Process Hacker
ntbasic.h
Go to the documentation of this file.
1 #ifndef _NTBASIC_H
2 #define _NTBASIC_H
3 
4 #ifndef _NTDEF_
5 
6 // This header file provides basic NT types not included in Win32.
7 
8 #ifndef NOTHING
9 #define NOTHING
10 #endif
11 
12 // Basic types
13 
14 typedef struct _QUAD
15 {
16  union
17  {
18  __int64 UseThisFieldToCopy;
19  double DoNotUseThisField;
20  };
21 } QUAD, *PQUAD;
22 
23 // This isn't in NT, but it's useful.
24 typedef struct DECLSPEC_ALIGN(MEMORY_ALLOCATION_ALIGNMENT) _QUAD_PTR
25 {
26  ULONG_PTR DoNotUseThisField1;
27  ULONG_PTR DoNotUseThisField2;
28 } QUAD_PTR, *PQUAD_PTR;
29 
30 typedef ULONG LOGICAL;
31 typedef ULONG *PLOGICAL;
32 
33 typedef _Success_(return >= 0) LONG NTSTATUS;
34 typedef NTSTATUS *PNTSTATUS;
35 
36 // Cardinal types
37 
38 typedef char CCHAR;
39 typedef short CSHORT;
40 typedef ULONG CLONG;
41 
42 typedef CCHAR *PCCHAR;
43 typedef CSHORT *PCSHORT;
44 typedef CLONG *PCLONG;
45 
46 typedef PCSTR PCSZ;
47 
48 // Specific
49 
50 typedef UCHAR KIRQL, *PKIRQL;
51 typedef LONG KPRIORITY;
52 typedef USHORT RTL_ATOM, *PRTL_ATOM;
53 
54 typedef LARGE_INTEGER PHYSICAL_ADDRESS, *PPHYSICAL_ADDRESS;
55 
56 // NT status macros
57 
58 #define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0)
59 #define NT_INFORMATION(Status) ((((ULONG)(Status)) >> 30) == 1)
60 #define NT_WARNING(Status) ((((ULONG)(Status)) >> 30) == 2)
61 #define NT_ERROR(Status) ((((ULONG)(Status)) >> 30) == 3)
62 
63 #define NT_FACILITY_MASK 0xfff
64 #define NT_FACILITY_SHIFT 16
65 #define NT_FACILITY(Status) ((((ULONG)(Status)) >> NT_FACILITY_SHIFT) & NT_FACILITY_MASK)
66 
67 #define NT_NTWIN32(Status) (NT_FACILITY(Status) == FACILITY_NTWIN32)
68 #define WIN32_FROM_NTSTATUS(Status) (((ULONG)(Status)) & 0xffff)
69 
70 // Functions
71 
72 #ifndef _WIN64
73 #define FASTCALL __fastcall
74 #else
75 #define FASTCALL
76 #endif
77 
78 // Synchronization enumerations
79 
80 typedef enum _EVENT_TYPE
81 {
82  NotificationEvent,
83  SynchronizationEvent
84 } EVENT_TYPE;
85 
86 typedef enum _TIMER_TYPE
87 {
88  NotificationTimer,
89  SynchronizationTimer
90 } TIMER_TYPE;
91 
92 typedef enum _WAIT_TYPE
93 {
94  WaitAll,
95  WaitAny
96 } WAIT_TYPE;
97 
98 // Strings
99 
100 typedef struct _STRING
101 {
102  USHORT Length;
103  USHORT MaximumLength;
104  _Field_size_bytes_part_opt_(MaximumLength, Length) PCHAR Buffer;
105 } STRING, *PSTRING, ANSI_STRING, *PANSI_STRING, OEM_STRING, *POEM_STRING;
106 
107 typedef const STRING *PCSTRING;
108 typedef const ANSI_STRING *PCANSI_STRING;
109 typedef const OEM_STRING *PCOEM_STRING;
110 
111 typedef struct _UNICODE_STRING
112 {
113  USHORT Length;
114  USHORT MaximumLength;
115  _Field_size_bytes_part_(MaximumLength, Length) PWCH Buffer;
116 } UNICODE_STRING, *PUNICODE_STRING;
117 
118 typedef const UNICODE_STRING *PCUNICODE_STRING;
119 
120 #define RTL_CONSTANT_STRING(s) { sizeof(s) - sizeof((s)[0]), sizeof(s), s }
121 
122 // Balanced tree node
123 
124 #define RTL_BALANCED_NODE_RESERVED_PARENT_MASK 3
125 
126 typedef struct _RTL_BALANCED_NODE
127 {
128  union
129  {
130  struct _RTL_BALANCED_NODE *Children[2];
131  struct
132  {
133  struct _RTL_BALANCED_NODE *Left;
134  struct _RTL_BALANCED_NODE *Right;
135  };
136  };
137  union
138  {
139  UCHAR Red : 1;
140  UCHAR Balance : 2;
141  ULONG_PTR ParentValue;
142  };
143 } RTL_BALANCED_NODE, *PRTL_BALANCED_NODE;
144 
145 #define RTL_BALANCED_NODE_GET_PARENT_POINTER(Node) ((PRTL_BALANCED_NODE)((Node)->ParentValue & ~RTL_BALANCED_NODE_RESERVED_PARENT_MASK))
146 
147 // Portability
148 
149 typedef struct _SINGLE_LIST_ENTRY32
150 {
151  ULONG Next;
152 } SINGLE_LIST_ENTRY32, *PSINGLE_LIST_ENTRY32;
153 
154 typedef struct _STRING32
155 {
156  USHORT Length;
157  USHORT MaximumLength;
158  ULONG Buffer;
159 } STRING32, *PSTRING32;
160 
161 typedef STRING32 UNICODE_STRING32, *PUNICODE_STRING32;
162 typedef STRING32 ANSI_STRING32, *PANSI_STRING32;
163 
164 typedef struct _STRING64
165 {
166  USHORT Length;
167  USHORT MaximumLength;
168  ULONGLONG Buffer;
169 } STRING64, *PSTRING64;
170 
171 typedef STRING64 UNICODE_STRING64, *PUNICODE_STRING64;
172 typedef STRING64 ANSI_STRING64, *PANSI_STRING64;
173 
174 // Object attributes
175 
176 #define OBJ_INHERIT 0x00000002
177 #define OBJ_PERMANENT 0x00000010
178 #define OBJ_EXCLUSIVE 0x00000020
179 #define OBJ_CASE_INSENSITIVE 0x00000040
180 #define OBJ_OPENIF 0x00000080
181 #define OBJ_OPENLINK 0x00000100
182 #define OBJ_KERNEL_HANDLE 0x00000200
183 #define OBJ_FORCE_ACCESS_CHECK 0x00000400
184 #define OBJ_VALID_ATTRIBUTES 0x000007f2
185 
186 typedef struct _OBJECT_ATTRIBUTES
187 {
188  ULONG Length;
189  HANDLE RootDirectory;
190  PUNICODE_STRING ObjectName;
191  ULONG Attributes;
192  PVOID SecurityDescriptor; // PSECURITY_DESCRIPTOR;
193  PVOID SecurityQualityOfService; // PSECURITY_QUALITY_OF_SERVICE
194 } OBJECT_ATTRIBUTES, *POBJECT_ATTRIBUTES;
195 
196 typedef const OBJECT_ATTRIBUTES *PCOBJECT_ATTRIBUTES;
197 
198 #define InitializeObjectAttributes(p, n, a, r, s) { \
199  (p)->Length = sizeof(OBJECT_ATTRIBUTES); \
200  (p)->RootDirectory = r; \
201  (p)->Attributes = a; \
202  (p)->ObjectName = n; \
203  (p)->SecurityDescriptor = s; \
204  (p)->SecurityQualityOfService = NULL; \
205  }
206 
207 #define RTL_CONSTANT_OBJECT_ATTRIBUTES(n, a) { sizeof(OBJECT_ATTRIBUTES), NULL, n, a, NULL, NULL }
208 #define RTL_INIT_OBJECT_ATTRIBUTES(n, a) RTL_CONSTANT_OBJECT_ATTRIBUTES(n, a)
209 
210 // Portability
211 
212 typedef struct _OBJECT_ATTRIBUTES64
213 {
214  ULONG Length;
215  ULONG64 RootDirectory;
216  ULONG64 ObjectName;
217  ULONG Attributes;
218  ULONG64 SecurityDescriptor;
219  ULONG64 SecurityQualityOfService;
220 } OBJECT_ATTRIBUTES64, *POBJECT_ATTRIBUTES64;
221 
222 typedef const OBJECT_ATTRIBUTES64 *PCOBJECT_ATTRIBUTES64;
223 
224 typedef struct _OBJECT_ATTRIBUTES32
225 {
226  ULONG Length;
227  ULONG RootDirectory;
228  ULONG ObjectName;
229  ULONG Attributes;
230  ULONG SecurityDescriptor;
231  ULONG SecurityQualityOfService;
232 } OBJECT_ATTRIBUTES32, *POBJECT_ATTRIBUTES32;
233 
234 typedef const OBJECT_ATTRIBUTES32 *PCOBJECT_ATTRIBUTES32;
235 
236 // Product types
237 
238 typedef enum _NT_PRODUCT_TYPE
239 {
240  NtProductWinNt = 1,
241  NtProductLanManNt,
242  NtProductServer
243 } NT_PRODUCT_TYPE, *PNT_PRODUCT_TYPE;
244 
245 typedef enum _SUITE_TYPE
246 {
247  SmallBusiness,
248  Enterprise,
249  BackOffice,
250  CommunicationServer,
251  TerminalServer,
252  SmallBusinessRestricted,
253  EmbeddedNT,
254  DataCenter,
255  SingleUserTS,
256  Personal,
257  Blade,
258  EmbeddedRestricted,
259  SecurityAppliance,
260  StorageServer,
261  ComputeServer,
262  WHServer,
263  PhoneNT,
264  MaxSuiteType
265 } SUITE_TYPE;
266 
267 // Specific
268 
269 typedef struct _CLIENT_ID
270 {
271  HANDLE UniqueProcess;
272  HANDLE UniqueThread;
273 } CLIENT_ID, *PCLIENT_ID;
274 
275 typedef struct _CLIENT_ID32
276 {
277  ULONG UniqueProcess;
278  ULONG UniqueThread;
279 } CLIENT_ID32, *PCLIENT_ID32;
280 
281 typedef struct _CLIENT_ID64
282 {
283  ULONGLONG UniqueProcess;
284  ULONGLONG UniqueThread;
285 } CLIENT_ID64, *PCLIENT_ID64;
286 
287 #include <pshpack4.h>
288 
289 typedef struct _KSYSTEM_TIME
290 {
291  ULONG LowPart;
292  LONG High1Time;
293  LONG High2Time;
294 } KSYSTEM_TIME, *PKSYSTEM_TIME;
295 
296 #include <poppack.h>
297 
298 #endif
299 
300 #endif