6 #if (PHNT_MODE != PHNT_MODE_KERNEL)
14 _In_ BOOLEAN Alertable,
15 _In_ PLARGE_INTEGER DelayInterval
23 NtQuerySystemEnvironmentValue(
25 _Out_writes_bytes_(ValueLength) PWSTR VariableValue,
26 _In_ USHORT ValueLength,
27 _Out_opt_ PUSHORT ReturnLength
33 NtSetSystemEnvironmentValue(
38 #if (PHNT_VERSION >= PHNT_WIN8)
43 NtQuerySystemEnvironmentValueEx(
45 _In_ LPGUID VendorGuid,
46 _Out_writes_bytes_opt_(*ValueLength) PVOID Value,
47 _Inout_ PULONG ValueLength,
48 _Out_opt_ PULONG Attributes
54 NtSetSystemEnvironmentValueEx(
56 _In_ LPGUID VendorGuid,
57 _In_reads_bytes_opt_(ValueLength) PVOID Value,
58 _In_ ULONG ValueLength,
65 NtEnumerateSystemEnvironmentValuesEx(
66 _In_ ULONG InformationClass,
68 _Inout_ PULONG BufferLength
76 typedef struct _BOOT_ENTRY
82 ULONG FriendlyNameOffset;
83 ULONG BootFilePathOffset;
84 ULONG OsOptionsLength;
86 } BOOT_ENTRY, *PBOOT_ENTRY;
89 typedef struct _BOOT_ENTRY_LIST
91 ULONG NextEntryOffset;
93 } BOOT_ENTRY_LIST, *PBOOT_ENTRY_LIST;
96 typedef struct _BOOT_OPTIONS
101 ULONG CurrentBootEntryId;
102 ULONG NextBootEntryId;
103 WCHAR HeadlessRedirection[1];
104 } BOOT_OPTIONS, *PBOOT_OPTIONS;
107 typedef struct _FILE_PATH
113 } FILE_PATH, *PFILE_PATH;
116 typedef struct _EFI_DRIVER_ENTRY
121 ULONG FriendlyNameOffset;
122 ULONG DriverFilePathOffset;
123 } EFI_DRIVER_ENTRY, *PEFI_DRIVER_ENTRY;
126 typedef struct _EFI_DRIVER_ENTRY_LIST
128 ULONG NextEntryOffset;
130 } EFI_DRIVER_ENTRY_LIST, *PEFI_DRIVER_ENTRY_LIST;
132 #if (PHNT_VERSION >= PHNT_VISTA)
138 _In_ PBOOT_ENTRY BootEntry,
153 _In_ PBOOT_ENTRY BootEntry
159 NtEnumerateBootEntries(
160 _Out_writes_bytes_opt_(*BufferLength) PVOID Buffer,
161 _Inout_ PULONG BufferLength
167 NtQueryBootEntryOrder(
168 _Out_writes_opt_(*Count) PULONG Ids,
176 _In_reads_(Count) PULONG Ids,
184 _Out_writes_bytes_opt_(*BootOptionsLength) PBOOT_OPTIONS BootOptions,
185 _Inout_ PULONG BootOptionsLength
192 _In_ PBOOT_OPTIONS BootOptions,
193 _In_ ULONG FieldsToChange
200 _In_ PFILE_PATH InputFilePath,
201 _In_ ULONG OutputType,
202 _Out_writes_bytes_opt_(*OutputFilePathLength) PFILE_PATH OutputFilePath,
203 _Inout_opt_ PULONG OutputFilePathLength
231 NtEnumerateDriverEntries(
232 _Out_writes_bytes_opt_(*BufferLength) PVOID Buffer,
233 _Inout_ PULONG BufferLength
239 NtQueryDriverEntryOrder(
240 _Out_writes_opt_(*Count) PULONG Ids,
247 NtSetDriverEntryOrder(
248 _In_reads_(Count) PULONG Ids,
256 #ifndef EVENT_QUERY_STATE
257 #define EVENT_QUERY_STATE 0x0001
260 typedef enum _EVENT_INFORMATION_CLASS
262 EventBasicInformation
263 } EVENT_INFORMATION_CLASS;
265 typedef struct _EVENT_BASIC_INFORMATION
269 } EVENT_BASIC_INFORMATION, *PEVENT_BASIC_INFORMATION;
275 _Out_ PHANDLE EventHandle,
276 _In_ ACCESS_MASK DesiredAccess,
279 _In_ BOOLEAN InitialState
286 _Out_ PHANDLE EventHandle,
287 _In_ ACCESS_MASK DesiredAccess,
295 _In_ HANDLE EventHandle,
296 _Out_opt_ PLONG PreviousState
302 NtSetEventBoostPriority(
303 _In_ HANDLE EventHandle
310 _In_ HANDLE EventHandle
317 _In_ HANDLE EventHandle,
318 _Out_opt_ PLONG PreviousState
325 _In_ HANDLE EventHandle,
326 _Out_opt_ PLONG PreviousState
333 _In_ HANDLE EventHandle,
334 _In_ EVENT_INFORMATION_CLASS EventInformationClass,
335 _Out_writes_bytes_(EventInformationLength) PVOID EventInformation,
336 _In_ ULONG EventInformationLength,
337 _Out_opt_ PULONG ReturnLength
342 #define EVENT_PAIR_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE)
348 _Out_ PHANDLE EventPairHandle,
349 _In_ ACCESS_MASK DesiredAccess,
357 _Out_ PHANDLE EventPairHandle,
358 _In_ ACCESS_MASK DesiredAccess,
366 _In_ HANDLE EventPairHandle
373 _In_ HANDLE EventPairHandle
380 _In_ HANDLE EventPairHandle
387 _In_ HANDLE EventPairHandle
393 NtSetLowWaitHighEventPair(
394 _In_ HANDLE EventPairHandle
400 NtSetHighWaitLowEventPair(
401 _In_ HANDLE EventPairHandle
406 typedef enum _MUTANT_INFORMATION_CLASS
408 MutantBasicInformation,
409 MutantOwnerInformation
410 } MUTANT_INFORMATION_CLASS;
412 typedef struct _MUTANT_BASIC_INFORMATION
415 BOOLEAN OwnedByCaller;
416 BOOLEAN AbandonedState;
417 } MUTANT_BASIC_INFORMATION, *PMUTANT_BASIC_INFORMATION;
419 typedef struct _MUTANT_OWNER_INFORMATION
422 } MUTANT_OWNER_INFORMATION, *PMUTANT_OWNER_INFORMATION;
428 _Out_ PHANDLE MutantHandle,
429 _In_ ACCESS_MASK DesiredAccess,
431 _In_ BOOLEAN InitialOwner
438 _Out_ PHANDLE MutantHandle,
439 _In_ ACCESS_MASK DesiredAccess,
447 _In_ HANDLE MutantHandle,
448 _Out_opt_ PLONG PreviousCount
455 _In_ HANDLE MutantHandle,
456 _In_ MUTANT_INFORMATION_CLASS MutantInformationClass,
457 _Out_writes_bytes_(MutantInformationLength) PVOID MutantInformation,
458 _In_ ULONG MutantInformationLength,
459 _Out_opt_ PULONG ReturnLength
464 #ifndef SEMAPHORE_QUERY_STATE
465 #define SEMAPHORE_QUERY_STATE 0x0001
468 typedef enum _SEMAPHORE_INFORMATION_CLASS
470 SemaphoreBasicInformation
471 } SEMAPHORE_INFORMATION_CLASS;
473 typedef struct _SEMAPHORE_BASIC_INFORMATION
477 } SEMAPHORE_BASIC_INFORMATION, *PSEMAPHORE_BASIC_INFORMATION;
483 _Out_ PHANDLE SemaphoreHandle,
484 _In_ ACCESS_MASK DesiredAccess,
486 _In_
LONG InitialCount,
487 _In_
LONG MaximumCount
494 _Out_ PHANDLE SemaphoreHandle,
495 _In_ ACCESS_MASK DesiredAccess,
503 _In_ HANDLE SemaphoreHandle,
504 _In_
LONG ReleaseCount,
505 _Out_opt_ PLONG PreviousCount
512 _In_ HANDLE SemaphoreHandle,
513 _In_ SEMAPHORE_INFORMATION_CLASS SemaphoreInformationClass,
514 _Out_writes_bytes_(SemaphoreInformationLength) PVOID SemaphoreInformation,
515 _In_ ULONG SemaphoreInformationLength,
516 _Out_opt_ PULONG ReturnLength
521 typedef enum _TIMER_INFORMATION_CLASS
523 TimerBasicInformation
524 } TIMER_INFORMATION_CLASS;
526 typedef struct _TIMER_BASIC_INFORMATION
528 LARGE_INTEGER RemainingTime;
530 } TIMER_BASIC_INFORMATION, *PTIMER_BASIC_INFORMATION;
532 typedef VOID (NTAPI *PTIMER_APC_ROUTINE)(
533 _In_ PVOID TimerContext,
534 _In_ ULONG TimerLowValue,
535 _In_
LONG TimerHighValue
538 typedef enum _TIMER_SET_INFORMATION_CLASS
540 TimerSetCoalescableTimer,
542 } TIMER_SET_INFORMATION_CLASS;
544 #if (PHNT_VERSION >= PHNT_WIN7)
545 struct _COUNTED_REASON_CONTEXT;
547 typedef struct _TIMER_SET_COALESCABLE_TIMER_INFO
549 _In_ LARGE_INTEGER DueTime;
550 _In_opt_ PTIMER_APC_ROUTINE TimerApcRoutine;
551 _In_opt_ PVOID TimerContext;
552 _In_opt_
struct _COUNTED_REASON_CONTEXT *WakeContext;
553 _In_opt_ ULONG Period;
554 _In_ ULONG TolerableDelay;
555 _Out_opt_ PBOOLEAN PreviousState;
556 } TIMER_SET_COALESCABLE_TIMER_INFO, *PTIMER_SET_COALESCABLE_TIMER_INFO;
563 _Out_ PHANDLE TimerHandle,
564 _In_ ACCESS_MASK DesiredAccess,
573 _Out_ PHANDLE TimerHandle,
574 _In_ ACCESS_MASK DesiredAccess,
582 _In_ HANDLE TimerHandle,
583 _In_ PLARGE_INTEGER DueTime,
584 _In_opt_ PTIMER_APC_ROUTINE TimerApcRoutine,
585 _In_opt_ PVOID TimerContext,
586 _In_ BOOLEAN ResumeTimer,
587 _In_opt_
LONG Period,
588 _Out_opt_ PBOOLEAN PreviousState
591 #if (PHNT_VERSION >= PHNT_WIN7)
596 _In_ HANDLE TimerHandle,
597 _In_ TIMER_SET_INFORMATION_CLASS TimerSetInformationClass,
598 _Inout_updates_bytes_opt_(TimerSetInformationLength) PVOID TimerSetInformation,
599 _In_ ULONG TimerSetInformationLength
607 _In_ HANDLE TimerHandle,
608 _Out_opt_ PBOOLEAN CurrentState
615 _In_ HANDLE TimerHandle,
616 _In_ TIMER_INFORMATION_CLASS TimerInformationClass,
617 _Out_writes_bytes_(TimerInformationLength) PVOID TimerInformation,
618 _In_ ULONG TimerInformationLength,
619 _Out_opt_ PULONG ReturnLength
622 #if (PHNT_VERSION >= PHNT_WIN8)
628 _Out_ PHANDLE TimerHandle,
629 _In_ ACCESS_MASK DesiredAccess
636 _In_ HANDLE TimerHandle,
637 _In_opt_ PLARGE_INTEGER DueTime
642 typedef struct _T2_SET_PARAMETERS_V0
646 LONGLONG NoWakeTolerance;
647 } T2_SET_PARAMETERS, *PT2_SET_PARAMETERS;
649 typedef PVOID PT2_CANCEL_PARAMETERS;
651 #if (PHNT_VERSION >= PHNT_THRESHOLD)
657 _Out_ PHANDLE TimerHandle,
658 _In_opt_ PVOID Reserved1,
659 _In_opt_ PVOID Reserved2,
660 _In_ ULONG Attributes,
661 _In_ ACCESS_MASK DesiredAccess
668 _In_ HANDLE TimerHandle,
669 _In_ PLARGE_INTEGER DueTime,
670 _In_opt_ PLARGE_INTEGER Period,
671 _In_ PT2_SET_PARAMETERS Parameters
678 _In_ HANDLE TimerHandle,
679 _In_ PT2_CANCEL_PARAMETERS Parameters
686 #define PROFILE_CONTROL 0x0001
687 #define PROFILE_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | PROFILE_CONTROL)
693 _Out_ PHANDLE ProfileHandle,
694 _In_opt_ HANDLE Process,
695 _In_ PVOID ProfileBase,
696 _In_ SIZE_T ProfileSize,
697 _In_ ULONG BucketSize,
698 _In_reads_bytes_(BufferSize) PULONG Buffer,
699 _In_ ULONG BufferSize,
700 _In_ KPROFILE_SOURCE ProfileSource,
701 _In_ KAFFINITY Affinity
704 #if (PHNT_VERSION >= PHNT_WIN7)
709 _Out_ PHANDLE ProfileHandle,
710 _In_opt_ HANDLE Process,
711 _In_ PVOID ProfileBase,
712 _In_ SIZE_T ProfileSize,
713 _In_ ULONG BucketSize,
714 _In_reads_bytes_(BufferSize) PULONG Buffer,
715 _In_ ULONG BufferSize,
716 _In_ KPROFILE_SOURCE ProfileSource,
717 _In_ USHORT GroupCount,
718 _In_reads_(GroupCount) PGROUP_AFFINITY GroupAffinity
726 _In_ HANDLE ProfileHandle
733 _In_ HANDLE ProfileHandle
739 NtQueryIntervalProfile(
740 _In_ KPROFILE_SOURCE ProfileSource,
741 _Out_ PULONG Interval
747 NtSetIntervalProfile(
749 _In_ KPROFILE_SOURCE Source
754 #define KEYEDEVENT_WAIT 0x0001
755 #define KEYEDEVENT_WAKE 0x0002
756 #define KEYEDEVENT_ALL_ACCESS \
757 (STANDARD_RIGHTS_REQUIRED | KEYEDEVENT_WAIT | KEYEDEVENT_WAKE)
763 _Out_ PHANDLE KeyedEventHandle,
764 _In_ ACCESS_MASK DesiredAccess,
773 _Out_ PHANDLE KeyedEventHandle,
774 _In_ ACCESS_MASK DesiredAccess,
782 _In_ HANDLE KeyedEventHandle,
784 _In_ BOOLEAN Alertable,
785 _In_opt_ PLARGE_INTEGER Timeout
792 _In_ HANDLE KeyedEventHandle,
794 _In_ BOOLEAN Alertable,
795 _In_opt_ PLARGE_INTEGER Timeout
800 #if (PHNT_VERSION >= PHNT_WIN7)
805 _In_ PVOID SchedulerParam
813 typedef struct _WNF_STATE_NAME
816 } WNF_STATE_NAME, *PWNF_STATE_NAME;
818 typedef const WNF_STATE_NAME *PCWNF_STATE_NAME;
820 typedef enum _WNF_STATE_NAME_LIFETIME
822 WnfWellKnownStateName,
823 WnfPermanentStateName,
824 WnfPersistentStateName,
825 WnfTemporaryStateName
826 } WNF_STATE_NAME_LIFETIME;
828 typedef enum _WNF_STATE_NAME_INFORMATION
830 WnfInfoStateNameExist,
831 WnfInfoSubscribersPresent,
833 } WNF_STATE_NAME_INFORMATION;
835 typedef enum _WNF_DATA_SCOPE
843 typedef struct _WNF_TYPE_ID
846 } WNF_TYPE_ID, *PWNF_TYPE_ID;
848 typedef const WNF_TYPE_ID *PCWNF_TYPE_ID;
851 typedef ULONG WNF_CHANGE_STAMP, *PWNF_CHANGE_STAMP;
853 typedef struct _WNF_DELIVERY_DESCRIPTOR
855 ULONGLONG SubscriptionId;
856 WNF_STATE_NAME StateName;
857 WNF_CHANGE_STAMP ChangeStamp;
861 ULONG StateDataOffset;
862 } WNF_DELIVERY_DESCRIPTOR, *PWNF_DELIVERY_DESCRIPTOR;
866 #if (PHNT_VERSION >= PHNT_WIN8)
871 NtCreateWnfStateName(
872 _Out_ PWNF_STATE_NAME StateName,
873 _In_ WNF_STATE_NAME_LIFETIME NameLifetime,
874 _In_ WNF_DATA_SCOPE DataScope,
875 _In_ BOOLEAN PersistData,
876 _In_opt_ PCWNF_TYPE_ID TypeId,
877 _In_ ULONG MaximumStateSize,
878 _In_ PSECURITY_DESCRIPTOR SecurityDescriptor
884 NtDeleteWnfStateName(
885 _In_ PCWNF_STATE_NAME StateName
891 NtUpdateWnfStateData(
892 _In_ PCWNF_STATE_NAME StateName,
893 _In_reads_bytes_opt_(Length)
const VOID* Buffer,
894 _In_opt_ ULONG Length,
895 _In_opt_ PCWNF_TYPE_ID TypeId,
896 _In_opt_
const PVOID ExplicitScope,
897 _In_ WNF_CHANGE_STAMP MatchingChangeStamp,
904 NtDeleteWnfStateData(
905 _In_ PCWNF_STATE_NAME StateName,
906 _In_opt_
const PVOID ExplicitScope
913 _In_ PCWNF_STATE_NAME StateName,
914 _In_opt_ PCWNF_TYPE_ID TypeId,
915 _In_opt_
const VOID* ExplicitScope,
916 _Out_ PWNF_CHANGE_STAMP ChangeStamp,
917 _Out_writes_bytes_to_opt_(*BufferSize, *BufferSize) PVOID Buffer,
918 _Inout_ PULONG BufferSize
924 NtQueryWnfStateNameInformation(
925 _In_ PCWNF_STATE_NAME StateName,
926 _In_ WNF_STATE_NAME_INFORMATION NameInfoClass,
927 _In_opt_
const PVOID ExplicitScope,
928 _Out_writes_bytes_(InfoBufferSize) PVOID InfoBuffer,
929 _In_ ULONG InfoBufferSize
935 NtSubscribeWnfStateChange(
936 _In_ PCWNF_STATE_NAME StateName,
937 _In_opt_ WNF_CHANGE_STAMP ChangeStamp,
938 _In_ ULONG EventMask,
939 _Out_opt_ PULONG64 SubscriptionId
945 NtUnsubscribeWnfStateChange(
946 _In_ PCWNF_STATE_NAME StateName
949 #if (PHNT_VERSION >= PHNT_THRESHOLD)
954 NtGetCompleteWnfStateSubscription(
955 _In_opt_ PWNF_STATE_NAME OldDescriptorStateName,
956 _In_opt_ ULONG64 *OldSubscriptionId,
957 _In_opt_ ULONG OldDescriptorEventMask,
958 _In_opt_ ULONG OldDescriptorStatus,
959 _Out_writes_bytes_(DescriptorSize) PWNF_DELIVERY_DESCRIPTOR NewDeliveryDescriptor,
960 _In_ ULONG DescriptorSize
966 NtSetWnfProcessNotificationEvent(
978 #define WORKER_FACTORY_RELEASE_WORKER 0x0001
979 #define WORKER_FACTORY_WAIT 0x0002
980 #define WORKER_FACTORY_SET_INFORMATION 0x0004
981 #define WORKER_FACTORY_QUERY_INFORMATION 0x0008
982 #define WORKER_FACTORY_READY_WORKER 0x0010
983 #define WORKER_FACTORY_SHUTDOWN 0x0020
985 #define WORKER_FACTORY_ALL_ACCESS ( \
986 STANDARD_RIGHTS_REQUIRED | \
987 WORKER_FACTORY_RELEASE_WORKER | \
988 WORKER_FACTORY_WAIT | \
989 WORKER_FACTORY_SET_INFORMATION | \
990 WORKER_FACTORY_QUERY_INFORMATION | \
991 WORKER_FACTORY_READY_WORKER | \
992 WORKER_FACTORY_SHUTDOWN \
999 typedef enum _WORKERFACTORYINFOCLASS
1001 WorkerFactoryTimeout,
1002 WorkerFactoryRetryTimeout,
1003 WorkerFactoryIdleTimeout,
1004 WorkerFactoryBindingCount,
1005 WorkerFactoryThreadMinimum,
1006 WorkerFactoryThreadMaximum,
1007 WorkerFactoryPaused,
1008 WorkerFactoryBasicInformation,
1009 WorkerFactoryAdjustThreadGoal,
1010 WorkerFactoryCallbackType,
1011 WorkerFactoryStackInformation,
1012 WorkerFactoryThreadBasePriority,
1013 WorkerFactoryTimeoutWaiters,
1015 WorkerFactoryThreadSoftMaximum,
1016 MaxWorkerFactoryInfoClass
1017 } WORKERFACTORYINFOCLASS, *PWORKERFACTORYINFOCLASS;
1019 typedef struct _WORKER_FACTORY_BASIC_INFORMATION
1021 LARGE_INTEGER Timeout;
1022 LARGE_INTEGER RetryTimeout;
1023 LARGE_INTEGER IdleTimeout;
1026 BOOLEAN QueuedToExWorker;
1028 BOOLEAN CreateInProgress;
1029 BOOLEAN InsertedIntoQueue;
1032 ULONG ThreadMinimum;
1033 ULONG ThreadMaximum;
1034 ULONG PendingWorkerCount;
1035 ULONG WaitingWorkerCount;
1036 ULONG TotalWorkerCount;
1038 LONGLONG InfiniteWaitGoal;
1040 PVOID StartParameter;
1042 SIZE_T StackReserve;
1044 NTSTATUS LastThreadCreationStatus;
1045 } WORKER_FACTORY_BASIC_INFORMATION, *PWORKER_FACTORY_BASIC_INFORMATION;
1049 #if (PHNT_VERSION >= PHNT_VISTA)
1054 NtCreateWorkerFactory(
1055 _Out_ PHANDLE WorkerFactoryHandleReturn,
1056 _In_ ACCESS_MASK DesiredAccess,
1058 _In_ HANDLE CompletionPortHandle,
1059 _In_ HANDLE WorkerProcessHandle,
1060 _In_ PVOID StartRoutine,
1061 _In_opt_ PVOID StartParameter,
1062 _In_opt_ ULONG MaxThreadCount,
1063 _In_opt_ SIZE_T StackReserve,
1064 _In_opt_ SIZE_T StackCommit
1070 NtQueryInformationWorkerFactory(
1071 _In_ HANDLE WorkerFactoryHandle,
1072 _In_ WORKERFACTORYINFOCLASS WorkerFactoryInformationClass,
1073 _Out_writes_bytes_(WorkerFactoryInformationLength) PVOID WorkerFactoryInformation,
1074 _In_ ULONG WorkerFactoryInformationLength,
1075 _Out_opt_ PULONG ReturnLength
1081 NtSetInformationWorkerFactory(
1082 _In_ HANDLE WorkerFactoryHandle,
1083 _In_ WORKERFACTORYINFOCLASS WorkerFactoryInformationClass,
1084 _In_reads_bytes_(WorkerFactoryInformationLength) PVOID WorkerFactoryInformation,
1085 _In_ ULONG WorkerFactoryInformationLength
1091 NtShutdownWorkerFactory(
1092 _In_ HANDLE WorkerFactoryHandle,
1093 _Inout_
volatile LONG *PendingWorkerCount
1099 NtReleaseWorkerFactoryWorker(
1100 _In_ HANDLE WorkerFactoryHandle
1106 NtWorkerFactoryWorkerReady(
1107 _In_ HANDLE WorkerFactoryHandle
1115 NtWaitForWorkViaWorkerFactory(
1116 _In_ HANDLE WorkerFactoryHandle,
1128 _Out_ PLARGE_INTEGER SystemTime
1135 _In_opt_ PLARGE_INTEGER SystemTime,
1136 _Out_opt_ PLARGE_INTEGER PreviousTime
1142 NtQueryTimerResolution(
1143 _Out_ PULONG MaximumTime,
1144 _Out_ PULONG MinimumTime,
1145 _Out_ PULONG CurrentTime
1151 NtSetTimerResolution(
1152 _In_ ULONG DesiredTime,
1153 _In_ BOOLEAN SetResolution,
1154 _Out_ PULONG ActualTime
1162 NtQueryPerformanceCounter(
1163 _Out_ PLARGE_INTEGER PerformanceCounter,
1164 _Out_opt_ PLARGE_INTEGER PerformanceFrequency
1172 NtAllocateLocallyUniqueId(
1189 _Out_ PULARGE_INTEGER Time,
1191 _Out_ PULONG Sequence,
1197 #endif // (PHNT_MODE != PHNT_MODE_KERNEL)
1652 #define MM_WORKING_SET_MAX_HARD_ENABLE 0x1
1653 #define MM_WORKING_SET_MAX_HARD_DISABLE 0x2
1654 #define MM_WORKING_SET_MIN_HARD_ENABLE 0x4
1655 #define MM_WORKING_SET_MIN_HARD_DISABLE 0x8
2000 #if (PHNT_MODE == PHNT_MODE_KERNEL)
2354 #if (PHNT_MODE != PHNT_MODE_KERNEL)
2359 NtQuerySystemInformation(
2361 _Out_writes_bytes_opt_(SystemInformationLength) PVOID SystemInformation,
2362 _In_ ULONG SystemInformationLength,
2363 _Out_opt_ PULONG ReturnLength
2366 #if (PHNT_VERSION >= PHNT_WIN7)
2370 NtQuerySystemInformationEx(
2372 _In_reads_bytes_(InputBufferLength) PVOID InputBuffer,
2373 _In_ ULONG InputBufferLength,
2374 _Out_writes_bytes_opt_(SystemInformationLength) PVOID SystemInformation,
2375 _In_ ULONG SystemInformationLength,
2376 _Out_opt_ PULONG ReturnLength
2383 NtSetSystemInformation(
2385 _In_reads_bytes_opt_(SystemInformationLength) PVOID SystemInformation,
2386 _In_ ULONG SystemInformationLength
2392 typedef enum _SYSDBG_COMMAND
2394 SysDbgQueryModuleInformation,
2395 SysDbgQueryTraceInformation,
2396 SysDbgSetTracepoint,
2397 SysDbgSetSpecialCall,
2398 SysDbgClearSpecialCalls,
2399 SysDbgQuerySpecialCalls,
2405 SysDbgWritePhysical,
2406 SysDbgReadControlSpace,
2407 SysDbgWriteControlSpace,
2414 SysDbgCheckLowMemory,
2415 SysDbgEnableKernelDebugger,
2416 SysDbgDisableKernelDebugger,
2417 SysDbgGetAutoKdEnable,
2418 SysDbgSetAutoKdEnable,
2419 SysDbgGetPrintBufferSize,
2420 SysDbgSetPrintBufferSize,
2421 SysDbgGetKdUmExceptionEnable,
2422 SysDbgSetKdUmExceptionEnable,
2423 SysDbgGetTriageDump,
2424 SysDbgGetKdBlockEnable,
2425 SysDbgSetKdBlockEnable,
2426 SysDbgRegisterForUmBreakInfo,
2427 SysDbgGetUmBreakPid,
2428 SysDbgClearUmBreakPid,
2429 SysDbgGetUmAttachPid,
2430 SysDbgClearUmAttachPid
2431 } SYSDBG_COMMAND, *PSYSDBG_COMMAND;
2433 typedef struct _SYSDBG_VIRTUAL
2438 } SYSDBG_VIRTUAL, *PSYSDBG_VIRTUAL;
2440 typedef struct _SYSDBG_PHYSICAL
2445 } SYSDBG_PHYSICAL, *PSYSDBG_PHYSICAL;
2447 typedef struct _SYSDBG_CONTROL_SPACE
2453 } SYSDBG_CONTROL_SPACE, *PSYSDBG_CONTROL_SPACE;
2457 typedef struct _SYSDBG_IO_SPACE
2465 } SYSDBG_IO_SPACE, *PSYSDBG_IO_SPACE;
2467 typedef struct _SYSDBG_MSR
2471 } SYSDBG_MSR, *PSYSDBG_MSR;
2475 typedef struct _SYSDBG_BUS_DATA
2483 } SYSDBG_BUS_DATA, *PSYSDBG_BUS_DATA;
2486 typedef struct _SYSDBG_TRIAGE_DUMP
2490 ULONG_PTR BugCheckParam1;
2491 ULONG_PTR BugCheckParam2;
2492 ULONG_PTR BugCheckParam3;
2493 ULONG_PTR BugCheckParam4;
2494 ULONG ProcessHandles;
2495 ULONG ThreadHandles;
2497 } SYSDBG_TRIAGE_DUMP, *PSYSDBG_TRIAGE_DUMP;
2502 NtSystemDebugControl(
2503 _In_ SYSDBG_COMMAND Command,
2504 _Inout_updates_bytes_opt_(InputBufferLength) PVOID InputBuffer,
2505 _In_ ULONG InputBufferLength,
2506 _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer,
2507 _In_ ULONG OutputBufferLength,
2508 _Out_opt_ PULONG ReturnLength
2513 typedef enum _HARDERROR_RESPONSE_OPTION
2515 OptionAbortRetryIgnore,
2521 OptionShutdownSystem,
2523 OptionCancelTryContinue
2524 } HARDERROR_RESPONSE_OPTION;
2526 typedef enum _HARDERROR_RESPONSE
2528 ResponseReturnToCaller,
2539 } HARDERROR_RESPONSE;
2547 _In_ NTSTATUS ErrorStatus,
2548 _In_ ULONG NumberOfParameters,
2549 _In_ ULONG UnicodeStringParameterMask,
2550 _In_reads_(NumberOfParameters) PULONG_PTR Parameters,
2551 _In_ ULONG ValidResponseOptions,
2552 _Out_ PULONG Response
2557 typedef enum _ALTERNATIVE_ARCHITECTURE_TYPE
2562 } ALTERNATIVE_ARCHITECTURE_TYPE;
2564 #define PROCESSOR_FEATURE_MAX 64
2566 #define MAX_WOW64_SHARED_ENTRIES 16
2568 #define NX_SUPPORT_POLICY_ALWAYSOFF 0
2569 #define NX_SUPPORT_POLICY_ALWAYSON 1
2570 #define NX_SUPPORT_POLICY_OPTIN 2
2571 #define NX_SUPPORT_POLICY_OPTOUT 3
2573 #include <pshpack4.h>
2574 typedef struct _KUSER_SHARED_DATA
2576 ULONG TickCountLowDeprecated;
2577 ULONG TickCountMultiplier;
2583 USHORT ImageNumberLow;
2584 USHORT ImageNumberHigh;
2586 WCHAR NtSystemRoot[260];
2588 ULONG MaxStackTraceDepth;
2590 ULONG CryptoExponent;
2593 ULONG LargePageMinimum;
2594 ULONG AitSamplingValue;
2595 ULONG AppCompatFlag;
2596 ULONGLONG RNGSeedVersion;
2597 ULONG GlobalValidationRunlevel;
2598 LONG TimeZoneBiasStamp;
2601 ULONG NtProductType;
2602 BOOLEAN ProductTypeIsValid;
2604 USHORT NativeProcessorArchitecture;
2606 ULONG NtMajorVersion;
2607 ULONG NtMinorVersion;
2609 BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX];
2614 volatile ULONG TimeSlip;
2616 ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture;
2617 ULONG AltArchitecturePad[1];
2619 LARGE_INTEGER SystemExpirationDate;
2623 BOOLEAN KdDebuggerEnabled;
2626 UCHAR MitigationPolicies;
2629 UCHAR NXSupportPolicy : 2;
2630 UCHAR SEHValidationPolicy : 2;
2631 UCHAR CurDirDevicesSkippedForDlls : 2;
2637 volatile ULONG ActiveConsoleId;
2639 volatile ULONG DismountCount;
2641 ULONG ComPlusPackage;
2643 ULONG LastSystemRITEventTickCount;
2645 ULONG NumberOfPhysicalPages;
2647 BOOLEAN SafeBootMode;
2648 UCHAR Reserved12[3];
2652 ULONG SharedDataFlags;
2655 ULONG DbgErrorPortPresent : 1;
2656 ULONG DbgElevationEnabled : 1;
2657 ULONG DbgVirtEnabled : 1;
2658 ULONG DbgInstallerDetectEnabled : 1;
2659 ULONG DbgLkgEnabled : 1;
2660 ULONG DbgDynProcessorEnabled : 1;
2661 ULONG DbgConsoleBrokerEnabled : 1;
2662 ULONG DbgSecureBootEnabled : 1;
2663 ULONG SpareBits : 24;
2666 ULONG DataFlagsPad[1];
2668 ULONGLONG TestRetInstruction;
2669 ULONGLONG QpcFrequency;
2670 ULONGLONG SystemCallPad[3];
2675 volatile ULONG64 TickCountQuad;
2676 ULONG ReservedTickCountOverlay[3];
2678 ULONG TickCountPad[1];
2683 LONGLONG ConsoleSessionForegroundProcessId;
2684 ULONGLONG TimeUpdateSequence;
2685 ULONGLONG BaselineSystemTimeQpc;
2686 ULONGLONG BaselineInterruptTimeQpc;
2687 ULONGLONG QpcSystemTimeIncrement;
2688 ULONGLONG QpcInterruptTimeIncrement;
2689 ULONG QpcSystemTimeIncrement32;
2690 ULONG QpcInterruptTimeIncrement32;
2691 UCHAR QpcSystemTimeIncrementShift;
2692 UCHAR QpcInterruptTimeIncrementShift;
2693 UCHAR Reserved8[14];
2695 USHORT UserModeGlobalLogger[16];
2696 ULONG ImageFileExecutionOptions;
2698 ULONG LangGenerationCount;
2699 ULONGLONG Reserved4;
2700 volatile ULONG64 InterruptTimeBias;
2701 volatile ULONG64 QpcBias;
2703 volatile ULONG ActiveProcessorCount;
2704 volatile UCHAR ActiveGroupCount;
2711 UCHAR QpcBypassEnabled : 1;
2716 LARGE_INTEGER TimeZoneBiasEffectiveStart;
2717 LARGE_INTEGER TimeZoneBiasEffectiveEnd;
2718 XSTATE_CONFIGURATION XState;
2719 } KUSER_SHARED_DATA, *PKUSER_SHARED_DATA;
2720 #include <poppack.h>
2722 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, TickCountMultiplier) == 0x4);
2723 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, InterruptTime) == 0x8);
2724 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, SystemTime) == 0x14);
2725 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, TimeZoneBias) == 0x20);
2726 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, ImageNumberLow) == 0x2c);
2727 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, ImageNumberHigh) == 0x2e);
2728 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, NtSystemRoot) == 0x30);
2729 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, MaxStackTraceDepth) == 0x238);
2730 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, CryptoExponent) == 0x23c);
2731 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, TimeZoneId) == 0x240);
2732 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, LargePageMinimum) == 0x244);
2733 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, NtProductType) == 0x264);
2734 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, ProductTypeIsValid) == 0x268);
2735 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, NtMajorVersion) == 0x26c);
2736 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, NtMinorVersion) == 0x270);
2737 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, ProcessorFeatures) == 0x274);
2738 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, Reserved1) == 0x2b4);
2739 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, Reserved3) == 0x2b8);
2740 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, TimeSlip) == 0x2bc);
2741 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, AlternativeArchitecture) == 0x2c0);
2742 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, SystemExpirationDate) == 0x2c8);
2743 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, SuiteMask) == 0x2d0);
2744 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, KdDebuggerEnabled) == 0x2d4);
2745 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, ActiveConsoleId) == 0x2d8);
2746 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, DismountCount) == 0x2dc);
2747 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, ComPlusPackage) == 0x2e0);
2748 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, LastSystemRITEventTickCount) == 0x2e4);
2749 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, NumberOfPhysicalPages) == 0x2e8);
2750 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, SafeBootMode) == 0x2ec);
2751 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, TestRetInstruction) == 0x2f8);
2752 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, SystemCallPad) == 0x308);
2753 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, TickCount) == 0x320);
2754 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, TickCountQuad) == 0x320);
2755 C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, XState) == 0x3d8);
2757 #define USER_SHARED_DATA ((KUSER_SHARED_DATA * const)0x7ffe0000)
2759 #if (PHNT_VERSION >= PHNT_WS03)
2761 FORCEINLINE ULONGLONG NtGetTickCount64()
2763 ULARGE_INTEGER tickCount;
2767 tickCount.QuadPart = USER_SHARED_DATA->TickCountQuad;
2773 tickCount.HighPart = (ULONG)USER_SHARED_DATA->TickCount.High1Time;
2774 tickCount.LowPart = USER_SHARED_DATA->TickCount.LowPart;
2776 if (tickCount.HighPart == (ULONG)USER_SHARED_DATA->TickCount.High2Time)
2784 return (UInt32x32To64(tickCount.LowPart, USER_SHARED_DATA->TickCountMultiplier) >> 24) +
2785 (UInt32x32To64(tickCount.HighPart, USER_SHARED_DATA->TickCountMultiplier) << 8);
2788 FORCEINLINE ULONG NtGetTickCount()
2792 return (ULONG)((USER_SHARED_DATA->TickCountQuad * USER_SHARED_DATA->TickCountMultiplier) >> 24);
2796 ULARGE_INTEGER tickCount;
2800 tickCount.HighPart = (ULONG)USER_SHARED_DATA->TickCount.High1Time;
2801 tickCount.LowPart = USER_SHARED_DATA->TickCount.LowPart;
2803 if (tickCount.HighPart == (ULONG)USER_SHARED_DATA->TickCount.High2Time)
2809 return (ULONG)((UInt32x32To64(tickCount.LowPart, USER_SHARED_DATA->TickCountMultiplier) >> 24) +
2810 UInt32x32To64((tickCount.HighPart << 8) & 0xffffffff, USER_SHARED_DATA->TickCountMultiplier));
2822 NtQueryDefaultLocale(
2823 _In_ BOOLEAN UserProfile,
2824 _Out_ PLCID DefaultLocaleId
2831 _In_ BOOLEAN UserProfile,
2832 _In_ LCID DefaultLocaleId
2838 NtQueryInstallUILanguage(
2839 _Out_ LANGID *InstallUILanguageId
2842 #if (PHNT_VERSION >= PHNT_VISTA)
2847 NtFlushInstallUILanguage(
2848 _In_ LANGID InstallUILanguage,
2849 _In_ ULONG SetComittedFlag
2856 NtQueryDefaultUILanguage(
2857 _Out_ LANGID *DefaultUILanguageId
2863 NtSetDefaultUILanguage(
2864 _In_ LANGID DefaultUILanguageId
2867 #if (PHNT_VERSION >= PHNT_VISTA)
2872 NtIsUILanguageComitted(
2881 #if (PHNT_VERSION >= PHNT_VISTA)
2883 #if (PHNT_VERSION >= PHNT_WIN7)
2887 NtInitializeNlsFiles(
2888 _Out_ PVOID *BaseAddress,
2889 _Out_ PLCID DefaultLocaleId,
2890 _Out_ PLARGE_INTEGER DefaultCasingTableSize
2896 NtInitializeNlsFiles(
2897 _Out_ PVOID *BaseAddress,
2898 _Out_ PLCID DefaultLocaleId,
2899 _Out_ PLARGE_INTEGER DefaultCasingTableSize,
2900 _Out_opt_ PULONG CurrentNLSVersion
2908 _In_ ULONG SectionType,
2909 _In_ ULONG SectionData,
2910 _In_ PVOID ContextData,
2911 _Out_ PVOID *SectionPointer,
2912 _Out_ PULONG SectionSize
2915 #if (PHNT_VERSION < PHNT_WIN7)
2920 NtAcquireCMFViewOwnership(
2921 _Out_ PULONGLONG TimeStamp,
2922 _Out_ PBOOLEAN tokenTaken,
2923 _In_ BOOLEAN replaceExisting
2929 NtReleaseCMFViewOwnership(
2941 _Out_opt_ PULONG CacheIndexOut,
2942 _Out_opt_ PULONG CacheFlagsOut,
2943 _Out_opt_ PULONG ViewSizeOut,
2944 _Out_opt_ PVOID *BaseAddress
2950 NtGetMUIRegistryInfo(
2952 _Inout_ PULONG DataSize,
2966 _In_reads_bytes_opt_(Length) PWSTR AtomName,
2975 _In_reads_bytes_opt_(Length) PWSTR AtomName,
2987 typedef enum _ATOM_INFORMATION_CLASS
2989 AtomBasicInformation,
2990 AtomTableInformation
2991 } ATOM_INFORMATION_CLASS;
2993 typedef struct _ATOM_BASIC_INFORMATION
2999 } ATOM_BASIC_INFORMATION, *PATOM_BASIC_INFORMATION;
3001 typedef struct _ATOM_TABLE_INFORMATION
3003 ULONG NumberOfAtoms;
3005 } ATOM_TABLE_INFORMATION, *PATOM_TABLE_INFORMATION;
3010 NtQueryInformationAtom(
3012 _In_ ATOM_INFORMATION_CLASS AtomInformationClass,
3013 _Out_writes_bytes_(AtomInformationLength) PVOID AtomInformation,
3014 _In_ ULONG AtomInformationLength,
3015 _Out_opt_ PULONG ReturnLength
3020 #define FLG_STOP_ON_EXCEPTION 0x00000001 // uk
3021 #define FLG_SHOW_LDR_SNAPS 0x00000002 // uk
3022 #define FLG_DEBUG_INITIAL_COMMAND 0x00000004 // k
3023 #define FLG_STOP_ON_HUNG_GUI 0x00000008 // k
3025 #define FLG_HEAP_ENABLE_TAIL_CHECK 0x00000010 // u
3026 #define FLG_HEAP_ENABLE_FREE_CHECK 0x00000020 // u
3027 #define FLG_HEAP_VALIDATE_PARAMETERS 0x00000040 // u
3028 #define FLG_HEAP_VALIDATE_ALL 0x00000080 // u
3030 #define FLG_APPLICATION_VERIFIER 0x00000100 // u
3031 #define FLG_POOL_ENABLE_TAGGING 0x00000400 // k
3032 #define FLG_HEAP_ENABLE_TAGGING 0x00000800 // u
3034 #define FLG_USER_STACK_TRACE_DB 0x00001000 // u,32
3035 #define FLG_KERNEL_STACK_TRACE_DB 0x00002000 // k,32
3036 #define FLG_MAINTAIN_OBJECT_TYPELIST 0x00004000 // k
3037 #define FLG_HEAP_ENABLE_TAG_BY_DLL 0x00008000 // u
3039 #define FLG_DISABLE_STACK_EXTENSION 0x00010000 // u
3040 #define FLG_ENABLE_CSRDEBUG 0x00020000 // k
3041 #define FLG_ENABLE_KDEBUG_SYMBOL_LOAD 0x00040000 // k
3042 #define FLG_DISABLE_PAGE_KERNEL_STACKS 0x00080000 // k
3044 #define FLG_ENABLE_SYSTEM_CRIT_BREAKS 0x00100000 // u
3045 #define FLG_HEAP_DISABLE_COALESCING 0x00200000 // u
3046 #define FLG_ENABLE_CLOSE_EXCEPTIONS 0x00400000 // k
3047 #define FLG_ENABLE_EXCEPTION_LOGGING 0x00800000 // k
3049 #define FLG_ENABLE_HANDLE_TYPE_TAGGING 0x01000000 // k
3050 #define FLG_HEAP_PAGE_ALLOCS 0x02000000 // u
3051 #define FLG_DEBUG_INITIAL_COMMAND_EX 0x04000000 // k
3052 #define FLG_DISABLE_DBGPRINT 0x08000000 // k
3054 #define FLG_CRITSEC_EVENT_CREATION 0x10000000 // u
3055 #define FLG_LDR_TOP_DOWN 0x20000000 // u,64
3056 #define FLG_ENABLE_HANDLE_EXCEPTIONS 0x40000000 // k
3057 #define FLG_DISABLE_PROTDLLS 0x80000000 // u
3059 #define FLG_VALID_BITS 0xfffffdff
3061 #define FLG_USERMODE_VALID_BITS (FLG_STOP_ON_EXCEPTION | \
3062 FLG_SHOW_LDR_SNAPS | \
3063 FLG_HEAP_ENABLE_TAIL_CHECK | \
3064 FLG_HEAP_ENABLE_FREE_CHECK | \
3065 FLG_HEAP_VALIDATE_PARAMETERS | \
3066 FLG_HEAP_VALIDATE_ALL | \
3067 FLG_APPLICATION_VERIFIER | \
3068 FLG_HEAP_ENABLE_TAGGING | \
3069 FLG_USER_STACK_TRACE_DB | \
3070 FLG_HEAP_ENABLE_TAG_BY_DLL | \
3071 FLG_DISABLE_STACK_EXTENSION | \
3072 FLG_ENABLE_SYSTEM_CRIT_BREAKS | \
3073 FLG_HEAP_DISABLE_COALESCING | \
3074 FLG_DISABLE_PROTDLLS | \
3075 FLG_HEAP_PAGE_ALLOCS | \
3076 FLG_CRITSEC_EVENT_CREATION | \
3079 #define FLG_BOOTONLY_VALID_BITS (FLG_KERNEL_STACK_TRACE_DB | \
3080 FLG_MAINTAIN_OBJECT_TYPELIST | \
3081 FLG_ENABLE_CSRDEBUG | \
3082 FLG_DEBUG_INITIAL_COMMAND | \
3083 FLG_DEBUG_INITIAL_COMMAND_EX | \
3084 FLG_DISABLE_PAGE_KERNEL_STACKS)
3086 #define FLG_KERNELMODE_VALID_BITS (FLG_STOP_ON_EXCEPTION | \
3087 FLG_SHOW_LDR_SNAPS | \
3088 FLG_STOP_ON_HUNG_GUI | \
3089 FLG_POOL_ENABLE_TAGGING | \
3090 FLG_ENABLE_KDEBUG_SYMBOL_LOAD | \
3091 FLG_ENABLE_CLOSE_EXCEPTIONS | \
3092 FLG_ENABLE_EXCEPTION_LOGGING | \
3093 FLG_ENABLE_HANDLE_TYPE_TAGGING | \
3094 FLG_DISABLE_DBGPRINT | \
3095 FLG_ENABLE_HANDLE_EXCEPTIONS)
3102 NtQueryLicenseValue(
3104 _Out_opt_ PULONG Type,
3105 _Out_writes_bytes_to_opt_(DataSize, *ResultDataSize) PVOID Data,
3106 _In_ ULONG DataSize,
3107 _Out_ PULONG ResultDataSize
3115 NtSetDefaultHardErrorPort(
3116 _In_ HANDLE DefaultHardErrorPort
3119 typedef enum _SHUTDOWN_ACTION
3130 _In_ SHUTDOWN_ACTION Action
3140 #if (PHNT_VERSION >= PHNT_WIN7)
3149 #endif // (PHNT_MODE != PHNT_MODE_KERNEL)
1.8.2