESULT {
- TableEmptyTree = 0,
- TableFoundNode = 1,
- TableInsertAsLeft = 2,
- TableInsertAsRight = 3,
-}}
-ENUM!{enum RTL_GENERIC_COMPARE_RESULTS {
- GenericLessThan = 0,
- GenericGreaterThan = 1,
- GenericEqual = 2,
-}}
-FN!{stdcall PRTL_AVL_COMPARE_ROUTINE(
- Table: *mut RTL_AVL_TABLE,
- FirstStruct: PVOID,
- SecondStruct: PVOID,
-) -> RTL_GENERIC_COMPARE_RESULTS}
-FN!{stdcall PRTL_AVL_ALLOCATE_ROUTINE(
- Table: *mut RTL_AVL_TABLE,
- ByteSize: CLONG,
-) -> PVOID}
-FN!{stdcall PRTL_AVL_FREE_ROUTINE(
- Table: *mut RTL_AVL_TABLE,
- Buffer: PVOID,
-) -> ()}
-FN!{stdcall PRTL_AVL_MATCH_FUNCTION(
- Table: *mut RTL_AVL_TABLE,
- UserData: PVOID,
- MatchData: PVOID,
-) -> NTSTATUS}
-STRUCT!{struct RTL_BALANCED_LINKS {
- Parent: *mut RTL_BALANCED_LINKS,
- LeftChild: *mut RTL_BALANCED_LINKS,
- RightChild: *mut RTL_BALANCED_LINKS,
- Balance: CHAR,
- Reserved: [UCHAR; 3],
-}}
-pub type PRTL_BALANCED_LINKS = *mut RTL_BALANCED_LINKS;
-STRUCT!{struct RTL_AVL_TABLE {
- BalancedRoot: RTL_BALANCED_LINKS,
- OrderedPointer: PVOID,
- WhichOrderedElement: ULONG,
- NumberGenericTableElements: ULONG,
- DepthOfTree: ULONG,
- RestartKey: PRTL_BALANCED_LINKS,
- DeleteCount: ULONG,
- CompareRoutine: PRTL_AVL_COMPARE_ROUTINE,
- AllocateRoutine: PRTL_AVL_ALLOCATE_ROUTINE,
- FreeRoutine: PRTL_AVL_FREE_ROUTINE,
- TableContext: PVOID,
-}}
-pub type PRTL_AVL_TABLE = *mut RTL_AVL_TABLE;
-EXTERN!{extern "system" {
- fn RtlInitializeGenericTableAvl(
- Table: PRTL_AVL_TABLE,
- CompareRoutine: PRTL_AVL_COMPARE_ROUTINE,
- AllocateRoutine: PRTL_AVL_ALLOCATE_ROUTINE,
- FreeRoutine: PRTL_AVL_FREE_ROUTINE,
- TableContext: PVOID,
- );
- fn RtlInsertElementGenericTableAvl(
- Table: PRTL_AVL_TABLE,
- Buffer: PVOID,
- BufferSize: CLONG,
- NewElement: PBOOLEAN,
- ) -> PVOID;
- fn RtlInsertElementGenericTableFullAvl(
- Table: PRTL_AVL_TABLE,
- Buffer: PVOID,
- BufferSize: CLONG,
- NewElement: PBOOLEAN,
- NodeOrParent: PVOID,
- SearchResult: TABLE_SEARCH_RESULT,
- ) -> PVOID;
- fn RtlDeleteElementGenericTableAvl(
- Table: PRTL_AVL_TABLE,
- Buffer: PVOID,
- ) -> BOOLEAN;
- fn RtlLookupElementGenericTableAvl(
- Table: PRTL_AVL_TABLE,
- Buffer: PVOID,
- ) -> PVOID;
- fn RtlLookupElementGenericTableFullAvl(
- Table: PRTL_AVL_TABLE,
- Buffer: PVOID,
- NodeOrParent: *mut PVOID,
- SearchResult: *mut TABLE_SEARCH_RESULT,
- ) -> PVOID;
- fn RtlEnumerateGenericTableAvl(
- Table: PRTL_AVL_TABLE,
- Restart: BOOLEAN,
- ) -> PVOID;
- fn RtlEnumerateGenericTableWithoutSplayingAvl(
- Table: PRTL_AVL_TABLE,
- RestartKey: *mut PVOID,
- ) -> PVOID;
- fn RtlLookupFirstMatchingElementGenericTableAvl(
- Table: PRTL_AVL_TABLE,
- Buffer: PVOID,
- RestartKey: *mut PVOID,
- ) -> PVOID;
- fn RtlEnumerateGenericTableLikeADirectory(
- Table: PRTL_AVL_TABLE,
- MatchFunction: PRTL_AVL_MATCH_FUNCTION,
- MatchData: PVOID,
- NextFlag: ULONG,
- RestartKey: *mut PVOID,
- DeleteCount: PULONG,
- Buffer: PVOID,
- ) -> PVOID;
- fn RtlGetElementGenericTableAvl(
- Table: PRTL_AVL_TABLE,
- I: ULONG,
- ) -> PVOID;
- fn RtlNumberGenericTableElementsAvl(
- Table: PRTL_AVL_TABLE,
- ) -> ULONG;
- fn RtlIsGenericTableEmptyAvl(
- Table: PRTL_AVL_TABLE,
- ) -> BOOLEAN;
-}}
-STRUCT!{struct RTL_SPLAY_LINKS {
- Parent: *mut RTL_SPLAY_LINKS,
- LeftChild: *mut RTL_SPLAY_LINKS,
- RightChild: *mut RTL_SPLAY_LINKS,
-}}
-pub type PRTL_SPLAY_LINKS = *mut RTL_SPLAY_LINKS;
-#[inline]
-pub fn RtlInitializeSplayLinks(Links: &mut RTL_SPLAY_LINKS) {
- Links.Parent = Links;
- Links.LeftChild = null_mut();
- Links.RightChild = null_mut();
-}
-#[inline]
-pub const fn RtlParent(Links: &RTL_SPLAY_LINKS) -> PRTL_SPLAY_LINKS {
- Links.Parent
-}
-#[inline]
-pub const fn RtlLeftChild(Links: &RTL_SPLAY_LINKS) -> PRTL_SPLAY_LINKS {
- Links.LeftChild
-}
-#[inline]
-pub const fn RtlRightChild(Links: &RTL_SPLAY_LINKS) -> PRTL_SPLAY_LINKS {
- Links.RightChild
-}
-#[inline]
-pub unsafe fn RtlIsRoot(Links: *const RTL_SPLAY_LINKS) -> bool {
- (*Links).Parent as *const _ == Links
-}
-#[inline]
-pub unsafe fn RtlIsLeftChild(Links: *const RTL_SPLAY_LINKS) -> bool {
- RtlLeftChild(&*RtlParent(&*Links)) as *const _ == Links
-}
-#[inline]
-pub unsafe fn RtlIsRightChild(Links: *const RTL_SPLAY_LINKS) -> bool {
- RtlRightChild(&*RtlParent(&*Links)) as *const _ == Links
-}
-#[inline]
-pub fn RtlInsertAsLeftChild(
- ParentLinks: &mut RTL_SPLAY_LINKS,
- ChildLinks: &mut RTL_SPLAY_LINKS,
-) {
- ParentLinks.LeftChild = ChildLinks;
- ChildLinks.Parent = ParentLinks;
-}
-#[inline]
-pub fn RtlInsertAsRightChild(
- ParentLinks: &mut RTL_SPLAY_LINKS,
- ChildLinks: &mut RTL_SPLAY_LINKS,
-) {
- ParentLinks.RightChild = ChildLinks;
- ChildLinks.Parent = ParentLinks;
-}
-EXTERN!{extern "system" {
- fn RtlSplay(
- Links: PRTL_SPLAY_LINKS,
- ) -> PRTL_SPLAY_LINKS;
- fn RtlDelete(
- Links: PRTL_SPLAY_LINKS,
- ) -> PRTL_SPLAY_LINKS;
- fn RtlDeleteNoSplay(
- Links: PRTL_SPLAY_LINKS,
- Root: *mut PRTL_SPLAY_LINKS,
- );
- fn RtlSubtreeSuccessor(
- Links: PRTL_SPLAY_LINKS,
- ) -> PRTL_SPLAY_LINKS;
- fn RtlSubtreePredecessor(
- Links: PRTL_SPLAY_LINKS,
- ) -> PRTL_SPLAY_LINKS;
- fn RtlRealSuccessor(
- Links: PRTL_SPLAY_LINKS,
- ) -> PRTL_SPLAY_LINKS;
- fn RtlRealPredecessor(
- Links: PRTL_SPLAY_LINKS,
- ) -> PRTL_SPLAY_LINKS;
-}}
-FN!{stdcall PRTL_GENERIC_COMPARE_ROUTINE(
- Table: *mut RTL_GENERIC_TABLE,
- FirstStruct: PVOID,
- SecondStruct: PVOID,
-) -> RTL_GENERIC_COMPARE_RESULTS}
-FN!{stdcall PRTL_GENERIC_ALLOCATE_ROUTINE(
- Table: *mut RTL_GENERIC_TABLE,
- ByteSize: CLONG,
-) -> PVOID}
-FN!{stdcall PRTL_GENERIC_FREE_ROUTINE(
- Table: *mut RTL_GENERIC_TABLE,
- Buffer: PVOID,
-) -> ()}
-STRUCT!{struct RTL_GENERIC_TABLE {
- TableRoot: PRTL_SPLAY_LINKS,
- InsertOrderList: LIST_ENTRY,
- OrderedPointer: PLIST_ENTRY,
- WhichOrderedElement: ULONG,
- NumberGenericTableElements: ULONG,
- CompareRoutine: PRTL_GENERIC_COMPARE_ROUTINE,
- AllocateRoutine: PRTL_GENERIC_ALLOCATE_ROUTINE,
- FreeRoutine: PRTL_GENERIC_FREE_ROUTINE,
- TableContext: PVOID,
-}}
-pub type PRTL_GENERIC_TABLE = *mut RTL_GENERIC_TABLE;
-EXTERN!{extern "system" {
- fn RtlInitializeGenericTable(
- Table: PRTL_GENERIC_TABLE,
- CompareRoutine: PRTL_GENERIC_COMPARE_ROUTINE,
- AllocateRoutine: PRTL_GENERIC_ALLOCATE_ROUTINE,
- FreeRoutine: PRTL_GENERIC_FREE_ROUTINE,
- TableContext: PVOID,
- );
- fn RtlInsertElementGenericTable(
- Table: PRTL_GENERIC_TABLE,
- Buffer: PVOID,
- BufferSize: CLONG,
- NewElement: PBOOLEAN,
- ) -> PVOID;
- fn RtlInsertElementGenericTableFull(
- Table: PRTL_GENERIC_TABLE,
- Buffer: PVOID,
- BufferSize: CLONG,
- NewElement: PBOOLEAN,
- NodeOrParent: PVOID,
- SearchResult: TABLE_SEARCH_RESULT,
- ) -> PVOID;
- fn RtlDeleteElementGenericTable(
- Table: PRTL_GENERIC_TABLE,
- Buffer: PVOID,
- ) -> BOOLEAN;
- fn RtlLookupElementGenericTable(
- Table: PRTL_GENERIC_TABLE,
- Buffer: PVOID,
- ) -> PVOID;
- fn RtlLookupElementGenericTableFull(
- Table: PRTL_GENERIC_TABLE,
- Buffer: PVOID,
- NodeOrParent: *mut PVOID,
- SearchResult: *mut TABLE_SEARCH_RESULT,
- ) -> PVOID;
- fn RtlEnumerateGenericTable(
- Table: PRTL_GENERIC_TABLE,
- Restart: BOOLEAN,
- ) -> PVOID;
- fn RtlEnumerateGenericTableWithoutSplaying(
- Table: PRTL_GENERIC_TABLE,
- RestartKey: *mut PVOID,
- ) -> PVOID;
- fn RtlGetElementGenericTable(
- Table: PRTL_GENERIC_TABLE,
- I: ULONG,
- ) -> PVOID;
- fn RtlNumberGenericTableElements(
- Table: PRTL_GENERIC_TABLE,
- ) -> ULONG;
- fn RtlIsGenericTableEmpty(
- Table: PRTL_GENERIC_TABLE,
- ) -> BOOLEAN;
-}}
-STRUCT!{struct RTL_RB_TREE {
- Root: PRTL_BALANCED_NODE,
- Min: PRTL_BALANCED_NODE,
-}}
-pub type PRTL_RB_TREE = *mut RTL_RB_TREE;
-EXTERN!{extern "system" {
- fn RtlRbInsertNodeEx(
- Tree: PRTL_RB_TREE,
- Parent: PRTL_BALANCED_NODE,
- Right: BOOLEAN,
- Node: PRTL_BALANCED_NODE,
- );
- fn RtlRbRemoveNode(
- Tree: PRTL_RB_TREE,
- Node: PRTL_BALANCED_NODE,
- );
-}}
-pub const RTL_HASH_ALLOCATED_HEADER: u32 = 0x00000001;
-pub const RTL_HASH_RESERVED_SIGNATURE: u32 = 0;
-STRUCT!{struct RTL_DYNAMIC_HASH_TABLE_ENTRY {
- Linkage: LIST_ENTRY,
- Signature: ULONG_PTR,
-}}
-pub type PRTL_DYNAMIC_HASH_TABLE_ENTRY = *mut RTL_DYNAMIC_HASH_TABLE_ENTRY;
-#[inline]
-pub const fn HASH_ENTRY_KEY(x: &RTL_DYNAMIC_HASH_TABLE_ENTRY) -> ULONG_PTR {
- x.Signature
-}
-STRUCT!{struct RTL_DYNAMIC_HASH_TABLE_CONTEXT {
- ChainHead: PLIST_ENTRY,
- PrevLinkage: PLIST_ENTRY,
- Signature: ULONG_PTR,
-}}
-pub type PRTL_DYNAMIC_HASH_TABLE_CONTEXT = *mut RTL_DYNAMIC_HASH_TABLE_CONTEXT;
-STRUCT!{struct RTL_DYNAMIC_HASH_TABLE_ENUMERATOR {
- HashEntry: RTL_DYNAMIC_HASH_TABLE_ENTRY,
- ChainHead: PLIST_ENTRY,
- BucketIndex: ULONG,
-}}
-pub type PRTL_DYNAMIC_HASH_TABLE_ENUMERATOR = *mut RTL_DYNAMIC_HASH_TABLE_ENUMERATOR;
-STRUCT!{struct RTL_DYNAMIC_HASH_TABLE {
- Flags: ULONG,
- Shift: ULONG,
- TableSize: ULONG,
- Pivot: ULONG,
- DivisorMask: ULONG,
- NumEntries: ULONG,
- NonEmptyBuckets: ULONG,
- NumEnumerators: ULONG,
- Directory: PVOID,
-}}
-pub type PRTL_DYNAMIC_HASH_TABLE = *mut RTL_DYNAMIC_HASH_TABLE;
-#[inline]
-pub fn RtlInitHashTableContext(Context: &mut RTL_DYNAMIC_HASH_TABLE_CONTEXT) {
- Context.ChainHead = null_mut();
- Context.PrevLinkage = null_mut();
-}
-#[inline]
-pub fn RtlInitHashTableContextFromEnumerator(
- Context: &mut RTL_DYNAMIC_HASH_TABLE_CONTEXT,
- Enumerator: &RTL_DYNAMIC_HASH_TABLE_ENUMERATOR,
-) {
- Context.ChainHead = Enumerator.ChainHead;
- Context.PrevLinkage = Enumerator.HashEntry.Linkage.Blink;
-}
-// RtlReleaseHashTableContext
-#[inline]
-pub const fn RtlTotalBucketsHashTable(HashTable: &RTL_DYNAMIC_HASH_TABLE) -> ULONG {
- HashTable.TableSize
-}
-#[inline]
-pub const fn RtlNonEmptyBucketsHashTable(HashTable: &RTL_DYNAMIC_HASH_TABLE) -> ULONG {
- HashTable.NonEmptyBuckets
-}
-#[inline]
-pub const fn RtlEmptyBucketsHashTable(HashTable: &RTL_DYNAMIC_HASH_TABLE) -> ULONG {
- HashTable.TableSize - HashTable.NonEmptyBuckets
-}
-#[inline]
-pub const fn RtlTotalEntriesHashTable(HashTable: &RTL_DYNAMIC_HASH_TABLE) -> ULONG {
- HashTable.NumEntries
-}
-#[inline]
-pub const fn RtlActiveEnumeratorsHashTable(HashTable: &RTL_DYNAMIC_HASH_TABLE) -> ULONG {
- HashTable.NumEnumerators
-}
-EXTERN!{extern "system" {
- fn RtlCreateHashTable(
- HashTable: *mut PRTL_DYNAMIC_HASH_TABLE,
- Shift: ULONG,
- Flags: ULONG,
- ) -> BOOLEAN;
- fn RtlDeleteHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- );
- fn RtlInsertEntryHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- Entry: PRTL_DYNAMIC_HASH_TABLE_ENTRY,
- Signature: ULONG_PTR,
- Context: PRTL_DYNAMIC_HASH_TABLE_CONTEXT,
- ) -> BOOLEAN;
- fn RtlRemoveEntryHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- Entry: PRTL_DYNAMIC_HASH_TABLE_ENTRY,
- Context: PRTL_DYNAMIC_HASH_TABLE_CONTEXT,
- ) -> BOOLEAN;
- fn RtlLookupEntryHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- Signature: ULONG_PTR,
- Context: PRTL_DYNAMIC_HASH_TABLE_CONTEXT,
- ) -> PRTL_DYNAMIC_HASH_TABLE_ENTRY;
- fn RtlGetNextEntryHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- Context: PRTL_DYNAMIC_HASH_TABLE_CONTEXT,
- ) -> PRTL_DYNAMIC_HASH_TABLE_ENTRY;
- fn RtlInitEnumerationHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- Enumerator: PRTL_DYNAMIC_HASH_TABLE_ENUMERATOR,
- ) -> BOOLEAN;
- fn RtlEnumerateEntryHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- Enumerator: PRTL_DYNAMIC_HASH_TABLE_ENUMERATOR,
- ) -> PRTL_DYNAMIC_HASH_TABLE_ENTRY;
- fn RtlEndEnumerationHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- Enumerator: PRTL_DYNAMIC_HASH_TABLE_ENUMERATOR,
- );
- fn RtlInitWeakEnumerationHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- Enumerator: PRTL_DYNAMIC_HASH_TABLE_ENUMERATOR,
- ) -> BOOLEAN;
- fn RtlWeaklyEnumerateEntryHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- Enumerator: PRTL_DYNAMIC_HASH_TABLE_ENUMERATOR,
- ) -> PRTL_DYNAMIC_HASH_TABLE_ENTRY;
- fn RtlEndWeakEnumerationHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- Enumerator: PRTL_DYNAMIC_HASH_TABLE_ENUMERATOR,
- );
- fn RtlExpandHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- ) -> BOOLEAN;
- fn RtlContractHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- ) -> BOOLEAN;
- fn RtlInitStrongEnumerationHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- Enumerator: PRTL_DYNAMIC_HASH_TABLE_ENUMERATOR,
- ) -> BOOLEAN;
- fn RtlStronglyEnumerateEntryHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- Enumerator: PRTL_DYNAMIC_HASH_TABLE_ENUMERATOR,
- ) -> PRTL_DYNAMIC_HASH_TABLE_ENTRY;
- fn RtlEndStrongEnumerationHashTable(
- HashTable: PRTL_DYNAMIC_HASH_TABLE,
- Enumerator: PRTL_DYNAMIC_HASH_TABLE_ENUMERATOR,
- );
- fn RtlInitializeCriticalSection(
- CriticalSection: PRTL_CRITICAL_SECTION,
- ) -> NTSTATUS;
- fn RtlInitializeCriticalSectionAndSpinCount(
- CriticalSection: PRTL_CRITICAL_SECTION,
- SpinCount: ULONG,
- ) -> NTSTATUS;
- fn RtlDeleteCriticalSection(
- CriticalSection: PRTL_CRITICAL_SECTION,
- ) -> NTSTATUS;
- fn RtlEnterCriticalSection(
- CriticalSection: PRTL_CRITICAL_SECTION,
- ) -> NTSTATUS;
- fn RtlLeaveCriticalSection(
- CriticalSection: PRTL_CRITICAL_SECTION,
- ) -> NTSTATUS;
- fn RtlTryEnterCriticalSection(
- CriticalSection: PRTL_CRITICAL_SECTION,
- ) -> LOGICAL;
- fn RtlIsCriticalSectionLocked(
- CriticalSection: PRTL_CRITICAL_SECTION,
- ) -> LOGICAL;
- fn RtlIsCriticalSectionLockedByThread(
- CriticalSection: PRTL_CRITICAL_SECTION,
- ) -> LOGICAL;
- fn RtlGetCriticalSectionRecursionCount(
- CriticalSection: PRTL_CRITICAL_SECTION,
- ) -> ULONG;
- fn RtlSetCriticalSectionSpinCount(
- CriticalSection: PRTL_CRITICAL_SECTION,
- SpinCount: ULONG,
- ) -> ULONG;
- fn RtlQueryCriticalSectionOwner(
- EventHandle: HANDLE,
- ) -> HANDLE;
- fn RtlCheckForOrphanedCriticalSections(
- ThreadHandle: HANDLE,
- );
-}}
-STRUCT!{struct RTL_RESOURCE {
- CriticalSection: RTL_CRITICAL_SECTION,
- SharedSemaphore: HANDLE,
- NumberOfWaitingShared: ULONG,
- ExclusiveSemaphore: HANDLE,
- NumberOfWaitingExclusive: ULONG,
- NumberOfActive: LONG,
- ExclusiveOwnerThread: HANDLE,
- Flags: ULONG,
- DebugInfo: PRTL_RESOURCE_DEBUG,
-}}
-pub type PRTL_RESOURCE = *mut RTL_RESOURCE;
-pub const RTL_RESOURCE_FLAG_LONG_TERM: ULONG = 0x00000001;
-EXTERN!{extern "system" {
- fn RtlInitializeResource(
- Resource: PRTL_RESOURCE,
- );
- fn RtlDeleteResource(
- Resource: PRTL_RESOURCE,
- );
- fn RtlAcquireResourceShared(
- Resource: PRTL_RESOURCE,
- Wait: BOOLEAN,
- ) -> BOOLEAN;
- fn RtlAcquireResourceExclusive(
- Resource: PRTL_RESOURCE,
- Wait: BOOLEAN,
- ) -> BOOLEAN;
- fn RtlReleaseResource(
- Resource: PRTL_RESOURCE,
- );
- fn RtlConvertSharedToExclusive(
- Resource: PRTL_RESOURCE,
- );
- fn RtlConvertExclusiveToShared(
- Resource: PRTL_RESOURCE,
- );
- fn RtlInitializeSRWLock(
- SRWLock: PRTL_SRWLOCK,
- );
- fn RtlAcquireSRWLockExclusive(
- SRWLock: PRTL_SRWLOCK,
- );
- fn RtlAcquireSRWLockShared(
- SRWLock: PRTL_SRWLOCK,
- );
- fn RtlReleaseSRWLockExclusive(
- SRWLock: PRTL_SRWLOCK,
- );
- fn RtlReleaseSRWLockShared(
- SRWLock: PRTL_SRWLOCK,
- );
- fn RtlTryAcquireSRWLockExclusive(
- SRWLock: PRTL_SRWLOCK,
- ) -> BOOLEAN;
- fn RtlTryAcquireSRWLockShared(
- SRWLock: PRTL_SRWLOCK,
- ) -> BOOLEAN;
- fn RtlAcquireReleaseSRWLockExclusive(
- SRWLock: PRTL_SRWLOCK,
- );
- fn RtlInitializeConditionVariable(
- ConditionVariable: PRTL_CONDITION_VARIABLE,
- );
- fn RtlSleepConditionVariableCS(
- ConditionVariable: PRTL_CONDITION_VARIABLE,
- CriticalSection: PRTL_CRITICAL_SECTION,
- Timeout: PLARGE_INTEGER,
- ) -> NTSTATUS;
- fn RtlSleepConditionVariableSRW(
- ConditionVariable: PRTL_CONDITION_VARIABLE,
- SRWLock: PRTL_SRWLOCK,
- Timeout: PLARGE_INTEGER,
- Flags: ULONG,
- ) -> NTSTATUS;
- fn RtlWakeConditionVariable(
- ConditionVariable: PRTL_CONDITION_VARIABLE,
- );
- fn RtlWakeAllConditionVariable(
- ConditionVariable: PRTL_CONDITION_VARIABLE,
- );
-}}
-pub const RTL_BARRIER_FLAGS_SPIN_ONLY: ULONG = 0x00000001;
-pub const RTL_BARRIER_FLAGS_BLOCK_ONLY: ULONG = 0x00000002;
-pub const RTL_BARRIER_FLAGS_NO_DELETE: ULONG = 0x00000004;
-EXTERN!{extern "system" {
- fn RtlInitBarrier(
- Barrier: PRTL_BARRIER,
- TotalThreads: ULONG,
- SpinCount: ULONG,
- ) -> NTSTATUS;
- fn RtlDeleteBarrier(
- Barrier: PRTL_BARRIER,
- ) -> NTSTATUS;
- fn RtlBarrier(
- Barrier: PRTL_BARRIER,
- Flags: ULONG,
- ) -> BOOLEAN;
- fn RtlBarrierForDelete(
- Barrier: PRTL_BARRIER,
- Flags: ULONG,
- ) -> BOOLEAN;
- fn RtlWaitOnAddress(
- Address: *mut VOID,
- CompareAddress: PVOID,
- AddressSize: SIZE_T,
- Timeout: PLARGE_INTEGER,
- ) -> NTSTATUS;
- fn RtlWakeAddressAll(
- Address: PVOID,
- );
- fn RtlWakeAddressSingle(
- Address: PVOID,
- );
- fn RtlInitString(
- DestinationString: PSTRING,
- SourceString: PCSZ,
- );
- fn RtlInitStringEx(
- DestinationString: PSTRING,
- SourceString: PCSZ,
- ) -> NTSTATUS;
- fn RtlInitAnsiString(
- DestinationString: PANSI_STRING,
- SourceString: PCSZ,
- );
- fn RtlInitAnsiStringEx(
- DestinationString: PANSI_STRING,
- SourceString: PCSZ,
- ) -> NTSTATUS;
- fn RtlFreeAnsiString(
- AnsiString: PANSI_STRING,
- );
- fn RtlFreeOemString(
- OemString: POEM_STRING,
- );
- fn RtlCopyString(
- DestinationString: PSTRING,
- SourceString: *const STRING,
- );
- fn RtlUpperChar(
- Character: CHAR,
- ) -> CHAR;
- fn RtlCompareString(
- String1: *const STRING,
- String2: *const STRING,
- CaseInSensitive: BOOLEAN,
- ) -> LONG;
- fn RtlEqualString(
- String1: *const STRING,
- String2: *const STRING,
- CaseInSensitive: BOOLEAN,
- ) -> BOOLEAN;
- fn RtlPrefixString(
- String1: *const STRING,
- String2: *const STRING,
- CaseInSensitive: BOOLEAN,
- ) -> BOOLEAN;
- fn RtlAppendStringToString(
- Destination: PSTRING,
- Source: *const STRING,
- ) -> NTSTATUS;
- fn RtlAppendAsciizToString(
- Destination: PSTRING,
- Source: PSTR,
- ) -> NTSTATUS;
- fn RtlUpperString(
- DestinationString: PSTRING,
- SourceString: *const STRING,
- );
-}}
-#[inline]
-pub unsafe fn RtlIsNullOrEmptyUnicodeString(String: PUNICODE_STRING) -> bool {
- String.is_null() || (*String).Length == 0
-}
-#[inline]
-pub fn RtlInitEmptyUnicodeString(
- UnicodeString: &mut UNICODE_STRING,
- Buffer: PWCHAR,
- MaximumLength: USHORT,
-) {
- UnicodeString.Buffer = Buffer;
- UnicodeString.MaximumLength = MaximumLength;
- UnicodeString.Length = 0;
-}
-EXTERN!{extern "system" {
- fn RtlInitUnicodeString(
- DestinationString: PUNICODE_STRING,
- SourceString: PCWSTR,
- );
- fn RtlInitUnicodeStringEx(
- DestinationString: PUNICODE_STRING,
- SourceString: PCWSTR,
- ) -> NTSTATUS;
- fn RtlCreateUnicodeString(
- DestinationString: PUNICODE_STRING,
- SourceString: PCWSTR,
- ) -> BOOLEAN;
- fn RtlCreateUnicodeStringFromAsciiz(
- DestinationString: PUNICODE_STRING,
- SourceString: PSTR,
- ) -> BOOLEAN;
- fn RtlFreeUnicodeString(
- UnicodeString: PUNICODE_STRING,
- );
-}}
-pub const RTL_DUPLICATE_UNICODE_STRING_NULL_TERMINATE: ULONG = 0x00000001;
-pub const RTL_DUPLICATE_UNICODE_STRING_ALLOCATE_NULL_STRING: ULONG = 0x00000002;
-EXTERN!{extern "system" {
- fn RtlDuplicateUnicodeString(
- Flags: ULONG,
- StringIn: PCUNICODE_STRING,
- StringOut: PUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlCopyUnicodeString(
- DestinationString: PUNICODE_STRING,
- SourceString: PCUNICODE_STRING,
- );
- fn RtlUpcaseUnicodeChar(
- SourceCharacter: WCHAR,
- ) -> WCHAR;
- fn RtlDowncaseUnicodeChar(
- SourceCharacter: WCHAR,
- ) -> WCHAR;
- fn RtlCompareUnicodeString(
- String1: PCUNICODE_STRING,
- String2: PCUNICODE_STRING,
- CaseInSensitive: BOOLEAN,
- ) -> LONG;
- fn RtlCompareUnicodeStrings(
- String1: PCWCH,
- String1Length: SIZE_T,
- String2: PCWCH,
- String2Length: SIZE_T,
- CaseInSensitive: BOOLEAN,
- ) -> LONG;
- fn RtlEqualUnicodeString(
- String1: PCUNICODE_STRING,
- String2: PCUNICODE_STRING,
- CaseInSensitive: BOOLEAN,
- ) -> BOOLEAN;
-}}
-pub const HASH_STRING_ALGORITHM_DEFAULT: ULONG = 0;
-pub const HASH_STRING_ALGORITHM_X65599: ULONG = 1;
-pub const HASH_STRING_ALGORITHM_INVALID: ULONG = 0xffffffff;
-EXTERN!{extern "system" {
- fn RtlHashUnicodeString(
- String: PCUNICODE_STRING,
- CaseInSensitive: BOOLEAN,
- HashAlgorithm: ULONG,
- HashValue: PULONG,
- ) -> NTSTATUS;
- fn RtlValidateUnicodeString(
- Flags: ULONG,
- String: PCUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlPrefixUnicodeString(
- String1: PCUNICODE_STRING,
- String2: PCUNICODE_STRING,
- CaseInSensitive: BOOLEAN,
- ) -> BOOLEAN;
- fn RtlSuffixUnicodeString(
- String1: PUNICODE_STRING,
- String2: PUNICODE_STRING,
- CaseInSensitive: BOOLEAN,
- ) -> BOOLEAN;
- fn RtlFindUnicodeSubstring(
- FullString: PUNICODE_STRING,
- SearchString: PUNICODE_STRING,
- CaseInSensitive: BOOLEAN,
- ) -> PWCHAR;
-}}
-pub const RTL_FIND_CHAR_IN_UNICODE_STRING_START_AT_END: ULONG = 0x00000001;
-pub const RTL_FIND_CHAR_IN_UNICODE_STRING_COMPLEMENT_CHAR_SET: ULONG = 0x00000002;
-pub const RTL_FIND_CHAR_IN_UNICODE_STRING_CASE_INSENSITIVE: ULONG = 0x00000004;
-EXTERN!{extern "system" {
- fn RtlFindCharInUnicodeString(
- Flags: ULONG,
- StringToSearch: PUNICODE_STRING,
- CharSet: PUNICODE_STRING,
- NonInclusivePrefixLength: PUSHORT,
- ) -> NTSTATUS;
- fn RtlAppendUnicodeStringToString(
- Destination: PUNICODE_STRING,
- Source: PCUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlAppendUnicodeToString(
- Destination: PUNICODE_STRING,
- Source: PCWSTR,
- ) -> NTSTATUS;
- fn RtlUpcaseUnicodeString(
- DestinationString: PUNICODE_STRING,
- SourceString: PCUNICODE_STRING,
- AllocateDestinationString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlDowncaseUnicodeString(
- DestinationString: PUNICODE_STRING,
- SourceString: PCUNICODE_STRING,
- AllocateDestinationString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlEraseUnicodeString(
- String: PUNICODE_STRING,
- );
- fn RtlAnsiStringToUnicodeString(
- DestinationString: PUNICODE_STRING,
- SourceString: PCANSI_STRING,
- AllocateDestinationString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlUnicodeStringToAnsiString(
- DestinationString: PANSI_STRING,
- SourceString: PCUNICODE_STRING,
- AllocateDestinationString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlAnsiCharToUnicodeChar(
- SourceCharacter: *mut PUCHAR,
- ) -> WCHAR;
- fn RtlUpcaseUnicodeStringToAnsiString(
- DestinationString: PANSI_STRING,
- SourceString: PUNICODE_STRING,
- AllocateDestinationString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlOemStringToUnicodeString(
- DestinationString: PUNICODE_STRING,
- SourceString: PCOEM_STRING,
- AllocateDestinationString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlUnicodeStringToOemString(
- DestinationString: POEM_STRING,
- SourceString: PCUNICODE_STRING,
- AllocateDestinationString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlUpcaseUnicodeStringToOemString(
- DestinationString: POEM_STRING,
- SourceString: PUNICODE_STRING,
- AllocateDestinationString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlUnicodeStringToCountedOemString(
- DestinationString: POEM_STRING,
- SourceString: PCUNICODE_STRING,
- AllocateDestinationString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlUpcaseUnicodeStringToCountedOemString(
- DestinationString: POEM_STRING,
- SourceString: PCUNICODE_STRING,
- AllocateDestinationString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlMultiByteToUnicodeN(
- UnicodeString: PWCH,
- MaxBytesInUnicodeString: ULONG,
- BytesInUnicodeString: PULONG,
- MultiByteString: *const CHAR,
- BytesInMultiByteString: ULONG,
- ) -> NTSTATUS;
- fn RtlMultiByteToUnicodeSize(
- BytesInUnicodeString: PULONG,
- MultiByteString: *const CHAR,
- BytesInMultiByteString: ULONG,
- ) -> NTSTATUS;
- fn RtlUnicodeToMultiByteN(
- MultiByteString: PCHAR,
- MaxBytesInMultiByteString: ULONG,
- BytesInMultiByteString: PULONG,
- UnicodeString: PCWCH,
- BytesInUnicodeString: ULONG,
- ) -> NTSTATUS;
- fn RtlUnicodeToMultiByteSize(
- BytesInMultiByteString: PULONG,
- UnicodeString: PCWCH,
- BytesInUnicodeString: ULONG,
- ) -> NTSTATUS;
- fn RtlUpcaseUnicodeToMultiByteN(
- MultiByteString: PCHAR,
- MaxBytesInMultiByteString: ULONG,
- BytesInMultiByteString: PULONG,
- UnicodeString: PCWCH,
- BytesInUnicodeString: ULONG,
- ) -> NTSTATUS;
- fn RtlOemToUnicodeN(
- UnicodeString: PWCH,
- MaxBytesInUnicodeString: ULONG,
- BytesInUnicodeString: PULONG,
- OemString: PCCH,
- BytesInOemString: ULONG,
- ) -> NTSTATUS;
- fn RtlUnicodeToOemN(
- OemString: PCHAR,
- MaxBytesInOemString: ULONG,
- BytesInOemString: PULONG,
- UnicodeString: PCWCH,
- BytesInUnicodeString: ULONG,
- ) -> NTSTATUS;
- fn RtlUpcaseUnicodeToOemN(
- OemString: PCHAR,
- MaxBytesInOemString: ULONG,
- BytesInOemString: PULONG,
- UnicodeString: PCWCH,
- BytesInUnicodeString: ULONG,
- ) -> NTSTATUS;
- fn RtlConsoleMultiByteToUnicodeN(
- UnicodeString: PWCH,
- MaxBytesInUnicodeString: ULONG,
- BytesInUnicodeString: PULONG,
- MultiByteString: PCH,
- BytesInMultiByteString: ULONG,
- pdwSpecialChar: PULONG,
- ) -> NTSTATUS;
- fn RtlUTF8ToUnicodeN(
- UnicodeStringDestination: PWSTR,
- UnicodeStringMaxByteCount: ULONG,
- UnicodeStringActualByteCount: PULONG,
- UTF8StringSource: PCCH,
- UTF8StringByteCount: ULONG,
- ) -> NTSTATUS;
- fn RtlUnicodeToUTF8N(
- UTF8StringDestination: PCHAR,
- UTF8StringMaxByteCount: ULONG,
- UTF8StringActualByteCount: PULONG,
- UnicodeStringSource: PCWCH,
- UnicodeStringByteCount: ULONG,
- ) -> NTSTATUS;
- fn RtlCustomCPToUnicodeN(
- CustomCP: PCPTABLEINFO,
- UnicodeString: PWCH,
- MaxBytesInUnicodeString: ULONG,
- BytesInUnicodeString: PULONG,
- CustomCPString: PCH,
- BytesInCustomCPString: ULONG,
- ) -> NTSTATUS;
- fn RtlUnicodeToCustomCPN(
- CustomCP: PCPTABLEINFO,
- CustomCPString: PCH,
- MaxBytesInCustomCPString: ULONG,
- BytesInCustomCPString: PULONG,
- UnicodeString: PWCH,
- BytesInUnicodeString: ULONG,
- ) -> NTSTATUS;
- fn RtlUpcaseUnicodeToCustomCPN(
- CustomCP: PCPTABLEINFO,
- CustomCPString: PCH,
- MaxBytesInCustomCPString: ULONG,
- BytesInCustomCPString: PULONG,
- UnicodeString: PWCH,
- BytesInUnicodeString: ULONG,
- ) -> NTSTATUS;
- fn RtlInitCodePageTable(
- TableBase: PUSHORT,
- CodePageTable: PCPTABLEINFO,
- );
- fn RtlInitNlsTables(
- AnsiNlsBase: PUSHORT,
- OemNlsBase: PUSHORT,
- LanguageNlsBase: PUSHORT,
- TableInfo: PNLSTABLEINFO,
- );
- fn RtlResetRtlTranslations(
- TableInfo: PNLSTABLEINFO,
- );
- fn RtlIsTextUnicode(
- Buffer: PVOID,
- Size: ULONG,
- Result: PULONG,
- ) -> BOOLEAN;
-}}
-ENUM!{enum RTL_NORM_FORM {
- NormOther = 0x0,
- NormC = 0x1,
- NormD = 0x2,
- NormKC = 0x5,
- NormKD = 0x6,
- NormIdna = 0xd,
- DisallowUnassigned = 0x100,
- NormCDisallowUnassigned = 0x101,
- NormDDisallowUnassigned = 0x102,
- NormKCDisallowUnassigned = 0x105,
- NormKDDisallowUnassigned = 0x106,
- NormIdnaDisallowUnassigned = 0x10d,
-}}
-EXTERN!{extern "system" {
- fn RtlNormalizeString(
- NormForm: ULONG,
- SourceString: PCWSTR,
- SourceStringLength: LONG,
- DestinationString: PWSTR,
- DestinationStringLength: PLONG,
- ) -> NTSTATUS;
- fn RtlIsNormalizedString(
- NormForm: ULONG,
- SourceString: PCWSTR,
- SourceStringLength: LONG,
- Normalized: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlIsNameInExpression(
- Expression: PUNICODE_STRING,
- Name: PUNICODE_STRING,
- IgnoreCase: BOOLEAN,
- UpcaseTable: PWCH,
- ) -> BOOLEAN;
- fn RtlIsNameInUnUpcasedExpression(
- Expression: PUNICODE_STRING,
- Name: PUNICODE_STRING,
- IgnoreCase: BOOLEAN,
- UpcaseTable: PWCH,
- ) -> BOOLEAN;
- fn RtlEqualDomainName(
- String1: PUNICODE_STRING,
- String2: PUNICODE_STRING,
- ) -> BOOLEAN;
- fn RtlEqualComputerName(
- String1: PUNICODE_STRING,
- String2: PUNICODE_STRING,
- ) -> BOOLEAN;
- fn RtlDnsHostNameToComputerName(
- ComputerNameString: PUNICODE_STRING,
- DnsHostNameString: PUNICODE_STRING,
- AllocateComputerNameString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlStringFromGUID(
- Guid: *const GUID,
- GuidString: PUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlStringFromGUIDEx(
- Guid: *mut GUID,
- GuidString: PUNICODE_STRING,
- AllocateGuidString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlGUIDFromString(
- GuidString: PCUNICODE_STRING,
- Guid: *mut GUID,
- ) -> NTSTATUS;
- fn RtlCompareAltitudes(
- Altitude1: PCUNICODE_STRING,
- Altitude2: PCUNICODE_STRING,
- ) -> LONG;
- fn RtlIdnToAscii(
- Flags: ULONG,
- SourceString: PCWSTR,
- SourceStringLength: LONG,
- DestinationString: PWSTR,
- DestinationStringLength: PLONG,
- ) -> NTSTATUS;
- fn RtlIdnToUnicode(
- Flags: ULONG,
- SourceString: PCWSTR,
- SourceStringLength: LONG,
- DestinationString: PWSTR,
- DestinationStringLength: PLONG,
- ) -> NTSTATUS;
- fn RtlIdnToNameprepUnicode(
- Flags: ULONG,
- SourceString: PCWSTR,
- SourceStringLength: LONG,
- DestinationString: PWSTR,
- DestinationStringLength: PLONG,
- ) -> NTSTATUS;
-}}
-STRUCT!{struct PREFIX_TABLE_ENTRY {
- NodeTypeCode: CSHORT,
- NameLength: CSHORT,
- NextPrefixTree: *mut PREFIX_TABLE_ENTRY,
- Links: RTL_SPLAY_LINKS,
- Prefix: PSTRING,
-}}
-pub type PPREFIX_TABLE_ENTRY = *mut PREFIX_TABLE_ENTRY;
-STRUCT!{struct PREFIX_TABLE {
- NodeTypeCode: CSHORT,
- NameLength: CSHORT,
- NextPrefixTree: PPREFIX_TABLE_ENTRY,
-}}
-pub type PPREFIX_TABLE = *mut PREFIX_TABLE;
-EXTERN!{extern "system" {
- fn PfxInitialize(
- PrefixTable: PPREFIX_TABLE,
- );
- fn PfxInsertPrefix(
- PrefixTable: PPREFIX_TABLE,
- Prefix: PSTRING,
- PrefixTableEntry: PPREFIX_TABLE_ENTRY,
- ) -> BOOLEAN;
- fn PfxRemovePrefix(
- PrefixTable: PPREFIX_TABLE,
- PrefixTableEntry: PPREFIX_TABLE_ENTRY,
- );
- fn PfxFindPrefix(
- PrefixTable: PPREFIX_TABLE,
- FullName: PSTRING,
- ) -> PPREFIX_TABLE_ENTRY;
-}}
-STRUCT!{struct UNICODE_PREFIX_TABLE_ENTRY {
- NodeTypeCode: CSHORT,
- NameLength: CSHORT,
- NextPrefixTree: *mut UNICODE_PREFIX_TABLE_ENTRY,
- CaseMatch: *mut UNICODE_PREFIX_TABLE_ENTRY,
- Links: RTL_SPLAY_LINKS,
- Prefix: PUNICODE_STRING,
-}}
-pub type PUNICODE_PREFIX_TABLE_ENTRY = *mut UNICODE_PREFIX_TABLE_ENTRY;
-STRUCT!{struct UNICODE_PREFIX_TABLE {
- NodeTypeCode: CSHORT,
- NameLength: CSHORT,
- NextPrefixTree: PUNICODE_PREFIX_TABLE_ENTRY,
- LastNextEntry: PUNICODE_PREFIX_TABLE_ENTRY,
-}}
-pub type PUNICODE_PREFIX_TABLE = *mut UNICODE_PREFIX_TABLE;
-EXTERN!{extern "system" {
- fn RtlInitializeUnicodePrefix(
- PrefixTable: PUNICODE_PREFIX_TABLE,
- );
- fn RtlInsertUnicodePrefix(
- PrefixTable: PUNICODE_PREFIX_TABLE,
- Prefix: PUNICODE_STRING,
- PrefixTableEntry: PUNICODE_PREFIX_TABLE_ENTRY,
- ) -> BOOLEAN;
- fn RtlRemoveUnicodePrefix(
- PrefixTable: PUNICODE_PREFIX_TABLE,
- PrefixTableEntry: PUNICODE_PREFIX_TABLE_ENTRY,
- );
- fn RtlFindUnicodePrefix(
- PrefixTable: PUNICODE_PREFIX_TABLE,
- FullName: PCUNICODE_STRING,
- CaseInsensitiveIndex: ULONG,
- ) -> PUNICODE_PREFIX_TABLE_ENTRY;
- fn RtlNextUnicodePrefix(
- PrefixTable: PUNICODE_PREFIX_TABLE,
- Restart: BOOLEAN,
- ) -> PUNICODE_PREFIX_TABLE_ENTRY;
-}}
-STRUCT!{struct COMPRESSED_DATA_INFO {
- CompressionFormatAndEngine: USHORT,
- CompressionUnitShift: UCHAR,
- ChunkShift: UCHAR,
- ClusterShift: UCHAR,
- Reserved: UCHAR,
- NumberOfChunks: USHORT,
- CompressedChunkSizes: [ULONG; 1],
-}}
-pub type PCOMPRESSED_DATA_INFO = *mut COMPRESSED_DATA_INFO;
-EXTERN!{extern "system" {
- fn RtlGetCompressionWorkSpaceSize(
- CompressionFormatAndEngine: USHORT,
- CompressBufferWorkSpaceSize: PULONG,
- CompressFragmentWorkSpaceSize: PULONG,
- ) -> NTSTATUS;
- fn RtlCompressBuffer(
- CompressionFormatAndEngine: USHORT,
- UncompressedBuffer: PUCHAR,
- UncompressedBufferSize: ULONG,
- CompressedBuffer: PUCHAR,
- CompressedBufferSize: ULONG,
- UncompressedChunkSize: ULONG,
- FinalCompressedSize: PULONG,
- WorkSpace: PVOID,
- ) -> NTSTATUS;
- fn RtlDecompressBuffer(
- CompressionFormat: USHORT,
- UncompressedBuffer: PUCHAR,
- UncompressedBufferSize: ULONG,
- CompressedBuffer: PUCHAR,
- CompressedBufferSize: ULONG,
- FinalUncompressedSize: PULONG,
- ) -> NTSTATUS;
- fn RtlDecompressBufferEx(
- CompressionFormat: USHORT,
- UncompressedBuffer: PUCHAR,
- UncompressedBufferSize: ULONG,
- CompressedBuffer: PUCHAR,
- CompressedBufferSize: ULONG,
- FinalUncompressedSize: PULONG,
- WorkSpace: PVOID,
- ) -> NTSTATUS;
- fn RtlDecompressFragment(
- CompressionFormat: USHORT,
- UncompressedFragment: PUCHAR,
- UncompressedFragmentSize: ULONG,
- CompressedBuffer: PUCHAR,
- CompressedBufferSize: ULONG,
- FragmentOffset: ULONG,
- FinalUncompressedSize: PULONG,
- WorkSpace: PVOID,
- ) -> NTSTATUS;
- fn RtlDescribeChunk(
- CompressionFormat: USHORT,
- CompressedBuffer: *mut PUCHAR,
- EndOfCompressedBufferPlus1: PUCHAR,
- ChunkBuffer: *mut PUCHAR,
- ChunkSize: PULONG,
- ) -> NTSTATUS;
- fn RtlReserveChunk(
- CompressionFormat: USHORT,
- CompressedBuffer: *mut PUCHAR,
- EndOfCompressedBufferPlus1: PUCHAR,
- ChunkBuffer: *mut PUCHAR,
- ChunkSize: ULONG,
- ) -> NTSTATUS;
- fn RtlDecompressChunks(
- UncompressedBuffer: PUCHAR,
- UncompressedBufferSize: ULONG,
- CompressedBuffer: PUCHAR,
- CompressedBufferSize: ULONG,
- CompressedTail: PUCHAR,
- CompressedTailSize: ULONG,
- CompressedDataInfo: PCOMPRESSED_DATA_INFO,
- ) -> NTSTATUS;
- fn RtlCompressChunks(
- UncompressedBuffer: PUCHAR,
- UncompressedBufferSize: ULONG,
- CompressedBuffer: PUCHAR,
- CompressedBufferSize: ULONG,
- CompressedDataInfo: PCOMPRESSED_DATA_INFO,
- CompressedDataInfoLength: ULONG,
- WorkSpace: PVOID,
- ) -> NTSTATUS;
- fn RtlConvertLCIDToString(
- LcidValue: LCID,
- Base: ULONG,
- Padding: ULONG,
- pResultBuf: PWSTR,
- Size: ULONG,
- ) -> NTSTATUS;
- fn RtlIsValidLocaleName(
- LocaleName: PWSTR,
- Flags: ULONG,
- ) -> BOOLEAN;
- fn RtlGetParentLocaleName(
- LocaleName: PWSTR,
- ParentLocaleName: PUNICODE_STRING,
- Flags: ULONG,
- AllocateDestinationString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlLcidToLocaleName(
- lcid: LCID,
- LocaleName: PUNICODE_STRING,
- Flags: ULONG,
- AllocateDestinationString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlLocaleNameToLcid(
- LocaleName: PWSTR,
- lcid: PLCID,
- Flags: ULONG,
- ) -> NTSTATUS;
- fn RtlLCIDToCultureName(
- Lcid: LCID,
- String: PUNICODE_STRING,
- ) -> BOOLEAN;
- fn RtlCultureNameToLCID(
- String: PUNICODE_STRING,
- Lcid: PLCID,
- ) -> BOOLEAN;
- fn RtlCleanUpTEBLangLists();
- fn RtlGetLocaleFileMappingAddress(
- BaseAddress: *mut PVOID,
- DefaultLocaleId: PLCID,
- DefaultCasingTableSize: PLARGE_INTEGER,
- ) -> NTSTATUS;
- fn RtlGetCurrentPeb() -> PPEB;
- fn RtlAcquirePebLock();
- fn RtlReleasePebLock();
- fn RtlTryAcquirePebLock() -> LOGICAL;
- fn RtlAllocateFromPeb(
- Size: ULONG,
- Block: *mut PVOID,
- ) -> NTSTATUS;
- fn RtlFreeToPeb(
- Block: PVOID,
- Size: ULONG,
- ) -> NTSTATUS;
-}}
-pub const DOS_MAX_COMPONENT_LENGTH: u32 = 255;
-pub const DOS_MAX_PATH_LENGTH: u32 = DOS_MAX_COMPONENT_LENGTH + 5;
-STRUCT!{struct CURDIR {
- DosPath: UNICODE_STRING,
- Handle: HANDLE,
-}}
-pub type PCURDIR = *mut CURDIR;
-pub const RTL_USER_PROC_CURDIR_CLOSE: u32 = 0x00000002;
-pub const RTL_USER_PROC_CURDIR_INHERIT: u32 = 0x00000003;
-STRUCT!{struct RTL_DRIVE_LETTER_CURDIR {
- Flags: USHORT,
- Length: USHORT,
- TimeStamp: ULONG,
- DosPath: STRING,
-}}
-pub type PRTL_DRIVE_LETTER_CURDIR = *mut RTL_DRIVE_LETTER_CURDIR;
-pub const RTL_MAX_DRIVE_LETTERS: usize = 32;
-pub const RTL_DRIVE_LETTER_VALID: USHORT = 0x0001;
-STRUCT!{struct RTL_USER_PROCESS_PARAMETERS {
- MaximumLength: ULONG,
- Length: ULONG,
- Flags: ULONG,
- DebugFlags: ULONG,
- ConsoleHandle: HANDLE,
- ConsoleFlags: ULONG,
- StandardInput: HANDLE,
- StandardOutput: HANDLE,
- StandardError: HANDLE,
- CurrentDirectory: CURDIR,
- DllPath: UNICODE_STRING,
- ImagePathName: UNICODE_STRING,
- CommandLine: UNICODE_STRING,
- Environment: PVOID,
- StartingX: ULONG,
- StartingY: ULONG,
- CountX: ULONG,
- CountY: ULONG,
- CountCharsX: ULONG,
- CountCharsY: ULONG,
- FillAttribute: ULONG,
- WindowFlags: ULONG,
- ShowWindowFlags: ULONG,
- WindowTitle: UNICODE_STRING,
- DesktopInfo: UNICODE_STRING,
- ShellInfo: UNICODE_STRING,
- RuntimeData: UNICODE_STRING,
- CurrentDirectories: [RTL_DRIVE_LETTER_CURDIR; RTL_MAX_DRIVE_LETTERS],
- EnvironmentSize: ULONG_PTR,
- EnvironmentVersion: ULONG_PTR,
- PackageDependencyData: PVOID,
- ProcessGroupId: ULONG,
- LoaderThreads: ULONG,
-}}
-pub type PRTL_USER_PROCESS_PARAMETERS = *mut RTL_USER_PROCESS_PARAMETERS;
-pub const RTL_USER_PROC_PARAMS_NORMALIZED: ULONG = 0x00000001;
-pub const RTL_USER_PROC_PROFILE_USER: ULONG = 0x00000002;
-pub const RTL_USER_PROC_PROFILE_KERNEL: ULONG = 0x00000004;
-pub const RTL_USER_PROC_PROFILE_SERVER: ULONG = 0x00000008;
-pub const RTL_USER_PROC_RESERVE_1MB: ULONG = 0x00000020;
-pub const RTL_USER_PROC_RESERVE_16MB: ULONG = 0x00000040;
-pub const RTL_USER_PROC_CASE_SENSITIVE: ULONG = 0x00000080;
-pub const RTL_USER_PROC_DISABLE_HEAP_DECOMMIT: ULONG = 0x00000100;
-pub const RTL_USER_PROC_DLL_REDIRECTION_LOCAL: ULONG = 0x00001000;
-pub const RTL_USER_PROC_APP_MANIFEST_PRESENT: ULONG = 0x00002000;
-pub const RTL_USER_PROC_IMAGE_KEY_MISSING: ULONG = 0x00004000;
-pub const RTL_USER_PROC_OPTIN_PROCESS: ULONG = 0x00020000;
-EXTERN!{extern "system" {
- fn RtlCreateProcessParameters(
- pProcessParameters: *mut PRTL_USER_PROCESS_PARAMETERS,
- ImagePathName: PUNICODE_STRING,
- DllPath: PUNICODE_STRING,
- CurrentDirectory: PUNICODE_STRING,
- CommandLine: PUNICODE_STRING,
- Environment: PVOID,
- WindowTitle: PUNICODE_STRING,
- DesktopInfo: PUNICODE_STRING,
- ShellInfo: PUNICODE_STRING,
- RuntimeData: PUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlCreateProcessParametersEx(
- pProcessParameters: *mut PRTL_USER_PROCESS_PARAMETERS,
- ImagePathName: PUNICODE_STRING,
- DllPath: PUNICODE_STRING,
- CurrentDirectory: PUNICODE_STRING,
- CommandLine: PUNICODE_STRING,
- Environment: PVOID,
- WindowTitle: PUNICODE_STRING,
- DesktopInfo: PUNICODE_STRING,
- ShellInfo: PUNICODE_STRING,
- RuntimeData: PUNICODE_STRING,
- Flags: ULONG,
- ) -> NTSTATUS;
- fn RtlDestroyProcessParameters(
- ProcessParameters: PRTL_USER_PROCESS_PARAMETERS,
- ) -> NTSTATUS;
- fn RtlNormalizeProcessParams(
- ProcessParameters: PRTL_USER_PROCESS_PARAMETERS,
- ) -> PRTL_USER_PROCESS_PARAMETERS;
- fn RtlDeNormalizeProcessParams(
- ProcessParameters: PRTL_USER_PROCESS_PARAMETERS,
- ) -> PRTL_USER_PROCESS_PARAMETERS;
-}}
-STRUCT!{struct RTL_USER_PROCESS_INFORMATION {
- Length: ULONG,
- Process: HANDLE,
- Thread: HANDLE,
- ClientId: CLIENT_ID,
- ImageInformation: SECTION_IMAGE_INFORMATION,
-}}
-pub type PRTL_USER_PROCESS_INFORMATION = *mut RTL_USER_PROCESS_INFORMATION;
-EXTERN!{extern "system" {
- fn RtlCreateUserProcess(
- NtImagePathName: PUNICODE_STRING,
- AttributesDeprecated: ULONG,
- ProcessParameters: PRTL_USER_PROCESS_PARAMETERS,
- ProcessSecurityDescriptor: PSECURITY_DESCRIPTOR,
- ThreadSecurityDescriptor: PSECURITY_DESCRIPTOR,
- ParentProcess: HANDLE,
- InheritHandles: BOOLEAN,
- DebugPort: HANDLE,
- TokenHandle: HANDLE,
- ProcessInformation: PRTL_USER_PROCESS_INFORMATION,
- ) -> NTSTATUS;
- fn RtlCreateUserProcessEx(
- NtImagePathName: PUNICODE_STRING,
- ProcessParameters: PRTL_USER_PROCESS_PARAMETERS,
- InheritHandles: BOOLEAN,
- Flags: ULONG,
- ProcessInformation: PRTL_USER_PROCESS_INFORMATION,
- ) -> NTSTATUS;
- fn RtlExitUserProcess(
- ExitStatus: NTSTATUS,
- );
-}}
-pub const RTL_CLONE_PROCESS_FLAGS_CREATE_SUSPENDED: ULONG = 0x00000001;
-pub const RTL_CLONE_PROCESS_FLAGS_INHERIT_HANDLES: ULONG = 0x00000002;
-pub const RTL_CLONE_PROCESS_FLAGS_NO_SYNCHRONIZE: ULONG = 0x00000004;
-EXTERN!{extern "system" {
- fn RtlCloneUserProcess(
- ProcessFlags: ULONG,
- ProcessSecurityDescriptor: PSECURITY_DESCRIPTOR,
- ThreadSecurityDescriptor: PSECURITY_DESCRIPTOR,
- DebugPort: HANDLE,
- ProcessInformation: PRTL_USER_PROCESS_INFORMATION,
- ) -> NTSTATUS;
- fn RtlUpdateClonedCriticalSection(
- CriticalSection: PRTL_CRITICAL_SECTION,
- );
- fn RtlUpdateClonedSRWLock(
- SRWLock: PRTL_SRWLOCK,
- Shared: LOGICAL,
- );
-}}
-STRUCT!{struct RTLP_PROCESS_REFLECTION_REFLECTION_INFORMATION {
- ReflectionProcessHandle: HANDLE,
- ReflectionThreadHandle: HANDLE,
- ReflectionClientId: CLIENT_ID,
-}}
-pub type PRTLP_PROCESS_REFLECTION_REFLECTION_INFORMATION =
- *mut RTLP_PROCESS_REFLECTION_REFLECTION_INFORMATION;
-EXTERN!{extern "system" {
- fn RtlCreateProcessReflection(
- ProcessHandle: HANDLE,
- Flags: ULONG,
- StartRoutine: PVOID,
- StartContext: PVOID,
- EventHandle: HANDLE,
- ReflectionInformation: PRTLP_PROCESS_REFLECTION_REFLECTION_INFORMATION,
- ) -> NTSTATUS;
-}}
-EXTERN!{extern "C" {
- fn RtlSetProcessIsCritical(
- NewValue: BOOLEAN,
- OldValue: PBOOLEAN,
- CheckFlag: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlSetThreadIsCritical(
- NewValue: BOOLEAN,
- OldValue: PBOOLEAN,
- CheckFlag: BOOLEAN,
- ) -> NTSTATUS;
-}}
-EXTERN!{extern "system" {
- fn RtlValidProcessProtection(
- ProcessProtection: PS_PROTECTION,
- ) -> BOOLEAN;
- fn RtlTestProtectedAccess(
- Source: PS_PROTECTION,
- Target: PS_PROTECTION,
- ) -> BOOLEAN;
- fn RtlIsCurrentProcess(
- ProcessHandle: HANDLE,
- ) -> BOOLEAN;
- fn RtlIsCurrentThread(
- ThreadHandle: HANDLE,
- ) -> BOOLEAN;
-}}
-FN!{stdcall PUSER_THREAD_START_ROUTINE(
- ThreadParameter: PVOID,
-) -> NTSTATUS}
-EXTERN!{extern "system" {
- fn RtlCreateUserThread(
- Process: HANDLE,
- ThreadSecurityDescriptor: PSECURITY_DESCRIPTOR,
- CreateSuspended: BOOLEAN,
- ZeroBits: ULONG,
- MaximumStackSize: SIZE_T,
- CommittedStackSize: SIZE_T,
- StartAddress: PUSER_THREAD_START_ROUTINE,
- Parameter: PVOID,
- Thread: PHANDLE,
- ClientId: PCLIENT_ID,
- ) -> NTSTATUS;
- fn RtlExitUserThread(
- ExitStatus: NTSTATUS,
- );
- fn RtlIsCurrentThreadAttachExempt() -> BOOLEAN;
- fn RtlCreateUserStack(
- CommittedStackSize: SIZE_T,
- MaximumStackSize: SIZE_T,
- ZeroBits: ULONG_PTR,
- PageSize: SIZE_T,
- ReserveAlignment: ULONG_PTR,
- InitialTeb: PINITIAL_TEB,
- ) -> NTSTATUS;
- fn RtlFreeUserStack(
- AllocationBase: PVOID,
- ) -> NTSTATUS;
-}}
-STRUCT!{struct CONTEXT_CHUNK {
- Offset: LONG,
- Length: ULONG,
-}}
-pub type PCONTEXT_CHUNK = *mut CONTEXT_CHUNK;
-STRUCT!{struct CONTEXT_EX {
- All: CONTEXT_CHUNK,
- Legacy: CONTEXT_CHUNK,
- XState: CONTEXT_CHUNK,
-}}
-pub type PCONTEXT_EX = *mut CONTEXT_EX;
-pub const CONTEXT_EX_LENGTH: usize = 4096;
-#[macro_export]
-macro_rules! RTL_CONTEXT_EX_OFFSET {
- ($ContextEx:expr, $Chunk:ident) => {
- (*$ContextEx).$Chunk.Offset
- };
-}
-#[macro_export]
-macro_rules! RTL_CONTEXT_EX_LENGTH {
- ($ContextEx:expr, $Chunk:ident) => {
- (*$ContextEx).$Chunk.Length
- };
-}
-#[macro_export]
-macro_rules! RTL_CONTEXT_EX_CHUNK {
- ($Base:expr, $Layout:expr, $Chunk:ident) => {
- ($Base as usize + RTL_CONTEXT_EX_OFFSET!($Layout, $Chunk) as usize) as *mut c_void
- };
-}
-#[macro_export]
-macro_rules! RTL_CONTEXT_OFFSET {
- ($Context:expr, $Chunk:ident) => {
- RTL_CONTEXT_EX_OFFSET!(($Context as *const $crate::winapi::um::winnt::CONTEXT).offset(1)
- as *const $crate::ntrtl::CONTEXT_EX, $Chunk)
- };
-}
-#[macro_export]
-macro_rules! RTL_CONTEXT_LENGTH {
- ($Context:expr, $Chunk:ident) => {
- RTL_CONTEXT_EX_LENGTH!(($Context as *const $crate::winapi::um::winnt::CONTEXT).offset(1)
- as *const $crate::ntrtl::CONTEXT_EX, $Chunk)
- };
-}
-#[macro_export]
-macro_rules! RTL_CONTEXT_CHUNK {
- ($Context:expr, $Chunk:ident) => {
- RTL_CONTEXT_EX_CHUNK!(
- ($Context as *const $crate::winapi::um::winnt::CONTEXT).offset(1)
- as *const $crate::ntrtl::CONTEXT_EX,
- ($Context as *const $crate::winapi::um::winnt::CONTEXT).offset(1)
- as *const $crate::ntrtl::CONTEXT_EX,
- $Chunk
- )
- };
-}
-EXTERN!{extern "system" {
- fn RtlInitializeContext(
- Process: HANDLE,
- Context: PCONTEXT,
- Parameter: PVOID,
- InitialPc: PVOID,
- InitialSp: PVOID,
- );
- fn RtlInitializeExtendedContext(
- Context: PCONTEXT,
- ContextFlags: ULONG,
- ContextEx: *mut PCONTEXT_EX,
- ) -> ULONG;
- fn RtlCopyExtendedContext(
- Destination: PCONTEXT_EX,
- ContextFlags: ULONG,
- Source: PCONTEXT_EX,
- ) -> ULONG;
- fn RtlGetExtendedContextLength(
- ContextFlags: ULONG,
- ContextLength: PULONG,
- ) -> ULONG;
- fn RtlGetExtendedFeaturesMask(
- ContextEx: PCONTEXT_EX,
- ) -> ULONG64;
- fn RtlLocateExtendedFeature(
- ContextEx: PCONTEXT_EX,
- FeatureId: ULONG,
- Length: PULONG,
- ) -> PVOID;
- fn RtlLocateLegacyContext(
- ContextEx: PCONTEXT_EX,
- Length: PULONG,
- ) -> PCONTEXT;
- fn RtlSetExtendedFeaturesMask(
- ContextEx: PCONTEXT_EX,
- FeatureMask: ULONG64,
- );
-}}
-#[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))]
-EXTERN!{extern "system" {
- fn RtlWow64GetThreadContext(
- ThreadHandle: HANDLE,
- ThreadContext: PWOW64_CONTEXT,
- ) -> NTSTATUS;
- fn RtlWow64SetThreadContext(
- ThreadHandle: HANDLE,
- ThreadContext: PWOW64_CONTEXT,
- ) -> NTSTATUS;
-}}
-EXTERN!{extern "system" {
- fn RtlRemoteCall(
- Process: HANDLE,
- Thread: HANDLE,
- CallSite: PVOID,
- ArgumentCount: ULONG,
- Arguments: PULONG_PTR,
- PassContext: BOOLEAN,
- AlreadySuspended: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlAddVectoredExceptionHandler(
- First: ULONG,
- Handler: PVECTORED_EXCEPTION_HANDLER,
- ) -> PVOID;
- fn RtlRemoveVectoredExceptionHandler(
- Handle: PVOID,
- ) -> ULONG;
- fn RtlAddVectoredContinueHandler(
- First: ULONG,
- Handler: PVECTORED_EXCEPTION_HANDLER,
- ) -> PVOID;
- fn RtlRemoveVectoredContinueHandler(
- Handle: PVOID,
- ) -> ULONG;
-}}
-FN!{stdcall PRTLP_UNHANDLED_EXCEPTION_FILTER(
- ExceptionInfo: PEXCEPTION_POINTERS,
-) -> ULONG}
-EXTERN!{extern "system" {
- fn RtlSetUnhandledExceptionFilter(
- UnhandledExceptionFilter: PRTLP_UNHANDLED_EXCEPTION_FILTER,
- );
- fn RtlUnhandledExceptionFilter(
- ExceptionPointers: PEXCEPTION_POINTERS,
- ) -> LONG;
- fn RtlUnhandledExceptionFilter2(
- ExceptionPointers: PEXCEPTION_POINTERS,
- Flags: ULONG,
- ) -> LONG;
- fn RtlKnownExceptionFilter(
- ExceptionPointers: PEXCEPTION_POINTERS,
- ) -> LONG;
-}}
-#[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))]
-IFDEF!{
-ENUM!{enum FUNCTION_TABLE_TYPE {
- RF_SORTED = 0,
- RF_UNSORTED = 1,
- RF_CALLBACK = 2,
- RF_KERNEL_DYNAMIC = 3,
-}}
-STRUCT!{struct DYNAMIC_FUNCTION_TABLE {
- ListEntry: LIST_ENTRY,
- FunctionTable: PRUNTIME_FUNCTION,
- TimeStamp: LARGE_INTEGER,
- MinimumAddress: ULONG64,
- MaximumAddress: ULONG64,
- BaseAddress: ULONG64,
- Callback: PGET_RUNTIME_FUNCTION_CALLBACK,
- Context: PVOID,
- OutOfProcessCallbackDll: PWSTR,
- Type: FUNCTION_TABLE_TYPE,
- EntryCount: ULONG,
- TreeNode: RTL_BALANCED_NODE,
-}}
-pub type PDYNAMIC_FUNCTION_TABLE = *mut DYNAMIC_FUNCTION_TABLE;
-EXTERN!{extern "system" {
- fn RtlGetFunctionTableListHead() -> PLIST_ENTRY;
-}}
-}
-EXTERN!{extern "system" {
- fn RtlImageNtHeader(
- BaseOfImage: PVOID,
- ) -> PIMAGE_NT_HEADERS;
-}}
-pub const RTL_IMAGE_NT_HEADER_EX_FLAG_NO_RANGE_CHECK: ULONG = 0x00000001;
-EXTERN!{extern "system" {
- fn RtlImageNtHeaderEx(
- Flags: ULONG,
- BaseOfImage: PVOID,
- Size: ULONG64,
- OutHeaders: *mut PIMAGE_NT_HEADERS,
- ) -> NTSTATUS;
- fn RtlAddressInSectionTable(
- NtHeaders: PIMAGE_NT_HEADERS,
- BaseOfImage: PVOID,
- VirtualAddress: ULONG,
- ) -> PVOID;
- fn RtlSectionTableFromVirtualAddress(
- NtHeaders: PIMAGE_NT_HEADERS,
- BaseOfImage: PVOID,
- VirtualAddress: ULONG,
- ) -> PIMAGE_SECTION_HEADER;
- fn RtlImageDirectoryEntryToData(
- BaseOfImage: PVOID,
- MappedAsImage: BOOLEAN,
- DirectoryEntry: USHORT,
- Size: PULONG,
- ) -> PVOID;
- fn RtlImageRvaToSection(
- NtHeaders: PIMAGE_NT_HEADERS,
- BaseOfImage: PVOID,
- Rva: ULONG,
- ) -> PIMAGE_SECTION_HEADER;
- fn RtlImageRvaToVa(
- NtHeaders: PIMAGE_NT_HEADERS,
- BaseOfImage: PVOID,
- Rva: ULONG,
- LastRvaSection: *mut PIMAGE_SECTION_HEADER,
- ) -> PVOID;
- fn RtlFindExportedRoutineByName(
- BaseOfImage: PVOID,
- RoutineName: PSTR,
- ) -> PVOID;
- fn RtlGuardCheckLongJumpTarget(
- PcValue: PVOID,
- IsFastFail: BOOL,
- IsLongJumpTarget: PBOOL,
- ) -> NTSTATUS;
- fn RtlCompareMemoryUlong(
- Source: PVOID,
- Length: SIZE_T,
- Pattern: ULONG,
- ) -> SIZE_T;
- fn RtlFillMemoryUlong(
- Destination: PVOID,
- Length: SIZE_T,
- Pattern: ULONG,
- );
- fn RtlFillMemoryUlonglong(
- Destination: PVOID,
- Length: SIZE_T,
- Pattern: ULONGLONG,
- );
- fn RtlCreateEnvironment(
- CloneCurrentEnvironment: BOOLEAN,
- Environment: *mut PVOID,
- ) -> NTSTATUS;
-}}
-pub const RTL_CREATE_ENVIRONMENT_TRANSLATE: ULONG = 0x1;
-pub const RTL_CREATE_ENVIRONMENT_TRANSLATE_FROM_OEM: ULONG = 0x2;
-pub const RTL_CREATE_ENVIRONMENT_EMPTY: ULONG = 0x4;
-EXTERN!{extern "system" {
- fn RtlCreateEnvironmentEx(
- SourceEnv: PVOID,
- Environment: *mut PVOID,
- Flags: ULONG,
- ) -> NTSTATUS;
- fn RtlDestroyEnvironment(
- Environment: PVOID,
- ) -> NTSTATUS;
- fn RtlSetCurrentEnvironment(
- Environment: PVOID,
- PreviousEnvironment: *mut PVOID,
- ) -> NTSTATUS;
- fn RtlSetEnvironmentVar(
- Environment: *mut PWSTR,
- Name: PWSTR,
- NameLength: SIZE_T,
- Value: PWSTR,
- ValueLength: SIZE_T,
- ) -> NTSTATUS;
- fn RtlSetEnvironmentVariable(
- Environment: *mut PVOID,
- Name: PUNICODE_STRING,
- Value: PUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlQueryEnvironmentVariable(
- Environment: PVOID,
- Name: PWSTR,
- NameLength: SIZE_T,
- Value: PWSTR,
- ValueLength: SIZE_T,
- ReturnLength: PSIZE_T,
- ) -> NTSTATUS;
- fn RtlQueryEnvironmentVariable_U(
- Environment: PVOID,
- Name: PUNICODE_STRING,
- Value: PUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlExpandEnvironmentStrings(
- Environment: PVOID,
- Src: PWSTR,
- SrcLength: SIZE_T,
- Dst: PWSTR,
- DstLength: SIZE_T,
- ReturnLength: PSIZE_T,
- ) -> NTSTATUS;
- fn RtlExpandEnvironmentStrings_U(
- Environment: PVOID,
- Source: PUNICODE_STRING,
- Destination: PUNICODE_STRING,
- ReturnedLength: PULONG,
- ) -> NTSTATUS;
- fn RtlSetEnvironmentStrings(
- NewEnvironment: PWCHAR,
- NewEnvironmentSize: SIZE_T,
- ) -> NTSTATUS;
-}}
-STRUCT!{struct RTLP_CURDIR_REF {
- ReferenceCount: LONG,
- DirectoryHandle: HANDLE,
-}}
-pub type PRTLP_CURDIR_REF = *mut RTLP_CURDIR_REF;
-STRUCT!{struct RTL_RELATIVE_NAME_U {
- RelativeName: UNICODE_STRING,
- ContainingDirectory: HANDLE,
- CurDirRef: PRTLP_CURDIR_REF,
-}}
-pub type PRTL_RELATIVE_NAME_U = *mut RTL_RELATIVE_NAME_U;
-ENUM!{enum RTL_PATH_TYPE {
- RtlPathTypeUnknown = 0,
- RtlPathTypeUncAbsolute = 1,
- RtlPathTypeDriveAbsolute = 2,
- RtlPathTypeDriveRelative = 3,
- RtlPathTypeRooted = 4,
- RtlPathTypeRelative = 5,
- RtlPathTypeLocalDevice = 6,
- RtlPathTypeRootLocalDevice = 7,
-}}
-EXTERN!{extern "C" {
- static mut RtlDosPathSeperatorsString: UNICODE_STRING;
- static mut RtlAlternateDosPathSeperatorString: UNICODE_STRING;
- static mut RtlNtPathSeperatorString: UNICODE_STRING;
-}}
-/// "ntdll.dll"
-pub const RtlNtdllName: UTF16Const = UTF16Const(&[
- 0x006E, 0x0074, 0x0064, 0x006C, 0x006C, 0x002E, 0x0064, 0x006C, 0x006C, 0u16,
-]);
-EXTERN!{extern "system" {
- fn RtlDetermineDosPathNameType_U(
- DosFileName: PWSTR,
- ) -> RTL_PATH_TYPE;
- fn RtlDetermineDosPathNameType_Ustr(
- DosFileName: PCUNICODE_STRING,
- ) -> RTL_PATH_TYPE;
- fn RtlIsDosDeviceName_U(
- DosFileName: PWSTR,
- ) -> ULONG;
- fn RtlIsDosDeviceName_Ustr(
- DosFileName: PUNICODE_STRING,
- ) -> ULONG;
- fn RtlGetFullPathName_U(
- FileName: PWSTR,
- BufferLength: ULONG,
- Buffer: PWSTR,
- FilePart: *mut PWSTR,
- ) -> ULONG;
- fn RtlGetFullPathName_UEx(
- FileName: PWSTR,
- BufferLength: ULONG,
- Buffer: PWSTR,
- FilePart: *mut PWSTR,
- BytesRequired: *mut ULONG,
- ) -> NTSTATUS;
- fn RtlGetFullPathName_UstrEx(
- FileName: PUNICODE_STRING,
- StaticString: PUNICODE_STRING,
- DynamicString: PUNICODE_STRING,
- StringUsed: *mut PUNICODE_STRING,
- FilePartPrefixCch: *mut SIZE_T,
- NameInvalid: PBOOLEAN,
- InputPathType: *mut RTL_PATH_TYPE,
- BytesRequired: *mut SIZE_T,
- ) -> NTSTATUS;
- fn RtlGetCurrentDirectory_U(
- BufferLength: ULONG,
- Buffer: PWSTR,
- ) -> ULONG;
- fn RtlSetCurrentDirectory_U(
- PathName: PUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlGetLongestNtPathLength() -> ULONG;
- fn RtlDosPathNameToNtPathName_U(
- DosFileName: PWSTR,
- NtFileName: PUNICODE_STRING,
- FilePart: *mut PWSTR,
- RelativeName: PRTL_RELATIVE_NAME_U,
- ) -> BOOLEAN;
- fn RtlDosPathNameToNtPathName_U_WithStatus(
- DosFileName: PWSTR,
- NtFileName: PUNICODE_STRING,
- FilePart: *mut PWSTR,
- RelativeName: PRTL_RELATIVE_NAME_U,
- ) -> NTSTATUS;
- fn RtlDosLongPathNameToNtPathName_U_WithStatus(
- DosFileName: PWSTR,
- NtFileName: PUNICODE_STRING,
- FilePart: *mut PWSTR,
- RelativeName: PRTL_RELATIVE_NAME_U,
- ) -> NTSTATUS;
- fn RtlDosPathNameToRelativeNtPathName_U(
- DosFileName: PWSTR,
- NtFileName: PUNICODE_STRING,
- FilePart: *mut PWSTR,
- RelativeName: PRTL_RELATIVE_NAME_U,
- ) -> BOOLEAN;
- fn RtlDosPathNameToRelativeNtPathName_U_WithStatus(
- DosFileName: PWSTR,
- NtFileName: PUNICODE_STRING,
- FilePart: *mut PWSTR,
- RelativeName: PRTL_RELATIVE_NAME_U,
- ) -> NTSTATUS;
- fn RtlDosLongPathNameToRelativeNtPathName_U_WithStatus(
- DosFileName: PWSTR,
- NtFileName: PUNICODE_STRING,
- FilePart: *mut PWSTR,
- RelativeName: PRTL_RELATIVE_NAME_U,
- ) -> NTSTATUS;
- fn RtlReleaseRelativeName(
- RelativeName: PRTL_RELATIVE_NAME_U,
- );
- fn RtlDosSearchPath_U(
- Path: PWSTR,
- FileName: PWSTR,
- Extension: PWSTR,
- BufferLength: ULONG,
- Buffer: PWSTR,
- FilePart: *mut PWSTR,
- ) -> ULONG;
-}}
-pub const RTL_DOS_SEARCH_PATH_FLAG_APPLY_ISOLATION_REDIRECTION: ULONG = 0x00000001;
-pub const RTL_DOS_SEARCH_PATH_FLAG_DISALLOW_DOT_RELATIVE_PATH_SEARCH: ULONG = 0x00000002;
-pub const RTL_DOS_SEARCH_PATH_FLAG_APPLY_DEFAULT_EXTENSION_WHEN_NOT_RELATIVE_PATH_EVEN_IF_FILE_HAS_EXTENSION: ULONG = 0x00000004;
-EXTERN!{extern "system" {
- fn RtlDosSearchPath_Ustr(
- Flags: ULONG,
- Path: PUNICODE_STRING,
- FileName: PUNICODE_STRING,
- DefaultExtension: PUNICODE_STRING,
- StaticString: PUNICODE_STRING,
- DynamicString: PUNICODE_STRING,
- FullFileNameOut: *mut PCUNICODE_STRING,
- FilePartPrefixCch: *mut SIZE_T,
- BytesRequired: *mut SIZE_T,
- ) -> NTSTATUS;
- fn RtlDoesFileExists_U(
- FileName: PWSTR,
- ) -> BOOLEAN;
- fn RtlGetLengthWithoutLastFullDosOrNtPathElement(
- Flags: ULONG,
- PathString: PUNICODE_STRING,
- Length: PULONG,
- ) -> NTSTATUS;
- fn RtlGetLengthWithoutTrailingPathSeperators(
- Flags: ULONG,
- PathString: PUNICODE_STRING,
- Length: PULONG,
- ) -> NTSTATUS;
-}}
-STRUCT!{struct GENERATE_NAME_CONTEXT {
- Checksum: USHORT,
- CheckSumInserted: BOOLEAN,
- NameLength: UCHAR,
- NameBuffer: [WCHAR; 8],
- ExtensionLength: ULONG,
- ExtensionBuffer: [WCHAR; 4],
- LastIndexValue: ULONG,
-}}
-pub type PGENERATE_NAME_CONTEXT = *mut GENERATE_NAME_CONTEXT;
-EXTERN!{extern "system" {
- fn RtlGenerate8dot3Name(
- Name: PCUNICODE_STRING,
- AllowExtendedCharacters: BOOLEAN,
- Context: PGENERATE_NAME_CONTEXT,
- Name8dot3: PUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlComputePrivatizedDllName_U(
- DllName: PUNICODE_STRING,
- RealName: PUNICODE_STRING,
- LocalName: PUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlGetSearchPath(
- SearchPathA: *mut PWSTR,
- ) -> BOOLEAN;
- fn RtlSetSearchPathMode(
- Flags: ULONG,
- ) -> NTSTATUS;
- fn RtlGetExePath() -> PWSTR;
- fn RtlGetNtSystemRoot() -> PWSTR;
- fn RtlAreLongPathsEnabled() -> BOOLEAN;
- fn RtlIsThreadWithinLoaderCallout() -> BOOLEAN;
- fn RtlDllShutdownInProgress() -> BOOLEAN;
-}}
-STRUCT!{struct RTL_HEAP_ENTRY_u_s1 {
- Settable: SIZE_T,
- Tag: ULONG,
-}}
-STRUCT!{struct RTL_HEAP_ENTRY_u_s2 {
- CommittedSize: SIZE_T,
- FirstBlock: PVOID,
-}}
-UNION!{union RTL_HEAP_ENTRY_u {
- s1: RTL_HEAP_ENTRY_u_s1,
- s2: RTL_HEAP_ENTRY_u_s2,
-}}
-STRUCT!{struct RTL_HEAP_ENTRY {
- Size: SIZE_T,
- Flags: USHORT,
- AllocatorBackTraceIndex: USHORT,
- u: RTL_HEAP_ENTRY_u,
-}}
-pub type PRTL_HEAP_ENTRY = *mut RTL_HEAP_ENTRY;
-pub const RTL_HEAP_BUSY: USHORT = 0x0001;
-pub const RTL_HEAP_SEGMENT: USHORT = 0x0002;
-pub const RTL_HEAP_SETTABLE_VALUE: USHORT = 0x0010;
-pub const RTL_HEAP_SETTABLE_FLAG1: USHORT = 0x0020;
-pub const RTL_HEAP_SETTABLE_FLAG2: USHORT = 0x0040;
-pub const RTL_HEAP_SETTABLE_FLAG3: USHORT = 0x0080;
-pub const RTL_HEAP_SETTABLE_FLAGS: USHORT = 0x00e0;
-pub const RTL_HEAP_UNCOMMITTED_RANGE: USHORT = 0x0100;
-pub const RTL_HEAP_PROTECTED_ENTRY: USHORT = 0x0200;
-STRUCT!{struct RTL_HEAP_TAG {
- NumberOfAllocations: ULONG,
- NumberOfFrees: ULONG,
- BytesAllocated: SIZE_T,
- TagIndex: USHORT,
- CreatorBackTraceIndex: USHORT,
- TagName: [WCHAR; 24],
-}}
-pub type PRTL_HEAP_TAG = *mut RTL_HEAP_TAG;
-STRUCT!{struct RTL_HEAP_INFORMATION {
- BaseAddress: PVOID,
- Flags: ULONG,
- EntryOverhead: USHORT,
- CreatorBackTraceIndex: USHORT,
- BytesAllocated: SIZE_T,
- BytesCommitted: SIZE_T,
- NumberOfTags: ULONG,
- NumberOfEntries: ULONG,
- NumberOfPseudoTags: ULONG,
- PseudoTagGranularity: ULONG,
- Reserved: [ULONG; 5],
- Tags: PRTL_HEAP_TAG,
- Entries: PRTL_HEAP_ENTRY,
-}}
-pub type PRTL_HEAP_INFORMATION = *mut RTL_HEAP_INFORMATION;
-STRUCT!{struct RTL_PROCESS_HEAPS {
- NumberOfHeaps: ULONG,
- Heaps: [RTL_HEAP_INFORMATION; 1],
-}}
-pub type PRTL_PROCESS_HEAPS = *mut RTL_PROCESS_HEAPS;
-FN!{stdcall PRTL_HEAP_COMMIT_ROUTINE(
- Base: PVOID,
- CommitAddress: *mut PVOID,
- CommitSize: PSIZE_T,
-) -> NTSTATUS}
-STRUCT!{struct RTL_HEAP_PARAMETERS {
- Length: ULONG,
- SegmentReserve: SIZE_T,
- SegmentCommit: SIZE_T,
- DeCommitFreeBlockThreshold: SIZE_T,
- DeCommitTotalFreeThreshold: SIZE_T,
- MaximumAllocationSize: SIZE_T,
- VirtualMemoryThreshold: SIZE_T,
- InitialCommit: SIZE_T,
- InitialReserve: SIZE_T,
- CommitRoutine: PRTL_HEAP_COMMIT_ROUTINE,
- Reserved: [SIZE_T; 2],
-}}
-pub type PRTL_HEAP_PARAMETERS = *mut RTL_HEAP_PARAMETERS;
-pub const HEAP_SETTABLE_USER_VALUE: ULONG = 0x00000100;
-pub const HEAP_SETTABLE_USER_FLAG1: ULONG = 0x00000200;
-pub const HEAP_SETTABLE_USER_FLAG2: ULONG = 0x00000400;
-pub const HEAP_SETTABLE_USER_FLAG3: ULONG = 0x00000800;
-pub const HEAP_SETTABLE_USER_FLAGS: ULONG = 0x00000e00;
-pub const HEAP_CLASS_0: ULONG = 0x00000000;
-pub const HEAP_CLASS_1: ULONG = 0x00001000;
-pub const HEAP_CLASS_2: ULONG = 0x00002000;
-pub const HEAP_CLASS_3: ULONG = 0x00003000;
-pub const HEAP_CLASS_4: ULONG = 0x00004000;
-pub const HEAP_CLASS_5: ULONG = 0x00005000;
-pub const HEAP_CLASS_6: ULONG = 0x00006000;
-pub const HEAP_CLASS_7: ULONG = 0x00007000;
-pub const HEAP_CLASS_8: ULONG = 0x00008000;
-pub const HEAP_CLASS_MASK: ULONG = 0x0000f000;
-EXTERN!{extern "system" {
- fn RtlCreateHeap(
- Flags: ULONG,
- HeapBase: PVOID,
- ReserveSize: SIZE_T,
- CommitSize: SIZE_T,
- Lock: PVOID,
- Parameters: PRTL_HEAP_PARAMETERS,
- ) -> PVOID;
- fn RtlDestroyHeap(
- HeapHandle: PVOID,
- ) -> PVOID;
- fn RtlAllocateHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- Size: SIZE_T,
- ) -> PVOID;
- fn RtlFreeHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- BaseAddress: PVOID,
- ) -> BOOLEAN;
- fn RtlSizeHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- BaseAddress: PVOID,
- ) -> SIZE_T;
- fn RtlZeroHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- ) -> NTSTATUS;
- fn RtlProtectHeap(
- HeapHandle: PVOID,
- MakeReadOnly: BOOLEAN,
- );
-}}
-#[inline] #[cfg(not(target_arch = "aarch64"))]
-pub unsafe fn RtlProcessHeap() -> PVOID {
- use crate::ntpsapi::NtCurrentPeb;
- (*NtCurrentPeb()).ProcessHeap
-}
-EXTERN!{extern "system" {
- fn RtlLockHeap(
- HeapHandle: PVOID,
- ) -> BOOLEAN;
- fn RtlUnlockHeap(
- HeapHandle: PVOID,
- ) -> BOOLEAN;
- fn RtlReAllocateHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- BaseAddress: PVOID,
- Size: SIZE_T,
- ) -> PVOID;
- fn RtlGetUserInfoHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- BaseAddress: PVOID,
- UserValue: *mut PVOID,
- UserFlags: PULONG,
- ) -> BOOLEAN;
- fn RtlSetUserValueHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- BaseAddress: PVOID,
- UserValue: PVOID,
- ) -> BOOLEAN;
- fn RtlSetUserFlagsHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- BaseAddress: PVOID,
- UserFlagsReset: ULONG,
- UserFlagsSet: ULONG,
- ) -> BOOLEAN;
-}}
-STRUCT!{struct RTL_HEAP_TAG_INFO {
- NumberOfAllocations: ULONG,
- NumberOfFrees: ULONG,
- BytesAllocated: SIZE_T,
-}}
-pub type PRTL_HEAP_TAG_INFO = *mut RTL_HEAP_TAG_INFO;
-EXTERN!{extern "system" {
- fn RtlCreateTagHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- TagPrefix: PWSTR,
- TagNames: PWSTR,
- ) -> ULONG;
- fn RtlQueryTagHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- TagIndex: USHORT,
- ResetCounters: BOOLEAN,
- TagInfo: PRTL_HEAP_TAG_INFO,
- ) -> PWSTR;
- fn RtlExtendHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- Base: PVOID,
- Size: SIZE_T,
- ) -> NTSTATUS;
- fn RtlCompactHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- ) -> SIZE_T;
- fn RtlValidateHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- BaseAddress: PVOID,
- ) -> BOOLEAN;
- fn RtlValidateProcessHeaps() -> BOOLEAN;
- fn RtlGetProcessHeaps(
- NumberOfHeaps: ULONG,
- ProcessHeaps: *mut PVOID,
- ) -> ULONG;
-}}
-FN!{stdcall PRTL_ENUM_HEAPS_ROUTINE(
- HeapHandle: PVOID,
- Parameter: PVOID,
-) -> NTSTATUS}
-EXTERN!{extern "system" {
- fn RtlEnumProcessHeaps(
- EnumRoutine: PRTL_ENUM_HEAPS_ROUTINE,
- Parameter: PVOID,
- ) -> NTSTATUS;
-}}
-STRUCT!{struct RTL_HEAP_USAGE_ENTRY {
- Next: *mut RTL_HEAP_USAGE_ENTRY,
- Address: PVOID,
- Size: SIZE_T,
- AllocatorBackTraceIndex: USHORT,
- TagIndex: USHORT,
-}}
-pub type PRTL_HEAP_USAGE_ENTRY = *mut RTL_HEAP_USAGE_ENTRY;
-STRUCT!{struct RTL_HEAP_USAGE {
- Length: ULONG,
- BytesAllocated: SIZE_T,
- BytesCommitted: SIZE_T,
- BytesReserved: SIZE_T,
- BytesReservedMaximum: SIZE_T,
- Entries: PRTL_HEAP_USAGE_ENTRY,
- AddedEntries: PRTL_HEAP_USAGE_ENTRY,
- RemovedEntries: PRTL_HEAP_USAGE_ENTRY,
- Reserved: [ULONG_PTR; 8],
-}}
-pub type PRTL_HEAP_USAGE = *mut RTL_HEAP_USAGE;
-pub const HEAP_USAGE_ALLOCATED_BLOCKS: ULONG = HEAP_REALLOC_IN_PLACE_ONLY;
-pub const HEAP_USAGE_FREE_BUFFER: ULONG = HEAP_ZERO_MEMORY;
-EXTERN!{extern "system" {
- fn RtlUsageHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- Usage: PRTL_HEAP_USAGE,
- ) -> NTSTATUS;
-}}
-STRUCT!{struct RTL_HEAP_WALK_ENTRY_u_Block {
- Settable: SIZE_T,
- TagIndex: USHORT,
- AllocatorBackTraceIndex: USHORT,
- Reserved: [ULONG; 2],
-}}
-STRUCT!{struct RTL_HEAP_WALK_ENTRY_u_Segment {
- CommittedSize: ULONG,
- UnCommittedSize: ULONG,
- FirstEntry: PVOID,
- LastEntry: PVOID,
-}}
-UNION!{union RTL_HEAP_WALK_ENTRY_u {
- Block: RTL_HEAP_WALK_ENTRY_u_Block,
- Segment: RTL_HEAP_WALK_ENTRY_u_Segment,
-}}
-STRUCT!{struct RTL_HEAP_WALK_ENTRY {
- DataAddress: PVOID,
- DataSize: SIZE_T,
- OverheadBytes: UCHAR,
- SegmentIndex: UCHAR,
- Flags: USHORT,
- u: RTL_HEAP_WALK_ENTRY_u,
-}}
-pub type PRTL_HEAP_WALK_ENTRY = *mut RTL_HEAP_WALK_ENTRY;
-EXTERN!{extern "system" {
- fn RtlWalkHeap(
- HeapHandle: PVOID,
- Entry: PRTL_HEAP_WALK_ENTRY,
- ) -> NTSTATUS;
-}}
-pub const HeapDetailedFailureInformation: u32 = 0x80000001;
-pub const HeapSetDebuggingInformation: u32 = 0x80000002;
-ENUM!{enum HEAP_COMPATIBILITY_MODE {
- HEAP_COMPATIBILITY_STANDARD = 0,
- HEAP_COMPATIBILITY_LAL = 1,
- HEAP_COMPATIBILITY_LFH = 2,
-}}
-STRUCT!{struct PROCESS_HEAP_INFORMATION {
- ReserveSize: ULONG_PTR,
- CommitSize: ULONG_PTR,
- NumberOfHeaps: ULONG,
- FirstHeapInformationOffset: ULONG_PTR,
-}}
-pub type PPROCESS_HEAP_INFORMATION = *mut PROCESS_HEAP_INFORMATION;
-STRUCT!{struct HEAP_INFORMATION {
- Address: ULONG_PTR,
- Mode: ULONG,
- ReserveSize: ULONG_PTR,
- CommitSize: ULONG_PTR,
- FirstRegionInformationOffset: ULONG_PTR,
- NextHeapInformationOffset: ULONG_PTR,
-}}
-pub type PHEAP_INFORMATION = *mut HEAP_INFORMATION;
-UNION!{union HEAP_EXTENDED_INFORMATION_u {
- ProcessHeapInformation: PROCESS_HEAP_INFORMATION,
- HeapInformation: HEAP_INFORMATION,
-}}
-STRUCT!{struct HEAP_EXTENDED_INFORMATION {
- Process: HANDLE,
- Heap: ULONG_PTR,
- Level: ULONG,
- CallbackRoutine: PVOID,
- CallbackContext: PVOID,
- u: HEAP_EXTENDED_INFORMATION_u,
-}}
-pub type PHEAP_EXTENDED_INFORMATION = *mut HEAP_EXTENDED_INFORMATION;
-FN!{stdcall PRTL_HEAP_LEAK_ENUMERATION_ROUTINE(
- Reserved: LONG,
- HeapHandle: PVOID,
- BaseAddress: PVOID,
- BlockSize: SIZE_T,
- StackTraceDepth: ULONG,
- StackTrace: *mut PVOID,
-) -> NTSTATUS}
-STRUCT!{struct HEAP_DEBUGGING_INFORMATION {
- InterceptorFunction: PVOID,
- InterceptorValue: USHORT,
- ExtendedOptions: ULONG,
- StackTraceDepth: ULONG,
- MinTotalBlockSize: SIZE_T,
- MaxTotalBlockSize: SIZE_T,
- HeapLeakEnumerationRoutine: PRTL_HEAP_LEAK_ENUMERATION_ROUTINE,
-}}
-pub type PHEAP_DEBUGGING_INFORMATION = *mut HEAP_DEBUGGING_INFORMATION;
-EXTERN!{extern "system" {
- fn RtlQueryHeapInformation(
- HeapHandle: PVOID,
- HeapInformationClass: HEAP_INFORMATION_CLASS,
- HeapInformation: PVOID,
- HeapInformationLength: SIZE_T,
- ReturnLength: PSIZE_T,
- ) -> NTSTATUS;
- fn RtlSetHeapInformation(
- HeapHandle: PVOID,
- HeapInformationClass: HEAP_INFORMATION_CLASS,
- HeapInformation: PVOID,
- HeapInformationLength: SIZE_T,
- ) -> NTSTATUS;
- fn RtlMultipleAllocateHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- Size: SIZE_T,
- Count: ULONG,
- Array: *mut PVOID,
- ) -> ULONG;
- fn RtlMultipleFreeHeap(
- HeapHandle: PVOID,
- Flags: ULONG,
- Count: ULONG,
- Array: *mut PVOID,
- ) -> ULONG;
- fn RtlDetectHeapLeaks();
- fn RtlFlushHeaps();
-}}
-STRUCT!{struct RTL_MEMORY_ZONE_SEGMENT {
- NextSegment: *mut RTL_MEMORY_ZONE_SEGMENT,
- Size: SIZE_T,
- Next: PVOID,
- Limit: PVOID,
-}}
-pub type PRTL_MEMORY_ZONE_SEGMENT = *mut RTL_MEMORY_ZONE_SEGMENT;
-STRUCT!{struct RTL_MEMORY_ZONE {
- Segment: RTL_MEMORY_ZONE_SEGMENT,
- Lock: RTL_SRWLOCK,
- LockCount: ULONG,
- FirstSegment: PRTL_MEMORY_ZONE_SEGMENT,
-}}
-pub type PRTL_MEMORY_ZONE = *mut RTL_MEMORY_ZONE;
-EXTERN!{extern "system" {
- fn RtlCreateMemoryZone(
- MemoryZone: *mut PVOID,
- InitialSize: SIZE_T,
- Flags: ULONG,
- ) -> NTSTATUS;
- fn RtlDestroyMemoryZone(
- MemoryZone: PVOID,
- ) -> NTSTATUS;
- fn RtlAllocateMemoryZone(
- MemoryZone: PVOID,
- BlockSize: SIZE_T,
- Block: *mut PVOID,
- ) -> NTSTATUS;
- fn RtlResetMemoryZone(
- MemoryZone: PVOID,
- ) -> NTSTATUS;
- fn RtlLockMemoryZone(
- MemoryZone: PVOID,
- ) -> NTSTATUS;
- fn RtlUnlockMemoryZone(
- MemoryZone: PVOID,
- ) -> NTSTATUS;
- fn RtlCreateMemoryBlockLookaside(
- MemoryBlockLookaside: *mut PVOID,
- Flags: ULONG,
- InitialSize: ULONG,
- MinimumBlockSize: ULONG,
- MaximumBlockSize: ULONG,
- ) -> NTSTATUS;
- fn RtlDestroyMemoryBlockLookaside(
- MemoryBlockLookaside: PVOID,
- ) -> NTSTATUS;
- fn RtlAllocateMemoryBlockLookaside(
- MemoryBlockLookaside: PVOID,
- BlockSize: ULONG,
- Block: *mut PVOID,
- ) -> NTSTATUS;
- fn RtlFreeMemoryBlockLookaside(
- MemoryBlockLookaside: PVOID,
- Block: PVOID,
- ) -> NTSTATUS;
- fn RtlExtendMemoryBlockLookaside(
- MemoryBlockLookaside: PVOID,
- Increment: ULONG,
- ) -> NTSTATUS;
- fn RtlResetMemoryBlockLookaside(
- MemoryBlockLookaside: PVOID,
- ) -> NTSTATUS;
- fn RtlLockMemoryBlockLookaside(
- MemoryBlockLookaside: PVOID,
- ) -> NTSTATUS;
- fn RtlUnlockMemoryBlockLookaside(
- MemoryBlockLookaside: PVOID,
- ) -> NTSTATUS;
- fn RtlGetCurrentTransaction() -> HANDLE;
- fn RtlSetCurrentTransaction(
- TransactionHandle: HANDLE,
- ) -> LOGICAL;
-}}
-#[inline]
-pub const fn RtlIsEqualLuid(L1: &LUID, L2: &LUID) -> bool {
- (L1.LowPart == L2.LowPart) && (L1.HighPart == L2.HighPart)
-}
-#[inline]
-pub const fn RtlIsZeroLuid(L1: &LUID) -> bool {
- (L1.LowPart | L1.HighPart as u32) == 0
-}
-#[inline]
-pub const fn RtlConvertLongToLuid(Long: LONG) -> LUID {
- LUID { LowPart: Long as u32, HighPart: ((Long as i64) >> 32) as i32 }
-}
-#[inline]
-pub const fn RtlConvertUlongToLuid(Ulong: ULONG) -> LUID {
- LUID { LowPart: Ulong, HighPart: 0 }
-}
-EXTERN!{extern "system" {
- fn RtlCopyLuid(
- DestinationLuid: PLUID,
- SourceLuid: PLUID,
- );
- fn RtlCopyLuidAndAttributesArray(
- Count: ULONG,
- Src: PLUID_AND_ATTRIBUTES,
- Dest: PLUID_AND_ATTRIBUTES,
- );
-}}
-STRUCT!{struct RTL_PROCESS_VERIFIER_OPTIONS {
- SizeStruct: ULONG,
- Option: ULONG,
- OptionData: [UCHAR; 1],
-}}
-pub type PRTL_PROCESS_VERIFIER_OPTIONS = *mut RTL_PROCESS_VERIFIER_OPTIONS;
-UNION!{union RTL_DEBUG_INFORMATION_u {
- Modules: *mut RTL_PROCESS_MODULES,
- ModulesEx: *mut RTL_PROCESS_MODULE_INFORMATION_EX,
-}}
-STRUCT!{struct RTL_DEBUG_INFORMATION {
- SectionHandleClient: HANDLE,
- ViewBaseClient: PVOID,
- ViewBaseTarget: PVOID,
- ViewBaseDelta: ULONG_PTR,
- EventPairClient: HANDLE,
- EventPairTarget: HANDLE,
- TargetProcessId: HANDLE,
- TargetThreadHandle: HANDLE,
- Flags: ULONG,
- OffsetFree: SIZE_T,
- CommitSize: SIZE_T,
- ViewSize: SIZE_T,
- u: RTL_DEBUG_INFORMATION_u,
- BackTraces: *mut RTL_PROCESS_BACKTRACES,
- Heaps: *mut RTL_PROCESS_HEAPS,
- Locks: *mut RTL_PROCESS_LOCKS,
- SpecificHeap: PVOID,
- TargetProcessHandle: HANDLE,
- VerifierOptions: PRTL_PROCESS_VERIFIER_OPTIONS,
- ProcessHeap: PVOID,
- CriticalSectionHandle: HANDLE,
- CriticalSectionOwnerThread: HANDLE,
- Reserved: [PVOID; 4],
-}}
-pub type PRTL_DEBUG_INFORMATION = *mut RTL_DEBUG_INFORMATION;
-EXTERN!{extern "system" {
- fn RtlCreateQueryDebugBuffer(
- MaximumCommit: ULONG,
- UseEventPair: BOOLEAN,
- ) -> PRTL_DEBUG_INFORMATION;
- fn RtlDestroyQueryDebugBuffer(
- Buffer: PRTL_DEBUG_INFORMATION,
- ) -> NTSTATUS;
- fn RtlCommitDebugInfo(
- Buffer: PRTL_DEBUG_INFORMATION,
- Size: SIZE_T,
- ) -> PVOID;
- fn RtlDeCommitDebugInfo(
- Buffer: PRTL_DEBUG_INFORMATION,
- p: PVOID,
- Size: SIZE_T,
- );
-}}
-pub const RTL_QUERY_PROCESS_MODULES: ULONG = 0x00000001;
-pub const RTL_QUERY_PROCESS_BACKTRACES: ULONG = 0x00000002;
-pub const RTL_QUERY_PROCESS_HEAP_SUMMARY: ULONG = 0x00000004;
-pub const RTL_QUERY_PROCESS_HEAP_TAGS: ULONG = 0x00000008;
-pub const RTL_QUERY_PROCESS_HEAP_ENTRIES: ULONG = 0x00000010;
-pub const RTL_QUERY_PROCESS_LOCKS: ULONG = 0x00000020;
-pub const RTL_QUERY_PROCESS_MODULES32: ULONG = 0x00000040;
-pub const RTL_QUERY_PROCESS_VERIFIER_OPTIONS: ULONG = 0x00000080;
-pub const RTL_QUERY_PROCESS_MODULESEX: ULONG = 0x00000100;
-pub const RTL_QUERY_PROCESS_HEAP_ENTRIES_EX: ULONG = 0x00000200;
-pub const RTL_QUERY_PROCESS_CS_OWNER: ULONG = 0x00000400;
-pub const RTL_QUERY_PROCESS_NONINVASIVE: ULONG = 0x80000000;
-EXTERN!{extern "system" {
- fn RtlQueryProcessDebugInformation(
- UniqueProcessId: HANDLE,
- Flags: ULONG,
- Buffer: PRTL_DEBUG_INFORMATION,
- ) -> NTSTATUS;
- fn RtlFindMessage(
- DllHandle: PVOID,
- MessageTableId: ULONG,
- MessageLanguageId: ULONG,
- MessageId: ULONG,
- MessageEntry: *mut PMESSAGE_RESOURCE_ENTRY,
- ) -> NTSTATUS;
- fn RtlFormatMessage(
- MessageFormat: PWSTR,
- MaximumWidth: ULONG,
- IgnoreInserts: BOOLEAN,
- ArgumentsAreAnsi: BOOLEAN,
- ArgumentsAreAnArray: BOOLEAN,
- Arguments: *mut va_list,
- Buffer: PWSTR,
- Length: ULONG,
- ReturnLength: PULONG,
- ) -> NTSTATUS;
-}}
-STRUCT!{struct PARSE_MESSAGE_CONTEXT {
- fFlags: ULONG,
- cwSavColumn: ULONG,
- iwSrc: SIZE_T,
- iwDst: SIZE_T,
- iwDstSpace: SIZE_T,
- lpvArgStart: va_list,
-}}
-pub type PPARSE_MESSAGE_CONTEXT = *mut PARSE_MESSAGE_CONTEXT;
-#[inline]
-pub fn INIT_PARSE_MESSAGE_CONTEXT(ctx: &mut PARSE_MESSAGE_CONTEXT) {
- ctx.fFlags = 0;
-}
-#[inline]
-pub fn TEST_PARSE_MESSAGE_CONTEXT_FLAG(ctx: &mut PARSE_MESSAGE_CONTEXT, flag: ULONG) -> ULONG {
- ctx.fFlags & flag
-}
-#[inline]
-pub fn SET_PARSE_MESSAGE_CONTEXT_FLAG(ctx: &mut PARSE_MESSAGE_CONTEXT, flag: ULONG) -> ULONG {
- ctx.fFlags |= flag;
- ctx.fFlags
-}
-#[inline]
-pub fn CLEAR_PARSE_MESSAGE_CONTEXT_FLAG(ctx: &mut PARSE_MESSAGE_CONTEXT, flag: ULONG) -> ULONG {
- ctx.fFlags &= !flag;
- ctx.fFlags
-}
-EXTERN!{extern "system" {
- fn RtlFormatMessageEx(
- MessageFormat: PWSTR,
- MaximumWidth: ULONG,
- IgnoreInserts: BOOLEAN,
- ArgumentsAreAnsi: BOOLEAN,
- ArgumentsAreAnArray: BOOLEAN,
- Arguments: *mut va_list,
- Buffer: PWSTR,
- Length: ULONG,
- ReturnLength: PULONG,
- ParseContext: PPARSE_MESSAGE_CONTEXT,
- ) -> NTSTATUS;
- fn RtlNtStatusToDosError(
- Status: NTSTATUS,
- ) -> ULONG;
- fn RtlNtStatusToDosErrorNoTeb(
- Status: NTSTATUS,
- ) -> ULONG;
- fn RtlGetLastNtStatus() -> NTSTATUS;
- fn RtlGetLastWin32Error() -> LONG;
- fn RtlSetLastWin32ErrorAndNtStatusFromNtStatus(
- Status: NTSTATUS,
- );
- fn RtlSetLastWin32Error(
- Win32Error: LONG,
- );
- fn RtlRestoreLastWin32Error(
- Win32Error: LONG,
- );
-}}
-pub const RTL_ERRORMODE_FAILCRITICALERRORS: ULONG = 0x0010;
-pub const RTL_ERRORMODE_NOGPFAULTERRORBOX: ULONG = 0x0020;
-pub const RTL_ERRORMODE_NOOPENFILEERRORBOX: ULONG = 0x0040;
-EXTERN!{extern "system" {
- fn RtlGetThreadErrorMode() -> ULONG;
- fn RtlSetThreadErrorMode(
- NewMode: ULONG,
- OldMode: PULONG,
- ) -> NTSTATUS;
- fn RtlReportException(
- ExceptionRecord: PEXCEPTION_RECORD,
- ContextRecord: PCONTEXT,
- Flags: ULONG,
- ) -> NTSTATUS;
- fn RtlReportExceptionEx(
- ExceptionRecord: PEXCEPTION_RECORD,
- ContextRecord: PCONTEXT,
- Flags: ULONG,
- Timeout: PLARGE_INTEGER,
- ) -> NTSTATUS;
- fn RtlWerpReportException(
- ProcessId: ULONG,
- CrashReportSharedMem: HANDLE,
- Flags: ULONG,
- CrashVerticalProcessHandle: PHANDLE,
- ) -> NTSTATUS;
- fn RtlReportSilentProcessExit(
- ProcessHandle: HANDLE,
- ExitStatus: NTSTATUS,
- ) -> NTSTATUS;
- fn RtlUniform(
- Seed: PULONG,
- ) -> ULONG;
- fn RtlRandom(
- Seed: PULONG,
- ) -> ULONG;
- fn RtlRandomEx(
- Seed: PULONG,
- ) -> ULONG;
- fn RtlComputeImportTableHash(
- FileHandle: HANDLE,
- Hash: PCHAR,
- ImportTableHashRevision: ULONG,
- ) -> NTSTATUS;
- fn RtlIntegerToChar(
- Value: ULONG,
- Base: ULONG,
- OutputLength: LONG,
- String: PSTR,
- ) -> NTSTATUS;
- fn RtlCharToInteger(
- String: PCSZ,
- Base: ULONG,
- Value: PULONG,
- ) -> NTSTATUS;
- fn RtlLargeIntegerToChar(
- Value: PLARGE_INTEGER,
- Base: ULONG,
- OutputLength: LONG,
- String: PSTR,
- ) -> NTSTATUS;
- fn RtlIntegerToUnicodeString(
- Value: ULONG,
- Base: ULONG,
- String: PUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlInt64ToUnicodeString(
- Value: ULONGLONG,
- Base: ULONG,
- String: PUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlUnicodeStringToInteger(
- String: PCUNICODE_STRING,
- Base: ULONG,
- Value: PULONG,
- ) -> NTSTATUS;
- fn RtlIpv4AddressToStringExW(
- Address: *const in_addr,
- Port: USHORT,
- AddressString: PWSTR,
- AddressStringLength: PULONG,
- ) -> NTSTATUS;
- fn RtlIpv6AddressToStringExW(
- Address: *const in6_addr,
- ScopeId: ULONG,
- Port: USHORT,
- AddressString: PWSTR,
- AddressStringLength: PULONG,
- ) -> NTSTATUS;
- fn RtlIpv4StringToAddressExW(
- AddressString: PCWSTR,
- Strict: BOOLEAN,
- Address: *mut in_addr,
- Port: PUSHORT,
- ) -> NTSTATUS;
- fn RtlIpv6StringToAddressExW(
- AddressString: PCWSTR,
- Address: *mut in6_addr,
- ScopeId: PULONG,
- Port: PUSHORT,
- ) -> NTSTATUS;
-}}
-STRUCT!{struct TIME_FIELDS {
- Year: CSHORT,
- Month: CSHORT,
- Day: CSHORT,
- Hour: CSHORT,
- Minute: CSHORT,
- Second: CSHORT,
- Milliseconds: CSHORT,
- Weekday: CSHORT,
-}}
-pub type PTIME_FIELDS = *mut TIME_FIELDS;
-EXTERN!{extern "system" {
- fn RtlCutoverTimeToSystemTime(
- CutoverTime: PTIME_FIELDS,
- SystemTime: PLARGE_INTEGER,
- CurrentSystemTime: PLARGE_INTEGER,
- ThisYear: BOOLEAN,
- ) -> BOOLEAN;
- fn RtlSystemTimeToLocalTime(
- SystemTime: PLARGE_INTEGER,
- LocalTime: PLARGE_INTEGER,
- ) -> NTSTATUS;
- fn RtlLocalTimeToSystemTime(
- LocalTime: PLARGE_INTEGER,
- SystemTime: PLARGE_INTEGER,
- ) -> NTSTATUS;
- fn RtlTimeToElapsedTimeFields(
- Time: PLARGE_INTEGER,
- TimeFields: PTIME_FIELDS,
- );
- fn RtlTimeToTimeFields(
- Time: PLARGE_INTEGER,
- TimeFields: PTIME_FIELDS,
- );
- fn RtlTimeFieldsToTime(
- TimeFields: PTIME_FIELDS,
- Time: PLARGE_INTEGER,
- ) -> BOOLEAN;
- fn RtlTimeToSecondsSince1980(
- Time: PLARGE_INTEGER,
- ElapsedSeconds: PULONG,
- ) -> BOOLEAN;
- fn RtlSecondsSince1980ToTime(
- ElapsedSeconds: ULONG,
- Time: PLARGE_INTEGER,
- );
- fn RtlTimeToSecondsSince1970(
- Time: PLARGE_INTEGER,
- ElapsedSeconds: PULONG,
- ) -> BOOLEAN;
- fn RtlSecondsSince1970ToTime(
- ElapsedSeconds: ULONG,
- Time: PLARGE_INTEGER,
- );
-}}
-STRUCT!{struct RTL_TIME_ZONE_INFORMATION {
- Bias: LONG,
- StandardName: [WCHAR; 32],
- StandardStart: TIME_FIELDS,
- StandardBias: LONG,
- DaylightName: [WCHAR; 32],
- DaylightStart: TIME_FIELDS,
- DaylightBias: LONG,
-}}
-pub type PRTL_TIME_ZONE_INFORMATION = *mut RTL_TIME_ZONE_INFORMATION;
-EXTERN!{extern "system" {
- fn RtlQueryTimeZoneInformation(
- TimeZoneInformation: PRTL_TIME_ZONE_INFORMATION,
- ) -> NTSTATUS;
- fn RtlSetTimeZoneInformation(
- TimeZoneInformation: PRTL_TIME_ZONE_INFORMATION,
- ) -> NTSTATUS;
-}}
-STRUCT!{struct RTL_BITMAP {
- SizeOfBitMap: ULONG,
- Buffer: PULONG,
-}}
-pub type PRTL_BITMAP = *mut RTL_BITMAP;
-EXTERN!{extern "system" {
- fn RtlInitializeBitMap(
- BitMapHeader: PRTL_BITMAP,
- BitMapBuffer: PULONG,
- SizeOfBitMap: ULONG,
- );
- fn RtlClearBit(
- BitMapHeader: PRTL_BITMAP,
- BitNumber: ULONG,
- );
- fn RtlSetBit(
- BitMapHeader: PRTL_BITMAP,
- BitNumber: ULONG,
- );
- fn RtlTestBit(
- BitMapHeader: PRTL_BITMAP,
- BitNumber: ULONG,
- ) -> BOOLEAN;
- fn RtlClearAllBits(
- BitMapHeader: PRTL_BITMAP,
- );
- fn RtlSetAllBits(
- BitMapHeader: PRTL_BITMAP,
- );
- fn RtlFindClearBits(
- BitMapHeader: PRTL_BITMAP,
- NumberToFind: ULONG,
- HintIndex: ULONG,
- ) -> ULONG;
- fn RtlFindSetBits(
- BitMapHeader: PRTL_BITMAP,
- NumberToFind: ULONG,
- HintIndex: ULONG,
- ) -> ULONG;
- fn RtlFindClearBitsAndSet(
- BitMapHeader: PRTL_BITMAP,
- NumberToFind: ULONG,
- HintIndex: ULONG,
- ) -> ULONG;
- fn RtlFindSetBitsAndClear(
- BitMapHeader: PRTL_BITMAP,
- NumberToFind: ULONG,
- HintIndex: ULONG,
- ) -> ULONG;
- fn RtlClearBits(
- BitMapHeader: PRTL_BITMAP,
- StartingIndex: ULONG,
- NumberToClear: ULONG,
- );
- fn RtlSetBits(
- BitMapHeader: PRTL_BITMAP,
- StartingIndex: ULONG,
- NumberToSet: ULONG,
- );
- fn RtlFindMostSignificantBit(
- Set: ULONGLONG,
- ) -> CCHAR;
- fn RtlFindLeastSignificantBit(
- Set: ULONGLONG,
- ) -> CCHAR;
-}}
-STRUCT!{struct RTL_BITMAP_RUN {
- StartingIndex: ULONG,
- NumberOfBits: ULONG,
-}}
-pub type PRTL_BITMAP_RUN = *mut RTL_BITMAP_RUN;
-EXTERN!{extern "system" {
- fn RtlFindClearRuns(
- BitMapHeader: PRTL_BITMAP,
- RunArray: PRTL_BITMAP_RUN,
- SizeOfRunArray: ULONG,
- LocateLongestRuns: BOOLEAN,
- ) -> ULONG;
- fn RtlFindLongestRunClear(
- BitMapHeader: PRTL_BITMAP,
- StartingIndex: PULONG,
- ) -> ULONG;
- fn RtlFindFirstRunClear(
- BitMapHeader: PRTL_BITMAP,
- StartingIndex: PULONG,
- ) -> ULONG;
-}}
-#[inline]
-pub unsafe fn RtlCheckBit(BitMapHeader: &RTL_BITMAP, BitPosition: ULONG) -> u8 {
- #[cfg(target_arch = "x86_64")] {
- core::arch::x86_64::_bittest64(BitMapHeader.Buffer as *const i64, BitPosition as i64)
- }
- #[cfg(any(target_arch = "x86", target_arch = "aarch64"))] {
- (*BitMapHeader.Buffer.offset(BitPosition as isize / 32) >> (BitPosition % 32) & 1) as u8
- }
-}
-EXTERN!{extern "system" {
- fn RtlNumberOfClearBits(
- BitMapHeader: PRTL_BITMAP,
- ) -> ULONG;
- fn RtlNumberOfSetBits(
- BitMapHeader: PRTL_BITMAP,
- ) -> ULONG;
- fn RtlAreBitsClear(
- BitMapHeader: PRTL_BITMAP,
- StartingIndex: ULONG,
- Length: ULONG,
- ) -> BOOLEAN;
- fn RtlAreBitsSet(
- BitMapHeader: PRTL_BITMAP,
- StartingIndex: ULONG,
- Length: ULONG,
- ) -> BOOLEAN;
- fn RtlFindNextForwardRunClear(
- BitMapHeader: PRTL_BITMAP,
- FromIndex: ULONG,
- StartingRunIndex: PULONG,
- ) -> ULONG;
- fn RtlFindLastBackwardRunClear(
- BitMapHeader: PRTL_BITMAP,
- FromIndex: ULONG,
- StartingRunIndex: PULONG,
- ) -> ULONG;
- fn RtlNumberOfSetBitsUlongPtr(
- Target: ULONG_PTR,
- ) -> ULONG;
- fn RtlInterlockedClearBitRun(
- BitMapHeader: PRTL_BITMAP,
- StartingIndex: ULONG,
- NumberToClear: ULONG,
- );
- fn RtlInterlockedSetBitRun(
- BitMapHeader: PRTL_BITMAP,
- StartingIndex: ULONG,
- NumberToSet: ULONG,
- );
- fn RtlCopyBitMap(
- Source: PRTL_BITMAP,
- Destination: PRTL_BITMAP,
- TargetBit: ULONG,
- );
- fn RtlExtractBitMap(
- Source: PRTL_BITMAP,
- Destination: PRTL_BITMAP,
- TargetBit: ULONG,
- NumberOfBits: ULONG,
- );
- fn RtlNumberOfClearBitsInRange(
- BitMapHeader: PRTL_BITMAP,
- StartingIndex: ULONG,
- Length: ULONG,
- ) -> ULONG;
- fn RtlNumberOfSetBitsInRange(
- BitMapHeader: PRTL_BITMAP,
- StartingIndex: ULONG,
- Length: ULONG,
- ) -> ULONG;
-}}
-STRUCT!{struct RTL_BITMAP_EX {
- SizeOfBitMap: ULONG64,
- Buffer: PULONG64,
-}}
-pub type PRTL_BITMAP_EX = *mut RTL_BITMAP_EX;
-EXTERN!{extern "system" {
- fn RtlInitializeBitMapEx(
- BitMapHeader: PRTL_BITMAP_EX,
- BitMapBuffer: PULONG64,
- SizeOfBitMap: ULONG64,
- );
- fn RtlTestBitEx(
- BitMapHeader: PRTL_BITMAP_EX,
- BitNumber: ULONG64,
- ) -> BOOLEAN;
- fn RtlClearAllBitsEx(
- BitMapHeader: PRTL_BITMAP_EX,
- );
- fn RtlClearBitEx(
- BitMapHeader: PRTL_BITMAP_EX,
- BitNumber: ULONG64,
- );
- fn RtlSetBitEx(
- BitMapHeader: PRTL_BITMAP_EX,
- BitNumber: ULONG64,
- );
- fn RtlFindSetBitsEx(
- BitMapHeader: PRTL_BITMAP_EX,
- NumberToFind: ULONG64,
- HintIndex: ULONG64,
- ) -> ULONG64;
- fn RtlFindSetBitsAndClearEx(
- BitMapHeader: PRTL_BITMAP_EX,
- NumberToFind: ULONG64,
- HintIndex: ULONG64,
- ) -> ULONG64;
-}}
-UNION!{union RTL_HANDLE_TABLE_ENTRY {
- Flags: ULONG,
- NextFree: *mut RTL_HANDLE_TABLE_ENTRY,
-}}
-pub type PRTL_HANDLE_TABLE_ENTRY = *mut RTL_HANDLE_TABLE_ENTRY;
-pub const RTL_HANDLE_ALLOCATED: USHORT = 0x0001;
-STRUCT!{struct RTL_HANDLE_TABLE {
- MaximumNumberOfHandles: ULONG,
- SizeOfHandleTableEntry: ULONG,
- Reserved: [ULONG; 2],
- FreeHandles: PRTL_HANDLE_TABLE_ENTRY,
- CommittedHandles: PRTL_HANDLE_TABLE_ENTRY,
- UnCommittedHandles: PRTL_HANDLE_TABLE_ENTRY,
- MaxReservedHandles: PRTL_HANDLE_TABLE_ENTRY,
-}}
-pub type PRTL_HANDLE_TABLE = *mut RTL_HANDLE_TABLE;
-EXTERN!{extern "system" {
- fn RtlInitializeHandleTable(
- MaximumNumberOfHandles: ULONG,
- SizeOfHandleTableEntry: ULONG,
- HandleTable: PRTL_HANDLE_TABLE,
- );
- fn RtlDestroyHandleTable(
- HandleTable: PRTL_HANDLE_TABLE,
- ) -> NTSTATUS;
- fn RtlAllocateHandle(
- HandleTable: PRTL_HANDLE_TABLE,
- HandleIndex: PULONG,
- ) -> PRTL_HANDLE_TABLE_ENTRY;
- fn RtlFreeHandle(
- HandleTable: PRTL_HANDLE_TABLE,
- Handle: PRTL_HANDLE_TABLE_ENTRY,
- ) -> BOOLEAN;
- fn RtlIsValidHandle(
- HandleTable: PRTL_HANDLE_TABLE,
- Handle: PRTL_HANDLE_TABLE_ENTRY,
- ) -> BOOLEAN;
- fn RtlIsValidIndexHandle(
- HandleTable: PRTL_HANDLE_TABLE,
- HandleIndex: ULONG,
- Handle: *mut PRTL_HANDLE_TABLE_ENTRY,
- ) -> BOOLEAN;
-}}
-pub const RTL_ATOM_MAXIMUM_INTEGER_ATOM: RTL_ATOM = 0xc000;
-pub const RTL_ATOM_INVALID_ATOM: RTL_ATOM = 0x0000;
-pub const RTL_ATOM_TABLE_DEFAULT_NUMBER_OF_BUCKETS: u32 = 37;
-pub const RTL_ATOM_MAXIMUM_NAME_LENGTH: u32 = 255;
-pub const RTL_ATOM_PINNED: u32 = 0x01;
-EXTERN!{extern "system" {
- fn RtlCreateAtomTable(
- NumberOfBuckets: ULONG,
- AtomTableHandle: *mut PVOID,
- ) -> NTSTATUS;
- fn RtlDestroyAtomTable(
- AtomTableHandle: PVOID,
- ) -> NTSTATUS;
- fn RtlEmptyAtomTable(
- AtomTableHandle: PVOID,
- IncludePinnedAtoms: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlAddAtomToAtomTable(
- AtomTableHandle: PVOID,
- AtomName: PWSTR,
- Atom: PRTL_ATOM,
- ) -> NTSTATUS;
- fn RtlLookupAtomInAtomTable(
- AtomTableHandle: PVOID,
- AtomName: PWSTR,
- Atom: PRTL_ATOM,
- ) -> NTSTATUS;
- fn RtlDeleteAtomFromAtomTable(
- AtomTableHandle: PVOID,
- Atom: RTL_ATOM,
- ) -> NTSTATUS;
- fn RtlPinAtomInAtomTable(
- AtomTableHandle: PVOID,
- Atom: RTL_ATOM,
- ) -> NTSTATUS;
- fn RtlQueryAtomInAtomTable(
- AtomTableHandle: PVOID,
- Atom: RTL_ATOM,
- AtomUsage: PULONG,
- AtomFlags: PULONG,
- AtomName: PWSTR,
- AtomNameLength: PULONG,
- ) -> NTSTATUS;
- fn RtlGetIntegerAtom(
- AtomName: PWSTR,
- IntegerAtom: PUSHORT,
- ) -> BOOLEAN;
- fn RtlValidSid(
- Sid: PSID,
- ) -> BOOLEAN;
- fn RtlEqualSid(
- Sid1: PSID,
- Sid2: PSID,
- ) -> BOOLEAN;
- fn RtlEqualPrefixSid(
- Sid1: PSID,
- Sid2: PSID,
- ) -> BOOLEAN;
- fn RtlLengthRequiredSid(
- SubAuthorityCount: ULONG,
- ) -> ULONG;
- fn RtlFreeSid(
- Sid: PSID,
- ) -> PVOID;
- fn RtlAllocateAndInitializeSid(
- IdentifierAuthority: PSID_IDENTIFIER_AUTHORITY,
- SubAuthorityCount: UCHAR,
- SubAuthority0: ULONG,
- SubAuthority1: ULONG,
- SubAuthority2: ULONG,
- SubAuthority3: ULONG,
- SubAuthority4: ULONG,
- SubAuthority5: ULONG,
- SubAuthority6: ULONG,
- SubAuthority7: ULONG,
- Sid: *mut PSID,
- ) -> NTSTATUS;
- fn RtlInitializeSid(
- Sid: PSID,
- IdentifierAuthority: PSID_IDENTIFIER_AUTHORITY,
- SubAuthorityCount: UCHAR,
- ) -> NTSTATUS;
-}}
-EXTERN!{extern "C" {
- fn RtlInitializeSidEx(
- Sid: PSID,
- IdentifierAuthority: PSID_IDENTIFIER_AUTHORITY,
- SubAuthorityCount: UCHAR,
- ...
- ) -> NTSTATUS;
-}}
-EXTERN!{extern "system" {
- fn RtlIdentifierAuthoritySid(
- Sid: PSID,
- ) -> PSID_IDENTIFIER_AUTHORITY;
- fn RtlSubAuthoritySid(
- Sid: PSID,
- SubAuthority: ULONG,
- ) -> PULONG;
- fn RtlSubAuthorityCountSid(
- Sid: PSID,
- ) -> PUCHAR;
- fn RtlLengthSid(
- Sid: PSID,
- ) -> ULONG;
- fn RtlCopySid(
- DestinationSidLength: ULONG,
- DestinationSid: PSID,
- SourceSid: PSID,
- ) -> NTSTATUS;
- fn RtlCopySidAndAttributesArray(
- Count: ULONG,
- Src: PSID_AND_ATTRIBUTES,
- SidAreaSize: ULONG,
- Dest: PSID_AND_ATTRIBUTES,
- SidArea: PSID,
- RemainingSidArea: *mut PSID,
- RemainingSidAreaSize: PULONG,
- ) -> NTSTATUS;
- fn RtlCreateServiceSid(
- ServiceName: PUNICODE_STRING,
- ServiceSid: PSID,
- ServiceSidLength: PULONG,
- ) -> NTSTATUS;
- fn RtlSidDominates(
- Sid1: PSID,
- Sid2: PSID,
- Dominates: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlSidDominatesForTrust(
- Sid1: PSID,
- Sid2: PSID,
- DominatesTrust: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlSidEqualLevel(
- Sid1: PSID,
- Sid2: PSID,
- EqualLevel: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlSidIsHigherLevel(
- Sid1: PSID,
- Sid2: PSID,
- HigherLevel: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlCreateVirtualAccountSid(
- Name: PCUNICODE_STRING,
- BaseSubAuthority: ULONG,
- Sid: PSID,
- SidLength: PULONG,
- ) -> NTSTATUS;
- fn RtlReplaceSidInSd(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- OldSid: PSID,
- NewSid: PSID,
- NumChanges: *mut ULONG,
- ) -> NTSTATUS;
-}}
-pub const MAX_UNICODE_STACK_BUFFER_LENGTH: usize = 256;
-EXTERN!{extern "system" {
- fn RtlConvertSidToUnicodeString(
- UnicodeString: PUNICODE_STRING,
- Sid: PSID,
- AllocateDestinationString: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlSidHashInitialize(
- SidAttr: PSID_AND_ATTRIBUTES,
- SidCount: ULONG,
- SidAttrHash: PSID_AND_ATTRIBUTES_HASH,
- ) -> NTSTATUS;
- fn RtlSidHashLookup(
- SidAttrHash: PSID_AND_ATTRIBUTES_HASH,
- Sid: PSID,
- ) -> PSID_AND_ATTRIBUTES;
- fn RtlIsElevatedRid(
- SidAttr: PSID_AND_ATTRIBUTES,
- ) -> BOOLEAN;
- fn RtlDeriveCapabilitySidsFromName(
- UnicodeString: PUNICODE_STRING,
- CapabilityGroupSid: PSID,
- CapabilitySid: PSID,
- ) -> NTSTATUS;
- fn RtlCreateSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- Revision: ULONG,
- ) -> NTSTATUS;
- fn RtlValidSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- ) -> BOOLEAN;
- fn RtlLengthSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- ) -> ULONG;
- fn RtlValidRelativeSecurityDescriptor(
- SecurityDescriptorInput: PSECURITY_DESCRIPTOR,
- SecurityDescriptorLength: ULONG,
- RequiredInformation: SECURITY_INFORMATION,
- ) -> BOOLEAN;
- fn RtlGetControlSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- Control: PSECURITY_DESCRIPTOR_CONTROL,
- Revision: PULONG,
- ) -> NTSTATUS;
- fn RtlSetControlSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- ControlBitsOfInterest: SECURITY_DESCRIPTOR_CONTROL,
- ControlBitsToSet: SECURITY_DESCRIPTOR_CONTROL,
- ) -> NTSTATUS;
- fn RtlSetAttributesSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- Control: SECURITY_DESCRIPTOR_CONTROL,
- Revision: PULONG,
- ) -> NTSTATUS;
- fn RtlGetSecurityDescriptorRMControl(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- RMControl: PUCHAR,
- ) -> BOOLEAN;
- fn RtlSetSecurityDescriptorRMControl(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- RMControl: PUCHAR,
- );
- fn RtlSetDaclSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- DaclPresent: BOOLEAN,
- Dacl: PACL,
- DaclDefaulted: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlGetDaclSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- DaclPresent: PBOOLEAN,
- Dacl: *mut PACL,
- DaclDefaulted: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlSetSaclSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- SaclPresent: BOOLEAN,
- Sacl: PACL,
- SaclDefaulted: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlGetSaclSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- SaclPresent: PBOOLEAN,
- Sacl: *mut PACL,
- SaclDefaulted: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlSetOwnerSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- Owner: PSID,
- OwnerDefaulted: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlGetOwnerSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- Owner: *mut PSID,
- OwnerDefaulted: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlSetGroupSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- Group: PSID,
- GroupDefaulted: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlGetGroupSecurityDescriptor(
- SecurityDescriptor: PSECURITY_DESCRIPTOR,
- Group: *mut PSID,
- GroupDefaulted: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlMakeSelfRelativeSD(
- AbsoluteSecurityDescriptor: PSECURITY_DESCRIPTOR,
- SelfRelativeSecurityDescriptor: PSECURITY_DESCRIPTOR,
- BufferLength: PULONG,
- ) -> NTSTATUS;
- fn RtlAbsoluteToSelfRelativeSD(
- AbsoluteSecurityDescriptor: PSECURITY_DESCRIPTOR,
- SelfRelativeSecurityDescriptor: PSECURITY_DESCRIPTOR,
- BufferLength: PULONG,
- ) -> NTSTATUS;
- fn RtlSelfRelativeToAbsoluteSD(
- SelfRelativeSecurityDescriptor: PSECURITY_DESCRIPTOR,
- AbsoluteSecurityDescriptor: PSECURITY_DESCRIPTOR,
- AbsoluteSecurityDescriptorSize: PULONG,
- Dacl: PACL,
- DaclSize: PULONG,
- Sacl: PACL,
- SaclSize: PULONG,
- Owner: PSID,
- OwnerSize: PULONG,
- PrimaryGroup: PSID,
- PrimaryGroupSize: PULONG,
- ) -> NTSTATUS;
- fn RtlSelfRelativeToAbsoluteSD2(
- pSelfRelativeSecurityDescriptor: PSECURITY_DESCRIPTOR,
- pBufferSize: PULONG,
- ) -> NTSTATUS;
- fn RtlAreAllAccessesGranted(
- GrantedAccess: ACCESS_MASK,
- DesiredAccess: ACCESS_MASK,
- ) -> BOOLEAN;
- fn RtlAreAnyAccessesGranted(
- GrantedAccess: ACCESS_MASK,
- DesiredAccess: ACCESS_MASK,
- ) -> BOOLEAN;
- fn RtlMapGenericMask(
- AccessMask: PACCESS_MASK,
- GenericMapping: PGENERIC_MAPPING,
- );
- fn RtlCreateAcl(
- Acl: PACL,
- AclLength: ULONG,
- AclRevision: ULONG,
- ) -> NTSTATUS;
- fn RtlValidAcl(
- Acl: PACL,
- ) -> BOOLEAN;
- fn RtlQueryInformationAcl(
- Acl: PACL,
- AclInformation: PVOID,
- AclInformationLength: ULONG,
- AclInformationClass: ACL_INFORMATION_CLASS,
- ) -> NTSTATUS;
- fn RtlSetInformationAcl(
- Acl: PACL,
- AclInformation: PVOID,
- AclInformationLength: ULONG,
- AclInformationClass: ACL_INFORMATION_CLASS,
- ) -> NTSTATUS;
- fn RtlAddAce(
- Acl: PACL,
- AceRevision: ULONG,
- StartingAceIndex: ULONG,
- AceList: PVOID,
- AceListLength: ULONG,
- ) -> NTSTATUS;
- fn RtlDeleteAce(
- Acl: PACL,
- AceIndex: ULONG,
- ) -> NTSTATUS;
- fn RtlGetAce(
- Acl: PACL,
- AceIndex: ULONG,
- Ace: *mut PVOID,
- ) -> NTSTATUS;
- fn RtlFirstFreeAce(
- Acl: PACL,
- FirstFree: *mut PVOID,
- ) -> BOOLEAN;
- fn RtlFindAceByType(
- pAcl: PACL,
- AceType: UCHAR,
- pIndex: PULONG,
- ) -> PVOID;
- fn RtlOwnerAcesPresent(
- pAcl: PACL,
- ) -> BOOLEAN;
- fn RtlAddAccessAllowedAce(
- Acl: PACL,
- AceRevision: ULONG,
- AccessMask: ACCESS_MASK,
- Sid: PSID,
- ) -> NTSTATUS;
- fn RtlAddAccessAllowedAceEx(
- Acl: PACL,
- AceRevision: ULONG,
- AceFlags: ULONG,
- AccessMask: ACCESS_MASK,
- Sid: PSID,
- ) -> NTSTATUS;
- fn RtlAddAccessDeniedAce(
- Acl: PACL,
- AceRevision: ULONG,
- AccessMask: ACCESS_MASK,
- Sid: PSID,
- ) -> NTSTATUS;
- fn RtlAddAccessDeniedAceEx(
- Acl: PACL,
- AceRevision: ULONG,
- AceFlags: ULONG,
- AccessMask: ACCESS_MASK,
- Sid: PSID,
- ) -> NTSTATUS;
- fn RtlAddAuditAccessAce(
- Acl: PACL,
- AceRevision: ULONG,
- AccessMask: ACCESS_MASK,
- Sid: PSID,
- AuditSuccess: BOOLEAN,
- AuditFailure: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlAddAuditAccessAceEx(
- Acl: PACL,
- AceRevision: ULONG,
- AceFlags: ULONG,
- AccessMask: ACCESS_MASK,
- Sid: PSID,
- AuditSuccess: BOOLEAN,
- AuditFailure: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlAddAccessAllowedObjectAce(
- Acl: PACL,
- AceRevision: ULONG,
- AceFlags: ULONG,
- AccessMask: ACCESS_MASK,
- ObjectTypeGuid: *mut GUID,
- InheritedObjectTypeGuid: *mut GUID,
- Sid: PSID,
- ) -> NTSTATUS;
- fn RtlAddAccessDeniedObjectAce(
- Acl: PACL,
- AceRevision: ULONG,
- AceFlags: ULONG,
- AccessMask: ACCESS_MASK,
- ObjectTypeGuid: *mut GUID,
- InheritedObjectTypeGuid: *mut GUID,
- Sid: PSID,
- ) -> NTSTATUS;
- fn RtlAddAuditAccessObjectAce(
- Acl: PACL,
- AceRevision: ULONG,
- AceFlags: ULONG,
- AccessMask: ACCESS_MASK,
- ObjectTypeGuid: *mut GUID,
- InheritedObjectTypeGuid: *mut GUID,
- Sid: PSID,
- AuditSuccess: BOOLEAN,
- AuditFailure: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlAddCompoundAce(
- Acl: PACL,
- AceRevision: ULONG,
- AceType: UCHAR,
- AccessMask: ACCESS_MASK,
- ServerSid: PSID,
- ClientSid: PSID,
- ) -> NTSTATUS;
- fn RtlAddMandatoryAce(
- Acl: PACL,
- AceRevision: ULONG,
- AceFlags: ULONG,
- Sid: PSID,
- AceType: UCHAR,
- AccessMask: ACCESS_MASK,
- ) -> NTSTATUS;
- fn RtlDefaultNpAcl(
- Acl: *mut PACL,
- ) -> NTSTATUS;
- fn RtlNewSecurityObject(
- ParentDescriptor: PSECURITY_DESCRIPTOR,
- CreatorDescriptor: PSECURITY_DESCRIPTOR,
- NewDescriptor: *mut PSECURITY_DESCRIPTOR,
- IsDirectoryObject: BOOLEAN,
- Token: HANDLE,
- GenericMapping: PGENERIC_MAPPING,
- ) -> NTSTATUS;
- fn RtlNewSecurityObjectEx(
- ParentDescriptor: PSECURITY_DESCRIPTOR,
- CreatorDescriptor: PSECURITY_DESCRIPTOR,
- NewDescriptor: *mut PSECURITY_DESCRIPTOR,
- ObjectType: *mut GUID,
- IsDirectoryObject: BOOLEAN,
- AutoInheritFlags: ULONG,
- Token: HANDLE,
- GenericMapping: PGENERIC_MAPPING,
- ) -> NTSTATUS;
- fn RtlNewSecurityObjectWithMultipleInheritance(
- ParentDescriptor: PSECURITY_DESCRIPTOR,
- CreatorDescriptor: PSECURITY_DESCRIPTOR,
- NewDescriptor: *mut PSECURITY_DESCRIPTOR,
- ObjectType: *mut *mut GUID,
- GuidCount: ULONG,
- IsDirectoryObject: BOOLEAN,
- AutoInheritFlags: ULONG,
- Token: HANDLE,
- GenericMapping: PGENERIC_MAPPING,
- ) -> NTSTATUS;
- fn RtlDeleteSecurityObject(
- ObjectDescriptor: *mut PSECURITY_DESCRIPTOR,
- ) -> NTSTATUS;
- fn RtlQuerySecurityObject(
- ObjectDescriptor: PSECURITY_DESCRIPTOR,
- SecurityInformation: SECURITY_INFORMATION,
- ResultantDescriptor: PSECURITY_DESCRIPTOR,
- DescriptorLength: ULONG,
- ReturnLength: PULONG,
- ) -> NTSTATUS;
- fn RtlSetSecurityObject(
- SecurityInformation: SECURITY_INFORMATION,
- ModificationDescriptor: PSECURITY_DESCRIPTOR,
- ObjectsSecurityDescriptor: *mut PSECURITY_DESCRIPTOR,
- GenericMapping: PGENERIC_MAPPING,
- Token: HANDLE,
- ) -> NTSTATUS;
- fn RtlSetSecurityObjectEx(
- SecurityInformation: SECURITY_INFORMATION,
- ModificationDescriptor: PSECURITY_DESCRIPTOR,
- ObjectsSecurityDescriptor: *mut PSECURITY_DESCRIPTOR,
- AutoInheritFlags: ULONG,
- GenericMapping: PGENERIC_MAPPING,
- Token: HANDLE,
- ) -> NTSTATUS;
- fn RtlConvertToAutoInheritSecurityObject(
- ParentDescriptor: PSECURITY_DESCRIPTOR,
- CurrentSecurityDescriptor: PSECURITY_DESCRIPTOR,
- NewSecurityDescriptor: *mut PSECURITY_DESCRIPTOR,
- ObjectType: *mut GUID,
- IsDirectoryObject: BOOLEAN,
- GenericMapping: PGENERIC_MAPPING,
- ) -> NTSTATUS;
- fn RtlNewInstanceSecurityObject(
- ParentDescriptorChanged: BOOLEAN,
- CreatorDescriptorChanged: BOOLEAN,
- OldClientTokenModifiedId: PLUID,
- NewClientTokenModifiedId: PLUID,
- ParentDescriptor: PSECURITY_DESCRIPTOR,
- CreatorDescriptor: PSECURITY_DESCRIPTOR,
- NewDescriptor: *mut PSECURITY_DESCRIPTOR,
- IsDirectoryObject: BOOLEAN,
- Token: HANDLE,
- GenericMapping: PGENERIC_MAPPING,
- ) -> NTSTATUS;
- fn RtlCopySecurityDescriptor(
- InputSecurityDescriptor: PSECURITY_DESCRIPTOR,
- OutputSecurityDescriptor: *mut PSECURITY_DESCRIPTOR,
- ) -> NTSTATUS;
- fn RtlRunEncodeUnicodeString(
- Seed: PUCHAR,
- String: PUNICODE_STRING,
- );
- fn RtlRunDecodeUnicodeString(
- Seed: UCHAR,
- String: PUNICODE_STRING,
- );
- fn RtlImpersonateSelf(
- ImpersonationLevel: SECURITY_IMPERSONATION_LEVEL,
- ) -> NTSTATUS;
- fn RtlImpersonateSelfEx(
- ImpersonationLevel: SECURITY_IMPERSONATION_LEVEL,
- AdditionalAccess: ACCESS_MASK,
- ThreadToken: PHANDLE,
- ) -> NTSTATUS;
- fn RtlAdjustPrivilege(
- Privilege: ULONG,
- Enable: BOOLEAN,
- Client: BOOLEAN,
- WasEnabled: PBOOLEAN,
- ) -> NTSTATUS;
-}}
-pub const RTL_ACQUIRE_PRIVILEGE_REVERT: ULONG = 0x00000001;
-pub const RTL_ACQUIRE_PRIVILEGE_PROCESS: ULONG = 0x00000002;
-EXTERN!{extern "system" {
- fn RtlAcquirePrivilege(
- Privilege: PULONG,
- NumPriv: ULONG,
- Flags: ULONG,
- ReturnedState: *mut PVOID,
- ) -> NTSTATUS;
- fn RtlReleasePrivilege(
- StatePointer: PVOID,
- );
- fn RtlRemovePrivileges(
- TokenHandle: HANDLE,
- PrivilegesToKeep: PULONG,
- PrivilegeCount: ULONG,
- ) -> NTSTATUS;
- fn RtlIsUntrustedObject(
- Handle: HANDLE,
- Object: PVOID,
- IsUntrustedObject: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlQueryValidationRunlevel(
- ComponentName: PUNICODE_STRING,
- ) -> ULONG;
- fn RtlCreateBoundaryDescriptor(
- Name: PUNICODE_STRING,
- Flags: ULONG,
- ) -> PVOID;
- fn RtlDeleteBoundaryDescriptor(
- BoundaryDescriptor: PVOID,
- );
- fn RtlAddSIDToBoundaryDescriptor(
- BoundaryDescriptor: *mut PVOID,
- RequiredSid: PSID,
- ) -> NTSTATUS;
- fn RtlAddIntegrityLabelToBoundaryDescriptor(
- BoundaryDescriptor: *mut PVOID,
- IntegrityLabel: PSID,
- ) -> NTSTATUS;
- fn RtlGetVersion(
- lpVersionInformation: PRTL_OSVERSIONINFOW,
- ) -> NTSTATUS;
- fn RtlVerifyVersionInfo(
- VersionInfo: PRTL_OSVERSIONINFOEXW,
- TypeMask: ULONG,
- ConditionMask: ULONGLONG,
- ) -> NTSTATUS;
- fn RtlGetNtVersionNumbers(
- NtMajorVersion: PULONG,
- NtMinorVersion: PULONG,
- NtBuildNumber: PULONG,
- );
- fn RtlGetNtGlobalFlags() -> ULONG;
- fn RtlGetNtProductType(
- NtProductType: PNT_PRODUCT_TYPE,
- ) -> BOOLEAN;
- fn RtlGetSuiteMask() -> ULONG;
- fn RtlRegisterWait(
- WaitHandle: PHANDLE,
- Handle: HANDLE,
- Function: WAITORTIMERCALLBACKFUNC,
- Context: PVOID,
- Milliseconds: ULONG,
- Flags: ULONG,
- ) -> NTSTATUS;
- fn RtlDeregisterWait(
- WaitHandle: HANDLE,
- ) -> NTSTATUS;
- fn RtlDeregisterWaitEx(
- WaitHandle: HANDLE,
- Event: HANDLE,
- ) -> NTSTATUS;
- fn RtlQueueWorkItem(
- Function: WORKERCALLBACKFUNC,
- Context: PVOID,
- Flags: ULONG,
- ) -> NTSTATUS;
- fn RtlSetIoCompletionCallback(
- FileHandle: HANDLE,
- CompletionProc: APC_CALLBACK_FUNCTION,
- Flags: ULONG,
- ) -> NTSTATUS;
-}}
-FN!{stdcall PRTL_START_POOL_THREAD(
- Function: PTHREAD_START_ROUTINE,
- Parameter: PVOID,
- ThreadHandle: PHANDLE,
-) -> NTSTATUS}
-FN!{stdcall PRTL_EXIT_POOL_THREAD(
- ExitStatus: NTSTATUS,
-) -> NTSTATUS}
-EXTERN!{extern "system" {
- fn RtlSetThreadPoolStartFunc(
- StartPoolThread: PRTL_START_POOL_THREAD,
- ExitPoolThread: PRTL_EXIT_POOL_THREAD,
- ) -> NTSTATUS;
- fn RtlUserThreadStart(
- Function: PTHREAD_START_ROUTINE,
- Parameter: PVOID,
- );
- fn LdrInitializeThunk(
- ContextRecord: PCONTEXT,
- Parameter: PVOID,
- );
- fn RtlCreateTimerQueue(
- TimerQueueHandle: PHANDLE,
- ) -> NTSTATUS;
- fn RtlCreateTimer(
- TimerQueueHandle: HANDLE,
- Handle: PHANDLE,
- Function: WAITORTIMERCALLBACKFUNC,
- Context: PVOID,
- DueTime: ULONG,
- Period: ULONG,
- Flags: ULONG,
- ) -> NTSTATUS;
- fn RtlUpdateTimer(
- TimerQueueHandle: HANDLE,
- TimerHandle: HANDLE,
- DueTime: ULONG,
- Period: ULONG,
- ) -> NTSTATUS;
- fn RtlDeleteTimer(
- TimerQueueHandle: HANDLE,
- TimerToCancel: HANDLE,
- Event: HANDLE,
- ) -> NTSTATUS;
- fn RtlDeleteTimerQueue(
- TimerQueueHandle: HANDLE,
- ) -> NTSTATUS;
- fn RtlDeleteTimerQueueEx(
- TimerQueueHandle: HANDLE,
- Event: HANDLE,
- ) -> NTSTATUS;
- fn RtlFormatCurrentUserKeyPath(
- CurrentUserKeyPath: PUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlOpenCurrentUser(
- DesiredAccess: ACCESS_MASK,
- CurrentUserKey: PHANDLE,
- ) -> NTSTATUS;
-}}
-pub const RTL_REGISTRY_ABSOLUTE: ULONG = 0;
-pub const RTL_REGISTRY_SERVICES: ULONG = 1;
-pub const RTL_REGISTRY_CONTROL: ULONG = 2;
-pub const RTL_REGISTRY_WINDOWS_NT: ULONG = 3;
-pub const RTL_REGISTRY_DEVICEMAP: ULONG = 4;
-pub const RTL_REGISTRY_USER: ULONG = 5;
-pub const RTL_REGISTRY_MAXIMUM: ULONG = 6;
-pub const RTL_REGISTRY_HANDLE: ULONG = 0x40000000;
-pub const RTL_REGISTRY_OPTIONAL: ULONG = 0x80000000;
-EXTERN!{extern "system" {
- fn RtlCreateRegistryKey(
- RelativeTo: ULONG,
- Path: PWSTR,
- ) -> NTSTATUS;
- fn RtlCheckRegistryKey(
- RelativeTo: ULONG,
- Path: PWSTR,
- ) -> NTSTATUS;
-}}
-FN!{stdcall PRTL_QUERY_REGISTRY_ROUTINE(
- ValueName: PWSTR,
- ValueType: ULONG,
- ValueData: PVOID,
- ValueLength: ULONG,
- Context: PVOID,
- EntryContext: PVOID,
-) -> NTSTATUS}
-STRUCT!{struct RTL_QUERY_REGISTRY_TABLE {
- QueryRoutine: PRTL_QUERY_REGISTRY_ROUTINE,
- Flags: ULONG,
- Name: PWSTR,
- EntryContext: PVOID,
- DefaultType: ULONG,
- DefaultData: PVOID,
- DefaultLength: ULONG,
-}}
-pub type PRTL_QUERY_REGISTRY_TABLE = *mut RTL_QUERY_REGISTRY_TABLE;
-pub const RTL_QUERY_REGISTRY_SUBKEY: ULONG = 0x00000001;
-pub const RTL_QUERY_REGISTRY_TOPKEY: ULONG = 0x00000002;
-pub const RTL_QUERY_REGISTRY_REQUIRED: ULONG = 0x00000004;
-pub const RTL_QUERY_REGISTRY_NOVALUE: ULONG = 0x00000008;
-pub const RTL_QUERY_REGISTRY_NOEXPAND: ULONG = 0x00000010;
-pub const RTL_QUERY_REGISTRY_DIRECT: ULONG = 0x00000020;
-pub const RTL_QUERY_REGISTRY_DELETE: ULONG = 0x00000040;
-EXTERN!{extern "system" {
- fn RtlQueryRegistryValues(
- RelativeTo: ULONG,
- Path: PCWSTR,
- QueryTable: PRTL_QUERY_REGISTRY_TABLE,
- Context: PVOID,
- Environment: PVOID,
- ) -> NTSTATUS;
- fn RtlQueryRegistryValuesEx(
- RelativeTo: ULONG,
- Path: PWSTR,
- QueryTable: PRTL_QUERY_REGISTRY_TABLE,
- Context: PVOID,
- Environment: PVOID,
- ) -> NTSTATUS;
- fn RtlWriteRegistryValue(
- RelativeTo: ULONG,
- Path: PCWSTR,
- ValueName: PCWSTR,
- ValueType: ULONG,
- ValueData: PVOID,
- ValueLength: ULONG,
- ) -> NTSTATUS;
- fn RtlDeleteRegistryValue(
- RelativeTo: ULONG,
- Path: PCWSTR,
- ValueName: PCWSTR,
- ) -> NTSTATUS;
- fn RtlEnableThreadProfiling(
- ThreadHandle: HANDLE,
- Flags: ULONG,
- HardwareCounters: ULONG64,
- PerformanceDataHandle: *mut PVOID,
- ) -> NTSTATUS;
- fn RtlDisableThreadProfiling(
- PerformanceDataHandle: PVOID,
- ) -> NTSTATUS;
- fn RtlQueryThreadProfiling(
- ThreadHandle: HANDLE,
- Enabled: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlReadThreadProfilingData(
- PerformanceDataHandle: HANDLE,
- Flags: ULONG,
- PerformanceData: PPERFORMANCE_DATA,
- ) -> NTSTATUS;
- fn RtlGetNativeSystemInformation(
- SystemInformationClass: ULONG,
- NativeSystemInformation: PVOID,
- InformationLength: ULONG,
- ReturnLength: PULONG,
- ) -> NTSTATUS;
- fn RtlQueueApcWow64Thread(
- ThreadHandle: HANDLE,
- ApcRoutine: PPS_APC_ROUTINE,
- ApcArgument1: PVOID,
- ApcArgument2: PVOID,
- ApcArgument3: PVOID,
- ) -> NTSTATUS;
- fn RtlWow64EnableFsRedirection(
- Wow64FsEnableRedirection: BOOLEAN,
- ) -> NTSTATUS;
- fn RtlWow64EnableFsRedirectionEx(
- Wow64FsEnableRedirection: PVOID,
- OldFsRedirectionLevel: *mut PVOID,
- ) -> NTSTATUS;
- fn RtlComputeCrc32(
- PartialCrc: ULONG32,
- Buffer: PVOID,
- Length: ULONG,
- ) -> ULONG32;
- fn RtlEncodePointer(
- Ptr: PVOID,
- ) -> PVOID;
- fn RtlDecodePointer(
- Ptr: PVOID,
- ) -> PVOID;
- fn RtlEncodeSystemPointer(
- Ptr: PVOID,
- ) -> PVOID;
- fn RtlDecodeSystemPointer(
- Ptr: PVOID,
- ) -> PVOID;
- fn RtlEncodeRemotePointer(
- ProcessHandle: HANDLE,
- Pointer: PVOID,
- EncodedPointer: *mut PVOID,
- ) -> NTSTATUS;
- fn RtlDecodeRemotePointer(
- ProcessHandle: HANDLE,
- Pointer: PVOID,
- DecodedPointer: *mut PVOID,
- ) -> NTSTATUS;
- fn RtlIsProcessorFeaturePresent(
- ProcessorFeature: ULONG,
- ) -> BOOLEAN;
- fn RtlGetCurrentProcessorNumber() -> ULONG;
- fn RtlGetCurrentProcessorNumberEx(
- ProcessorNumber: PPROCESSOR_NUMBER,
- );
- fn RtlPushFrame(
- Frame: PTEB_ACTIVE_FRAME,
- );
- fn RtlPopFrame(
- Frame: PTEB_ACTIVE_FRAME,
- );
- fn RtlGetFrame() -> PTEB_ACTIVE_FRAME;
-}}
-pub const RTL_WALK_USER_MODE_STACK: ULONG = 0x00000001;
-pub const RTL_WALK_VALID_FLAGS: ULONG = 0x00000001;
-pub const RTL_STACK_WALKING_MODE_FRAMES_TO_SKIP_SHIFT: ULONG = 0x00000008;
-EXTERN!{extern "system" {
- fn RtlWalkFrameChain(
- Callers: *mut PVOID,
- Count: ULONG,
- Flags: ULONG,
- ) -> ULONG;
- fn RtlGetCallersAddress(
- CallersAddress: *mut PVOID,
- CallersCaller: *mut PVOID,
- );
- fn RtlGetEnabledExtendedFeatures(
- FeatureMask: ULONG64,
- ) -> ULONG64;
- fn RtlGetEnabledExtendedAndSupervisorFeatures(
- FeatureMask: ULONG64,
- ) -> ULONG64;
- fn RtlLocateSupervisorFeature(
- XStateHeader: PXSAVE_AREA_HEADER,
- FeatureId: ULONG,
- Length: PULONG,
- ) -> PVOID;
-}}
-STRUCT!{struct RTL_ELEVATION_FLAGS {
- Flags: ULONG,
-}}
-BITFIELD!{RTL_ELEVATION_FLAGS Flags: ULONG [
- ElevationEnabled set_ElevationEnabled[0..1],
- VirtualizationEnabled set_VirtualizationEnabled[1..2],
- InstallerDetectEnabled set_InstallerDetectEnabled[2..3],
- ReservedBits set_ReservedBits[3..32],
-]}
-pub type PRTL_ELEVATION_FLAGS = *mut RTL_ELEVATION_FLAGS;
-EXTERN!{extern "system" {
- fn RtlQueryElevationFlags(
- Flags: PRTL_ELEVATION_FLAGS,
- ) -> NTSTATUS;
- fn RtlRegisterThreadWithCsrss() -> NTSTATUS;
- fn RtlLockCurrentThread() -> NTSTATUS;
- fn RtlUnlockCurrentThread() -> NTSTATUS;
- fn RtlLockModuleSection(
- Address: PVOID,
- ) -> NTSTATUS;
- fn RtlUnlockModuleSection(
- Address: PVOID,
- ) -> NTSTATUS;
-}}
-pub const RTL_UNLOAD_EVENT_TRACE_NUMBER: u32 = 64;
-STRUCT!{struct RTL_UNLOAD_EVENT_TRACE {
- BaseAddress: PVOID,
- SizeOfImage: SIZE_T,
- Sequence: ULONG,
- TimeDateStamp: ULONG,
- CheckSum: ULONG,
- ImageName: [WCHAR; 32],
- Version: [ULONG; 2],
-}}
-pub type PRTL_UNLOAD_EVENT_TRACE = *mut RTL_UNLOAD_EVENT_TRACE;
-STRUCT!{struct RTL_UNLOAD_EVENT_TRACE32 {
- BaseAddress: ULONG,
- SizeOfImage: ULONG,
- Sequence: ULONG,
- TimeDateStamp: ULONG,
- CheckSum: ULONG,
- ImageName: [WCHAR; 32],
- Version: [ULONG; 2],
-}}
-pub type PRTL_UNLOAD_EVENT_TRACE32 = *mut RTL_UNLOAD_EVENT_TRACE32;
-EXTERN!{extern "system" {
- fn RtlGetUnloadEventTrace() -> PRTL_UNLOAD_EVENT_TRACE;
- fn RtlGetUnloadEventTraceEx(
- ElementSize: *mut PULONG,
- ElementCount: *mut PULONG,
- EventTrace: *mut PVOID,
- );
- fn RtlQueryPerformanceCounter(
- PerformanceCounter: PLARGE_INTEGER,
- ) -> LOGICAL;
- fn RtlQueryPerformanceFrequency(
- PerformanceFrequency: PLARGE_INTEGER,
- ) -> LOGICAL;
-}}
-ENUM!{enum IMAGE_MITIGATION_POLICY {
- ImageDepPolicy = 0,
- ImageAslrPolicy = 1,
- ImageDynamicCodePolicy = 2,
- ImageStrictHandleCheckPolicy = 3,
- ImageSystemCallDisablePolicy = 4,
- ImageMitigationOptionsMask = 5,
- ImageExtensionPointDisablePolicy = 6,
- ImageControlFlowGuardPolicy = 7,
- ImageSignaturePolicy = 8,
- ImageFontDisablePolicy = 9,
- ImageImageLoadPolicy = 10,
- ImagePayloadRestrictionPolicy = 11,
- ImageChildProcessPolicy = 12,
- ImageSehopPolicy = 13,
- ImageHeapPolicy = 14,
- MaxImageMitigationPolicy = 15,
-}}
-UNION!{union RTL_IMAGE_MITIGATION_POLICY {
- Bitfields1: ULONG64,
- Bitfields2: ULONG64,
-}}
-BITFIELD!{unsafe RTL_IMAGE_MITIGATION_POLICY Bitfields1: ULONG64 [
- AuditState set_AuditState[0..2],
- AuditFlag set_AuditFlag[2..3],
- EnableAdditionalAuditingOption set_EnableAdditionalAuditingOption[3..4],
- Reserved set_Reserved[4..64],
-]}
-BITFIELD!{unsafe RTL_IMAGE_MITIGATION_POLICY Bitfields2: ULONG64 [
- PolicyState set_PolicyState[0..2],
- AlwaysInherit set_AlwaysInherit[2..3],
- EnableAdditionalPolicyOption set_EnableAdditionalPolicyOption[3..4],
- AuditReserved set_AuditReserved[4..64],
-]}
-pub type PRTL_IMAGE_MITIGATION_POLICY = *mut RTL_IMAGE_MITIGATION_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_DEP_POLICY {
- Dep: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_DEP_POLICY = *mut RTL_IMAGE_MITIGATION_DEP_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_ASLR_POLICY {
- ForceRelocateImages: RTL_IMAGE_MITIGATION_POLICY,
- BottomUpRandomization: RTL_IMAGE_MITIGATION_POLICY,
- HighEntropyRandomization: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_ASLR_POLICY = *mut RTL_IMAGE_MITIGATION_ASLR_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_DYNAMIC_CODE_POLICY {
- BlockDynamicCode: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_DYNAMIC_CODE_POLICY = *mut RTL_IMAGE_MITIGATION_DYNAMIC_CODE_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_STRICT_HANDLE_CHECK_POLICY {
- StrictHandleChecks: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_STRICT_HANDLE_CHECK_POLICY =
- *mut RTL_IMAGE_MITIGATION_STRICT_HANDLE_CHECK_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_SYSTEM_CALL_DISABLE_POLICY {
- BlockWin32kSystemCalls: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_SYSTEM_CALL_DISABLE_POLICY =
- *mut RTL_IMAGE_MITIGATION_SYSTEM_CALL_DISABLE_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_EXTENSION_POINT_DISABLE_POLICY {
- DisableExtensionPoints: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_EXTENSION_POINT_DISABLE_POLICY =
- *mut RTL_IMAGE_MITIGATION_EXTENSION_POINT_DISABLE_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_CONTROL_FLOW_GUARD_POLICY {
- ControlFlowGuard: RTL_IMAGE_MITIGATION_POLICY,
- StrictControlFlowGuard: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_CONTROL_FLOW_GUARD_POLICY =
- *mut RTL_IMAGE_MITIGATION_CONTROL_FLOW_GUARD_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_BINARY_SIGNATURE_POLICY {
- BlockNonMicrosoftSignedBinaries: RTL_IMAGE_MITIGATION_POLICY,
- EnforceSigningOnModuleDependencies: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_BINARY_SIGNATURE_POLICY =
- *mut RTL_IMAGE_MITIGATION_BINARY_SIGNATURE_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_FONT_DISABLE_POLICY {
- DisableNonSystemFonts: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_FONT_DISABLE_POLICY = *mut RTL_IMAGE_MITIGATION_FONT_DISABLE_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_IMAGE_LOAD_POLICY {
- BlockRemoteImageLoads: RTL_IMAGE_MITIGATION_POLICY,
- BlockLowLabelImageLoads: RTL_IMAGE_MITIGATION_POLICY,
- PreferSystem32: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_IMAGE_LOAD_POLICY = *mut RTL_IMAGE_MITIGATION_IMAGE_LOAD_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_PAYLOAD_RESTRICTION_POLICY {
- EnableExportAddressFilter: RTL_IMAGE_MITIGATION_POLICY,
- EnableExportAddressFilterPlus: RTL_IMAGE_MITIGATION_POLICY,
- EnableImportAddressFilter: RTL_IMAGE_MITIGATION_POLICY,
- EnableRopStackPivot: RTL_IMAGE_MITIGATION_POLICY,
- EnableRopCallerCheck: RTL_IMAGE_MITIGATION_POLICY,
- EnableRopSimExec: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_PAYLOAD_RESTRICTION_POLICY =
- *mut RTL_IMAGE_MITIGATION_PAYLOAD_RESTRICTION_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_CHILD_PROCESS_POLICY {
- DisallowChildProcessCreation: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_CHILD_PROCESS_POLICY =
- *mut RTL_IMAGE_MITIGATION_CHILD_PROCESS_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_SEHOP_POLICY {
- Sehop: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_SEHOP_POLICY = *mut RTL_IMAGE_MITIGATION_SEHOP_POLICY;
-STRUCT!{struct RTL_IMAGE_MITIGATION_HEAP_POLICY {
- TerminateOnHeapErrors: RTL_IMAGE_MITIGATION_POLICY,
-}}
-pub type PRTL_IMAGE_MITIGATION_HEAP_POLICY = *mut RTL_IMAGE_MITIGATION_HEAP_POLICY;
-ENUM!{enum RTL_IMAGE_MITIGATION_OPTION_STATE {
- RtlMitigationOptionStateNotConfigured = 0,
- RtlMitigationOptionStateOn = 1,
- RtlMitigationOptionStateOff = 2,
-}}
-pub const RTL_IMAGE_MITIGATION_FLAG_RESET: ULONG = 0x1;
-pub const RTL_IMAGE_MITIGATION_FLAG_REMOVE: ULONG = 0x2;
-pub const RTL_IMAGE_MITIGATION_FLAG_OSDEFAULT: ULONG = 0x4;
-pub const RTL_IMAGE_MITIGATION_FLAG_AUDIT: ULONG = 0x8;
-EXTERN!{extern "system" {
- fn RtlQueryImageMitigationPolicy(
- ImagePath: PWSTR,
- Policy: IMAGE_MITIGATION_POLICY,
- Flags: ULONG,
- Buffer: PVOID,
- BufferSize: ULONG,
- ) -> NTSTATUS;
- fn RtlSetImageMitigationPolicy(
- ImagePath: PWSTR,
- Policy: IMAGE_MITIGATION_POLICY,
- Flags: ULONG,
- Buffer: PVOID,
- BufferSize: ULONG,
- ) -> NTSTATUS;
- fn RtlGetCurrentServiceSessionId() -> ULONG;
- fn RtlGetActiveConsoleId() -> ULONG;
- fn RtlGetConsoleSessionForegroundProcessId() -> ULONGLONG;
- fn RtlGetTokenNamedObjectPath(
- Token: HANDLE,
- Sid: PSID,
- ObjectPath: PUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlGetAppContainerNamedObjectPath(
- Token: HANDLE,
- AppContainerSid: PSID,
- RelativePath: BOOLEAN,
- ObjectPath: PUNICODE_STRING,
- ) -> NTSTATUS;
- fn RtlGetAppContainerParent(
- AppContainerSid: PSID,
- AppContainerSidParent: *mut PSID,
- ) -> NTSTATUS;
- fn RtlCheckSandboxedToken(
- TokenHandle: HANDLE,
- IsSandboxed: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlCheckTokenCapability(
- TokenHandle: HANDLE,
- CapabilitySidToCheck: PSID,
- HasCapability: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlCapabilityCheck(
- TokenHandle: HANDLE,
- CapabilityName: PUNICODE_STRING,
- HasCapability: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlCheckTokenMembership(
- TokenHandle: HANDLE,
- SidToCheck: PSID,
- IsMember: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlCheckTokenMembershipEx(
- TokenHandle: HANDLE,
- SidToCheck: PSID,
- Flags: ULONG,
- IsMember: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlIsParentOfChildAppContainer(
- ParentAppContainerSid: PSID,
- ChildAppContainerSid: PSID,
- ) -> NTSTATUS;
- fn RtlIsCapabilitySid(
- Sid: PSID,
- ) -> BOOLEAN;
- fn RtlIsPackageSid(
- Sid: PSID,
- ) -> BOOLEAN;
- fn RtlIsValidProcessTrustLabelSid(
- Sid: PSID,
- ) -> BOOLEAN;
- fn RtlIsStateSeparationEnabled() -> BOOLEAN;
-}}
-ENUM!{enum APPCONTAINER_SID_TYPE {
- NotAppContainerSidType = 0,
- ChildAppContainerSidType = 1,
- ParentAppContainerSidType = 2,
- InvalidAppContainerSidType = 3,
- MaxAppContainerSidType = 4,
-}}
-pub type PAPPCONTAINER_SID_TYPE = *mut APPCONTAINER_SID_TYPE;
-EXTERN!{extern "system" {
- fn RtlGetAppContainerSidType(
- AppContainerSid: PSID,
- AppContainerSidType: PAPPCONTAINER_SID_TYPE,
- ) -> NTSTATUS;
- fn RtlFlsAlloc(
- Callback: PFLS_CALLBACK_FUNCTION,
- FlsIndex: PULONG,
- ) -> NTSTATUS;
- fn RtlFlsFree(
- FlsIndex: ULONG,
- ) -> NTSTATUS;
-}}
-ENUM!{enum STATE_LOCATION_TYPE {
- LocationTypeRegistry = 0,
- LocationTypeFileSystem = 1,
- LocationTypeMaximum = 2,
-}}
-EXTERN!{extern "system" {
- fn RtlGetPersistedStateLocation(
- SourceID: PCWSTR,
- CustomValue: PCWSTR,
- DefaultPath: PCWSTR,
- StateLocationType: STATE_LOCATION_TYPE,
- TargetPath: PWCHAR,
- BufferLengthIn: ULONG,
- BufferLengthOut: PULONG,
- ) -> NTSTATUS;
- fn RtlIsCloudFilesPlaceholder(
- FileAttributes: ULONG,
- ReparseTag: ULONG,
- ) -> BOOLEAN;
- fn RtlIsPartialPlaceholder(
- FileAttributes: ULONG,
- ReparseTag: ULONG,
- ) -> BOOLEAN;
- fn RtlIsPartialPlaceholderFileHandle(
- FileHandle: HANDLE,
- IsPartialPlaceholder: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlIsPartialPlaceholderFileInfo(
- InfoBuffer: *const c_void,
- InfoClass: FILE_INFORMATION_CLASS,
- IsPartialPlaceholder: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlIsNonEmptyDirectoryReparsePointAllowed(
- ReparseTag: ULONG,
- ) -> BOOLEAN;
- fn RtlAppxIsFileOwnedByTrustedInstaller(
- FileHandle: HANDLE,
- IsFileOwnedByTrustedInstaller: PBOOLEAN,
- ) -> NTSTATUS;
-}}
-STRUCT!{struct PS_PKG_CLAIM {
- Flags: ULONGLONG,
- Origin: ULONGLONG,
-}}
-pub type PPS_PKG_CLAIM = *mut PS_PKG_CLAIM;
-EXTERN!{extern "system" {
- fn RtlQueryPackageClaims(
- TokenHandle: HANDLE,
- PackageFullName: PWSTR,
- PackageSize: PSIZE_T,
- AppId: PWSTR,
- AppIdSize: PSIZE_T,
- DynamicId: *mut GUID,
- PkgClaim: PPS_PKG_CLAIM,
- AttributesPresent: PULONG64,
- ) -> NTSTATUS;
- fn RtlQueryProtectedPolicy(
- PolicyGuid: *mut GUID,
- PolicyValue: PULONG_PTR,
- ) -> NTSTATUS;
- fn RtlSetProtectedPolicy(
- PolicyGuid: *mut GUID,
- PolicyValue: ULONG_PTR,
- OldPolicyValue: PULONG_PTR,
- ) -> NTSTATUS;
- fn RtlIsMultiSessionSku() -> BOOLEAN;
- fn RtlIsMultiUsersInSessionSku() -> BOOLEAN;
-}}
-ENUM!{enum RTL_BSD_ITEM_TYPE {
- RtlBsdItemVersionNumber = 0,
- RtlBsdItemProductType = 1,
- RtlBsdItemAabEnabled = 2,
- RtlBsdItemAabTimeout = 3,
- RtlBsdItemBootGood = 4,
- RtlBsdItemBootShutdown = 5,
- RtlBsdSleepInProgress = 6,
- RtlBsdPowerTransition = 7,
- RtlBsdItemBootAttemptCount = 8,
- RtlBsdItemBootCheckpoint = 9,
- RtlBsdItemBootId = 10,
- RtlBsdItemShutdownBootId = 11,
- RtlBsdItemReportedAbnormalShutdownBootId = 12,
- RtlBsdItemErrorInfo = 13,
- RtlBsdItemPowerButtonPressInfo = 14,
- RtlBsdItemChecksum = 15,
- RtlBsdItemMax = 16,
-}}
-STRUCT!{struct RTL_BSD_ITEM {
- Type: RTL_BSD_ITEM_TYPE,
- DataBuffer: PVOID,
- DataLength: ULONG,
-}}
-pub type PRTL_BSD_ITEM = *mut RTL_BSD_ITEM;
-EXTERN!{extern "system" {
- fn RtlCreateBootStatusDataFile() -> NTSTATUS;
- fn RtlLockBootStatusData(
- FileHandle: PHANDLE,
- ) -> NTSTATUS;
- fn RtlUnlockBootStatusData(
- FileHandle: HANDLE,
- ) -> NTSTATUS;
- fn RtlGetSetBootStatusData(
- FileHandle: HANDLE,
- Read: BOOLEAN,
- DataClass: RTL_BSD_ITEM_TYPE,
- Buffer: PVOID,
- BufferSize: ULONG,
- ReturnLength: PULONG,
- ) -> NTSTATUS;
- fn RtlCheckBootStatusIntegrity(
- FileHandle: HANDLE,
- Verified: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlCheckPortableOperatingSystem(
- IsPortable: PBOOLEAN,
- ) -> NTSTATUS;
- fn RtlSetPortableOperatingSystem(
- IsPortable: BOOLEAN,
- ) -> NTSTATUS;
-}}
-EXTERN!{extern "system" {
- fn RtlOsDeploymentState(
- Flags: DWORD,
- ) -> OS_DEPLOYEMENT_STATE_VALUES;
- fn RtlFindClosestEncodableLength(
- SourceLength: ULONGLONG,
- TargetLength: PULONGLONG,
- ) -> NTSTATUS;
-}}
-FN!{stdcall PRTL_SECURE_MEMORY_CACHE_CALLBACK(
- Address: PVOID,
- Length: SIZE_T,
-) -> NTSTATUS}
-EXTERN!{extern "system" {
- fn RtlRegisterSecureMemoryCacheCallback(
- Callback: PRTL_SECURE_MEMORY_CACHE_CALLBACK,
- ) -> NTSTATUS;
- fn RtlDeregisterSecureMemoryCacheCallback(
- Callback: PRTL_SECURE_MEMORY_CACHE_CALLBACK,
- ) -> NTSTATUS;
- fn RtlFlushSecureMemoryCache(
- MemoryCache: PVOID,
- MemoryLength: SIZE_T,
- ) -> BOOLEAN;
-}}
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-30 17:20:46 +0000