1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 // This file holds definitions related to the ntdll API.
6 
7 #ifndef SANDBOX_WIN_SRC_NT_INTERNALS_H__
8 #define SANDBOX_WIN_SRC_NT_INTERNALS_H__
9 
10 #include <windows.h>
11 #include <stddef.h>
12 
13 typedef LONG NTSTATUS;
14 #define NT_SUCCESS(st) (st >= 0)
15 
16 #define STATUS_SUCCESS                ((NTSTATUS)0x00000000L)
17 #define STATUS_BUFFER_OVERFLOW        ((NTSTATUS)0x80000005L)
18 #define STATUS_UNSUCCESSFUL           ((NTSTATUS)0xC0000001L)
19 #define STATUS_NOT_IMPLEMENTED        ((NTSTATUS)0xC0000002L)
20 #define STATUS_INFO_LENGTH_MISMATCH   ((NTSTATUS)0xC0000004L)
21 #ifndef STATUS_INVALID_PARAMETER
22 // It is now defined in Windows 2008 SDK.
23 #define STATUS_INVALID_PARAMETER      ((NTSTATUS)0xC000000DL)
24 #endif
25 #define STATUS_CONFLICTING_ADDRESSES  ((NTSTATUS)0xC0000018L)
26 #define STATUS_ACCESS_DENIED          ((NTSTATUS)0xC0000022L)
27 #define STATUS_BUFFER_TOO_SMALL       ((NTSTATUS)0xC0000023L)
28 #define STATUS_OBJECT_NAME_NOT_FOUND  ((NTSTATUS)0xC0000034L)
29 #define STATUS_OBJECT_NAME_COLLISION  ((NTSTATUS)0xC0000035L)
30 #define STATUS_PROCEDURE_NOT_FOUND    ((NTSTATUS)0xC000007AL)
31 #define STATUS_INVALID_IMAGE_FORMAT   ((NTSTATUS)0xC000007BL)
32 #define STATUS_NO_TOKEN               ((NTSTATUS)0xC000007CL)
33 #define STATUS_NOT_SUPPORTED          ((NTSTATUS)0xC00000BBL)
34 
35 #define CURRENT_PROCESS ((HANDLE) -1)
36 #define CURRENT_THREAD  ((HANDLE) -2)
37 #define NtCurrentProcess CURRENT_PROCESS
38 
39 typedef struct _UNICODE_STRING {
40   USHORT Length;
41   USHORT MaximumLength;
42   PWSTR  Buffer;
43 } UNICODE_STRING;
44 typedef UNICODE_STRING *PUNICODE_STRING;
45 typedef const UNICODE_STRING *PCUNICODE_STRING;
46 
47 typedef struct _STRING {
48   USHORT Length;
49   USHORT MaximumLength;
50   PCHAR Buffer;
51 } STRING;
52 typedef STRING *PSTRING;
53 
54 typedef STRING ANSI_STRING;
55 typedef PSTRING PANSI_STRING;
56 typedef CONST PSTRING PCANSI_STRING;
57 
58 typedef STRING OEM_STRING;
59 typedef PSTRING POEM_STRING;
60 typedef CONST STRING* PCOEM_STRING;
61 
62 #define OBJ_CASE_INSENSITIVE 0x00000040L
63 #define OBJ_OPENIF           0x00000080L
64 
65 typedef struct _OBJECT_ATTRIBUTES {
66   ULONG Length;
67   HANDLE RootDirectory;
68   PUNICODE_STRING ObjectName;
69   ULONG Attributes;
70   PVOID SecurityDescriptor;
71   PVOID SecurityQualityOfService;
72 } OBJECT_ATTRIBUTES;
73 typedef OBJECT_ATTRIBUTES *POBJECT_ATTRIBUTES;
74 
75 #define InitializeObjectAttributes(p, n, a, r, s) { \
76   (p)->Length = sizeof(OBJECT_ATTRIBUTES);\
77   (p)->RootDirectory = r;\
78   (p)->Attributes = a;\
79   (p)->ObjectName = n;\
80   (p)->SecurityDescriptor = s;\
81   (p)->SecurityQualityOfService = NULL;\
82 }
83 
84 typedef struct _IO_STATUS_BLOCK {
85   union {
86     NTSTATUS Status;
87     PVOID Pointer;
88   };
89   ULONG_PTR Information;
90 } IO_STATUS_BLOCK, *PIO_STATUS_BLOCK;
91 
92 // -----------------------------------------------------------------------
93 // File IO
94 
95 // Create disposition values.
96 
97 #define FILE_SUPERSEDE                          0x00000000
98 #define FILE_OPEN                               0x00000001
99 #define FILE_CREATE                             0x00000002
100 #define FILE_OPEN_IF                            0x00000003
101 #define FILE_OVERWRITE                          0x00000004
102 #define FILE_OVERWRITE_IF                       0x00000005
103 #define FILE_MAXIMUM_DISPOSITION                0x00000005
104 
105 // Create/open option flags.
106 
107 #define FILE_DIRECTORY_FILE                     0x00000001
108 #define FILE_WRITE_THROUGH                      0x00000002
109 #define FILE_SEQUENTIAL_ONLY                    0x00000004
110 #define FILE_NO_INTERMEDIATE_BUFFERING          0x00000008
111 
112 #define FILE_SYNCHRONOUS_IO_ALERT               0x00000010
113 #define FILE_SYNCHRONOUS_IO_NONALERT            0x00000020
114 #define FILE_NON_DIRECTORY_FILE                 0x00000040
115 #define FILE_CREATE_TREE_CONNECTION             0x00000080
116 
117 #define FILE_COMPLETE_IF_OPLOCKED               0x00000100
118 #define FILE_NO_EA_KNOWLEDGE                    0x00000200
119 #define FILE_OPEN_REMOTE_INSTANCE               0x00000400
120 #define FILE_RANDOM_ACCESS                      0x00000800
121 
122 #define FILE_DELETE_ON_CLOSE                    0x00001000
123 #define FILE_OPEN_BY_FILE_ID                    0x00002000
124 #define FILE_OPEN_FOR_BACKUP_INTENT             0x00004000
125 #define FILE_NO_COMPRESSION                     0x00008000
126 
127 #define FILE_RESERVE_OPFILTER                   0x00100000
128 #define FILE_OPEN_REPARSE_POINT                 0x00200000
129 #define FILE_OPEN_NO_RECALL                     0x00400000
130 #define FILE_OPEN_FOR_FREE_SPACE_QUERY          0x00800000
131 
132 // Create/open result values. These are the disposition values returned on the
133 // io status information.
134 #define FILE_SUPERSEDED                         0x00000000
135 #define FILE_OPENED                             0x00000001
136 #define FILE_CREATED                            0x00000002
137 #define FILE_OVERWRITTEN                        0x00000003
138 #define FILE_EXISTS                             0x00000004
139 #define FILE_DOES_NOT_EXIST                     0x00000005
140 
141 typedef NTSTATUS (WINAPI *NtCreateFileFunction)(
142   OUT PHANDLE FileHandle,
143   IN ACCESS_MASK DesiredAccess,
144   IN POBJECT_ATTRIBUTES ObjectAttributes,
145   OUT PIO_STATUS_BLOCK IoStatusBlock,
146   IN PLARGE_INTEGER AllocationSize OPTIONAL,
147   IN ULONG FileAttributes,
148   IN ULONG ShareAccess,
149   IN ULONG CreateDisposition,
150   IN ULONG CreateOptions,
151   IN PVOID EaBuffer OPTIONAL,
152   IN ULONG EaLength);
153 
154 typedef NTSTATUS (WINAPI *NtOpenFileFunction)(
155   OUT PHANDLE FileHandle,
156   IN ACCESS_MASK DesiredAccess,
157   IN POBJECT_ATTRIBUTES ObjectAttributes,
158   OUT PIO_STATUS_BLOCK IoStatusBlock,
159   IN ULONG ShareAccess,
160   IN ULONG OpenOptions);
161 
162 typedef NTSTATUS (WINAPI *NtCloseFunction)(
163   IN HANDLE Handle);
164 
165 typedef enum _FILE_INFORMATION_CLASS {
166   FileRenameInformation = 10
167 } FILE_INFORMATION_CLASS, *PFILE_INFORMATION_CLASS;
168 
169 typedef struct _FILE_RENAME_INFORMATION {
170   BOOLEAN ReplaceIfExists;
171   HANDLE RootDirectory;
172   ULONG FileNameLength;
173   WCHAR FileName[1];
174 } FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION;
175 
176 typedef NTSTATUS (WINAPI *NtSetInformationFileFunction)(
177   IN HANDLE FileHandle,
178   OUT PIO_STATUS_BLOCK IoStatusBlock,
179   IN PVOID FileInformation,
180   IN ULONG Length,
181   IN FILE_INFORMATION_CLASS FileInformationClass);
182 
183 typedef struct FILE_BASIC_INFORMATION {
184   LARGE_INTEGER CreationTime;
185   LARGE_INTEGER LastAccessTime;
186   LARGE_INTEGER LastWriteTime;
187   LARGE_INTEGER ChangeTime;
188   ULONG FileAttributes;
189 } FILE_BASIC_INFORMATION, *PFILE_BASIC_INFORMATION;
190 
191 typedef NTSTATUS (WINAPI *NtQueryAttributesFileFunction)(
192   IN POBJECT_ATTRIBUTES ObjectAttributes,
193   OUT PFILE_BASIC_INFORMATION FileAttributes);
194 
195 typedef struct _FILE_NETWORK_OPEN_INFORMATION {
196   LARGE_INTEGER CreationTime;
197   LARGE_INTEGER LastAccessTime;
198   LARGE_INTEGER LastWriteTime;
199   LARGE_INTEGER ChangeTime;
200   LARGE_INTEGER AllocationSize;
201   LARGE_INTEGER EndOfFile;
202   ULONG FileAttributes;
203 } FILE_NETWORK_OPEN_INFORMATION, *PFILE_NETWORK_OPEN_INFORMATION;
204 
205 typedef NTSTATUS (WINAPI *NtQueryFullAttributesFileFunction)(
206   IN POBJECT_ATTRIBUTES ObjectAttributes,
207   OUT PFILE_NETWORK_OPEN_INFORMATION FileAttributes);
208 
209 // -----------------------------------------------------------------------
210 // Sections
211 
212 typedef NTSTATUS (WINAPI *NtCreateSectionFunction)(
213   OUT PHANDLE SectionHandle,
214   IN ACCESS_MASK DesiredAccess,
215   IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
216   IN PLARGE_INTEGER MaximumSize OPTIONAL,
217   IN ULONG SectionPageProtection,
218   IN ULONG AllocationAttributes,
219   IN HANDLE FileHandle OPTIONAL);
220 
221 typedef ULONG SECTION_INHERIT;
222 #define ViewShare 1
223 #define ViewUnmap 2
224 
225 typedef NTSTATUS (WINAPI *NtMapViewOfSectionFunction)(
226   IN HANDLE SectionHandle,
227   IN HANDLE ProcessHandle,
228   IN OUT PVOID *BaseAddress,
229   IN ULONG_PTR ZeroBits,
230   IN SIZE_T CommitSize,
231   IN OUT PLARGE_INTEGER SectionOffset OPTIONAL,
232   IN OUT PSIZE_T ViewSize,
233   IN SECTION_INHERIT InheritDisposition,
234   IN ULONG AllocationType,
235   IN ULONG Win32Protect);
236 
237 typedef NTSTATUS (WINAPI *NtUnmapViewOfSectionFunction)(
238   IN HANDLE ProcessHandle,
239   IN PVOID BaseAddress);
240 
241 typedef enum _SECTION_INFORMATION_CLASS {
242   SectionBasicInformation = 0,
243   SectionImageInformation
244 } SECTION_INFORMATION_CLASS;
245 
246 typedef struct _SECTION_BASIC_INFORMATION {
247   PVOID BaseAddress;
248   ULONG Attributes;
249   LARGE_INTEGER Size;
250 } SECTION_BASIC_INFORMATION, *PSECTION_BASIC_INFORMATION;
251 
252 typedef NTSTATUS (WINAPI *NtQuerySectionFunction)(
253   IN HANDLE SectionHandle,
254   IN SECTION_INFORMATION_CLASS SectionInformationClass,
255   OUT PVOID SectionInformation,
256   IN SIZE_T SectionInformationLength,
257   OUT PSIZE_T ReturnLength OPTIONAL);
258 
259 // -----------------------------------------------------------------------
260 // Process and Thread
261 
262 typedef struct _CLIENT_ID {
263   PVOID UniqueProcess;
264   PVOID UniqueThread;
265 } CLIENT_ID, *PCLIENT_ID;
266 
267 typedef NTSTATUS (WINAPI *NtOpenThreadFunction) (
268   OUT PHANDLE ThreadHandle,
269   IN ACCESS_MASK DesiredAccess,
270   IN POBJECT_ATTRIBUTES ObjectAttributes,
271   IN PCLIENT_ID ClientId);
272 
273 typedef NTSTATUS (WINAPI *NtOpenProcessFunction) (
274   OUT PHANDLE ProcessHandle,
275   IN ACCESS_MASK DesiredAccess,
276   IN POBJECT_ATTRIBUTES ObjectAttributes,
277   IN PCLIENT_ID ClientId);
278 
279 typedef enum _NT_THREAD_INFORMATION_CLASS {
280   ThreadBasicInformation,
281   ThreadTimes,
282   ThreadPriority,
283   ThreadBasePriority,
284   ThreadAffinityMask,
285   ThreadImpersonationToken,
286   ThreadDescriptorTableEntry,
287   ThreadEnableAlignmentFaultFixup,
288   ThreadEventPair,
289   ThreadQuerySetWin32StartAddress,
290   ThreadZeroTlsCell,
291   ThreadPerformanceCount,
292   ThreadAmILastThread,
293   ThreadIdealProcessor,
294   ThreadPriorityBoost,
295   ThreadSetTlsArrayAddress,
296   ThreadIsIoPending,
297   ThreadHideFromDebugger
298 } NT_THREAD_INFORMATION_CLASS, *PNT_THREAD_INFORMATION_CLASS;
299 
300 typedef NTSTATUS (WINAPI *NtSetInformationThreadFunction) (
301   IN HANDLE ThreadHandle,
302   IN NT_THREAD_INFORMATION_CLASS ThreadInformationClass,
303   IN PVOID ThreadInformation,
304   IN ULONG ThreadInformationLength);
305 
306 // Partial definition only:
307 typedef enum _PROCESSINFOCLASS {
308   ProcessBasicInformation = 0,
309   ProcessExecuteFlags = 0x22
310 } PROCESSINFOCLASS;
311 
312 typedef PVOID PPEB;
313 typedef LONG KPRIORITY;
314 
315 typedef struct _PROCESS_BASIC_INFORMATION {
316   union {
317     NTSTATUS ExitStatus;
318     PVOID padding_for_x64_0;
319   };
320   PPEB PebBaseAddress;
321   KAFFINITY AffinityMask;
322   union {
323     KPRIORITY BasePriority;
324     PVOID padding_for_x64_1;
325   };
326   union {
327     DWORD UniqueProcessId;
328     PVOID padding_for_x64_2;
329   };
330   union {
331     DWORD InheritedFromUniqueProcessId;
332     PVOID padding_for_x64_3;
333   };
334 } PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION;
335 
336 typedef NTSTATUS(WINAPI* NtQueryInformationProcessFunction)(
337     IN HANDLE ProcessHandle,
338     IN PROCESSINFOCLASS ProcessInformationClass,
339     OUT PVOID ProcessInformation,
340     IN ULONG ProcessInformationLength,
341     OUT PULONG ReturnLength OPTIONAL);
342 
343 typedef NTSTATUS(WINAPI* NtSetInformationProcessFunction)(
344     HANDLE ProcessHandle,
345     IN PROCESSINFOCLASS ProcessInformationClass,
346     IN PVOID ProcessInformation,
347     IN ULONG ProcessInformationLength);
348 
349 typedef NTSTATUS (WINAPI *NtOpenThreadTokenFunction) (
350   IN HANDLE ThreadHandle,
351   IN ACCESS_MASK DesiredAccess,
352   IN BOOLEAN OpenAsSelf,
353   OUT PHANDLE TokenHandle);
354 
355 typedef NTSTATUS (WINAPI *NtOpenThreadTokenExFunction) (
356   IN HANDLE ThreadHandle,
357   IN ACCESS_MASK DesiredAccess,
358   IN BOOLEAN OpenAsSelf,
359   IN ULONG HandleAttributes,
360   OUT PHANDLE TokenHandle);
361 
362 typedef NTSTATUS (WINAPI *NtOpenProcessTokenFunction) (
363   IN HANDLE ProcessHandle,
364   IN ACCESS_MASK DesiredAccess,
365   OUT PHANDLE TokenHandle);
366 
367 typedef NTSTATUS (WINAPI *NtOpenProcessTokenExFunction) (
368   IN HANDLE ProcessHandle,
369   IN ACCESS_MASK DesiredAccess,
370   IN ULONG HandleAttributes,
371   OUT PHANDLE TokenHandle);
372 
373 typedef NTSTATUS(WINAPI* NtQueryInformationTokenFunction)(
374     IN HANDLE TokenHandle,
375     IN TOKEN_INFORMATION_CLASS TokenInformationClass,
376     OUT PVOID TokenInformation,
377     IN ULONG TokenInformationLength,
378     OUT PULONG ReturnLength);
379 
380 typedef NTSTATUS(WINAPI* RtlCreateUserThreadFunction)(
381     IN HANDLE Process,
382     IN PSECURITY_DESCRIPTOR ThreadSecurityDescriptor,
383     IN BOOLEAN CreateSuspended,
384     IN ULONG ZeroBits,
385     IN SIZE_T MaximumStackSize,
386     IN SIZE_T CommittedStackSize,
387     IN LPTHREAD_START_ROUTINE StartAddress,
388     IN PVOID Parameter,
389     OUT PHANDLE Thread,
390     OUT PCLIENT_ID ClientId);
391 
392 typedef NTSTATUS(WINAPI* RtlConvertSidToUnicodeStringFunction)(
393     OUT PUNICODE_STRING UnicodeString,
394     IN PSID Sid,
395     IN BOOLEAN AllocateDestinationString);
396 
397 typedef VOID(WINAPI* RtlFreeUnicodeStringFunction)(
398     IN OUT PUNICODE_STRING UnicodeString);
399 
400 // -----------------------------------------------------------------------
401 // Registry
402 
403 typedef enum _KEY_VALUE_INFORMATION_CLASS {
404   KeyValueFullInformation = 1
405 } KEY_VALUE_INFORMATION_CLASS,
406     *PKEY_VALUE_INFORMATION_CLASS;
407 
408 typedef struct _KEY_VALUE_FULL_INFORMATION {
409   ULONG TitleIndex;
410   ULONG Type;
411   ULONG DataOffset;
412   ULONG DataLength;
413   ULONG NameLength;
414   WCHAR Name[1];
415 } KEY_VALUE_FULL_INFORMATION, *PKEY_VALUE_FULL_INFORMATION;
416 
417 typedef NTSTATUS (WINAPI *NtCreateKeyFunction)(
418   OUT PHANDLE KeyHandle,
419   IN ACCESS_MASK DesiredAccess,
420   IN POBJECT_ATTRIBUTES ObjectAttributes,
421   IN ULONG TitleIndex,
422   IN PUNICODE_STRING Class OPTIONAL,
423   IN ULONG CreateOptions,
424   OUT PULONG Disposition OPTIONAL);
425 
426 typedef NTSTATUS (WINAPI *NtOpenKeyFunction)(
427   OUT PHANDLE KeyHandle,
428   IN ACCESS_MASK DesiredAccess,
429   IN POBJECT_ATTRIBUTES ObjectAttributes);
430 
431 typedef NTSTATUS (WINAPI *NtOpenKeyExFunction)(
432   OUT PHANDLE KeyHandle,
433   IN ACCESS_MASK DesiredAccess,
434   IN POBJECT_ATTRIBUTES ObjectAttributes,
435   IN DWORD open_options);
436 
437 typedef NTSTATUS (WINAPI *NtDeleteKeyFunction)(
438   IN HANDLE KeyHandle);
439 
440 typedef NTSTATUS(WINAPI* RtlFormatCurrentUserKeyPathFunction)(
441     OUT PUNICODE_STRING RegistryPath);
442 
443 typedef NTSTATUS(WINAPI* NtQueryValueKeyFunction)(IN HANDLE KeyHandle,
444                                                   IN PUNICODE_STRING ValueName,
445                                                   IN KEY_VALUE_INFORMATION_CLASS
446                                                       KeyValueInformationClass,
447                                                   OUT PVOID KeyValueInformation,
448                                                   IN ULONG Length,
449                                                   OUT PULONG ResultLength);
450 
451 typedef NTSTATUS(WINAPI* NtSetValueKeyFunction)(IN HANDLE KeyHandle,
452                                                 IN PUNICODE_STRING ValueName,
453                                                 IN ULONG TitleIndex OPTIONAL,
454                                                 IN ULONG Type,
455                                                 IN PVOID Data,
456                                                 IN ULONG DataSize);
457 
458 // -----------------------------------------------------------------------
459 // Memory
460 
461 // Don't really need this structure right now.
462 typedef PVOID PRTL_HEAP_PARAMETERS;
463 
464 typedef PVOID (WINAPI *RtlCreateHeapFunction)(
465   IN ULONG Flags,
466   IN PVOID HeapBase OPTIONAL,
467   IN SIZE_T ReserveSize OPTIONAL,
468   IN SIZE_T CommitSize OPTIONAL,
469   IN PVOID Lock OPTIONAL,
470   IN PRTL_HEAP_PARAMETERS Parameters OPTIONAL);
471 
472 typedef PVOID (WINAPI *RtlDestroyHeapFunction)(
473   IN PVOID HeapHandle);
474 
475 typedef PVOID (WINAPI *RtlAllocateHeapFunction)(
476   IN PVOID HeapHandle,
477   IN ULONG Flags,
478   IN SIZE_T Size);
479 
480 typedef BOOLEAN (WINAPI *RtlFreeHeapFunction)(
481   IN PVOID HeapHandle,
482   IN ULONG Flags,
483   IN PVOID HeapBase);
484 
485 typedef NTSTATUS (WINAPI *NtAllocateVirtualMemoryFunction) (
486   IN HANDLE ProcessHandle,
487   IN OUT PVOID *BaseAddress,
488   IN ULONG_PTR ZeroBits,
489   IN OUT PSIZE_T RegionSize,
490   IN ULONG AllocationType,
491   IN ULONG Protect);
492 
493 typedef NTSTATUS (WINAPI *NtFreeVirtualMemoryFunction) (
494   IN HANDLE ProcessHandle,
495   IN OUT PVOID *BaseAddress,
496   IN OUT PSIZE_T RegionSize,
497   IN ULONG FreeType);
498 
499 typedef enum _MEMORY_INFORMATION_CLASS {
500   MemoryBasicInformation = 0,
501   MemoryWorkingSetList,
502   MemorySectionName,
503   MemoryBasicVlmInformation
504 } MEMORY_INFORMATION_CLASS;
505 
506 typedef struct _MEMORY_SECTION_NAME {  // Information Class 2
507   UNICODE_STRING SectionFileName;
508 } MEMORY_SECTION_NAME, *PMEMORY_SECTION_NAME;
509 
510 typedef NTSTATUS (WINAPI *NtQueryVirtualMemoryFunction)(
511   IN HANDLE ProcessHandle,
512   IN PVOID BaseAddress,
513   IN MEMORY_INFORMATION_CLASS MemoryInformationClass,
514   OUT PVOID MemoryInformation,
515   IN SIZE_T MemoryInformationLength,
516   OUT PSIZE_T ReturnLength OPTIONAL);
517 
518 typedef NTSTATUS (WINAPI *NtProtectVirtualMemoryFunction)(
519   IN HANDLE ProcessHandle,
520   IN OUT PVOID* BaseAddress,
521   IN OUT PSIZE_T ProtectSize,
522   IN ULONG NewProtect,
523   OUT PULONG OldProtect);
524 
525 // -----------------------------------------------------------------------
526 // Objects
527 
528 typedef enum _OBJECT_INFORMATION_CLASS {
529   ObjectBasicInformation,
530   ObjectNameInformation,
531   ObjectTypeInformation,
532   ObjectAllInformation,
533   ObjectDataInformation
534 } OBJECT_INFORMATION_CLASS, *POBJECT_INFORMATION_CLASS;
535 
536 typedef struct _OBJDIR_INFORMATION {
537   UNICODE_STRING ObjectName;
538   UNICODE_STRING ObjectTypeName;
539   BYTE Data[1];
540 } OBJDIR_INFORMATION;
541 
542 typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
543   ULONG Attributes;
544   ACCESS_MASK GrantedAccess;
545   ULONG HandleCount;
546   ULONG PointerCount;
547   ULONG Reserved[10];    // reserved for internal use
548 } PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;
549 
550 typedef struct __PUBLIC_OBJECT_TYPE_INFORMATION {
551   UNICODE_STRING TypeName;
552   ULONG Reserved[22];    // reserved for internal use
553 } PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;
554 
555 typedef enum _POOL_TYPE {
556   NonPagedPool,
557   PagedPool,
558   NonPagedPoolMustSucceed,
559   ReservedType,
560   NonPagedPoolCacheAligned,
561   PagedPoolCacheAligned,
562   NonPagedPoolCacheAlignedMustS
563 } POOL_TYPE;
564 
565 typedef struct _OBJECT_BASIC_INFORMATION {
566   ULONG Attributes;
567   ACCESS_MASK GrantedAccess;
568   ULONG HandleCount;
569   ULONG PointerCount;
570   ULONG PagedPoolUsage;
571   ULONG NonPagedPoolUsage;
572   ULONG Reserved[3];
573   ULONG NameInformationLength;
574   ULONG TypeInformationLength;
575   ULONG SecurityDescriptorLength;
576   LARGE_INTEGER CreateTime;
577 } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
578 
579 typedef struct _OBJECT_TYPE_INFORMATION {
580   UNICODE_STRING Name;
581   ULONG TotalNumberOfObjects;
582   ULONG TotalNumberOfHandles;
583   ULONG TotalPagedPoolUsage;
584   ULONG TotalNonPagedPoolUsage;
585   ULONG TotalNamePoolUsage;
586   ULONG TotalHandleTableUsage;
587   ULONG HighWaterNumberOfObjects;
588   ULONG HighWaterNumberOfHandles;
589   ULONG HighWaterPagedPoolUsage;
590   ULONG HighWaterNonPagedPoolUsage;
591   ULONG HighWaterNamePoolUsage;
592   ULONG HighWaterHandleTableUsage;
593   ULONG InvalidAttributes;
594   GENERIC_MAPPING GenericMapping;
595   ULONG ValidAccess;
596   BOOLEAN SecurityRequired;
597   BOOLEAN MaintainHandleCount;
598   USHORT MaintainTypeList;
599   POOL_TYPE PoolType;
600   ULONG PagedPoolUsage;
601   ULONG NonPagedPoolUsage;
602 } OBJECT_TYPE_INFORMATION, *POBJECT_TYPE_INFORMATION;
603 
604 typedef enum _SYSTEM_INFORMATION_CLASS {
605   SystemHandleInformation = 16
606 } SYSTEM_INFORMATION_CLASS;
607 
608 typedef struct _SYSTEM_HANDLE_INFORMATION {
609   USHORT ProcessId;
610   USHORT CreatorBackTraceIndex;
611   UCHAR ObjectTypeNumber;
612   UCHAR Flags;
613   USHORT Handle;
614   PVOID Object;
615   ACCESS_MASK GrantedAccess;
616 } SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;
617 
618 typedef struct _SYSTEM_HANDLE_INFORMATION_EX {
619   ULONG NumberOfHandles;
620   SYSTEM_HANDLE_INFORMATION Information[1];
621 } SYSTEM_HANDLE_INFORMATION_EX, *PSYSTEM_HANDLE_INFORMATION_EX;
622 
623 typedef struct _OBJECT_NAME_INFORMATION {
624   UNICODE_STRING ObjectName;
625 } OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION;
626 
627 typedef NTSTATUS (WINAPI *NtQueryObjectFunction)(
628   IN HANDLE Handle,
629   IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
630   OUT PVOID ObjectInformation OPTIONAL,
631   IN ULONG ObjectInformationLength,
632   OUT PULONG ReturnLength OPTIONAL);
633 
634 typedef NTSTATUS (WINAPI *NtDuplicateObjectFunction)(
635   IN HANDLE SourceProcess,
636   IN HANDLE SourceHandle,
637   IN HANDLE TargetProcess,
638   OUT PHANDLE TargetHandle,
639   IN ACCESS_MASK DesiredAccess,
640   IN ULONG Attributes,
641   IN ULONG Options);
642 
643 typedef NTSTATUS (WINAPI *NtSignalAndWaitForSingleObjectFunction)(
644   IN HANDLE HandleToSignal,
645   IN HANDLE HandleToWait,
646   IN BOOLEAN Alertable,
647   IN PLARGE_INTEGER Timeout OPTIONAL);
648 
649 typedef NTSTATUS (WINAPI *NtQuerySystemInformation)(
650   IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
651   OUT PVOID SystemInformation,
652   IN ULONG SystemInformationLength,
653   OUT PULONG ReturnLength);
654 
655 typedef NTSTATUS (WINAPI *NtQueryObject)(
656   IN HANDLE Handle,
657   IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
658   OUT PVOID ObjectInformation,
659   IN ULONG ObjectInformationLength,
660   OUT PULONG ReturnLength);
661 
662 // -----------------------------------------------------------------------
663 // Strings
664 
665 typedef int (__cdecl *_strnicmpFunction)(
666   IN const char* _Str1,
667   IN const char* _Str2,
668   IN size_t _MaxCount);
669 
670 typedef size_t  (__cdecl *strlenFunction)(
671   IN const char * _Str);
672 
673 typedef size_t (__cdecl *wcslenFunction)(
674   IN const wchar_t* _Str);
675 
676 typedef void* (__cdecl *memcpyFunction)(
677   IN void* dest,
678   IN const void* src,
679   IN size_t count);
680 
681 typedef NTSTATUS (WINAPI *RtlAnsiStringToUnicodeStringFunction)(
682   IN OUT PUNICODE_STRING  DestinationString,
683   IN PANSI_STRING  SourceString,
684   IN BOOLEAN  AllocateDestinationString);
685 
686 typedef LONG (WINAPI *RtlCompareUnicodeStringFunction)(
687   IN PCUNICODE_STRING  String1,
688   IN PCUNICODE_STRING  String2,
689   IN BOOLEAN  CaseInSensitive);
690 
691 typedef VOID (WINAPI *RtlInitUnicodeStringFunction) (
692   IN OUT PUNICODE_STRING DestinationString,
693   IN PCWSTR SourceString);
694 
695 typedef ULONG (WINAPI* RtlNtStatusToDosErrorFunction)(NTSTATUS status);
696 
697 typedef enum _EVENT_TYPE {
698   NotificationEvent,
699   SynchronizationEvent
700 } EVENT_TYPE, *PEVENT_TYPE;
701 
702 typedef NTSTATUS (WINAPI* NtCreateDirectoryObjectFunction) (
703     PHANDLE DirectoryHandle,
704     ACCESS_MASK DesiredAccess,
705     POBJECT_ATTRIBUTES ObjectAttributes);
706 
707 typedef NTSTATUS (WINAPI* NtOpenDirectoryObjectFunction) (
708     PHANDLE DirectoryHandle,
709     ACCESS_MASK DesiredAccess,
710     POBJECT_ATTRIBUTES ObjectAttributes);
711 
712 typedef NTSTATUS (WINAPI* NtQuerySymbolicLinkObjectFunction) (
713     HANDLE LinkHandle,
714     PUNICODE_STRING LinkTarget,
715     PULONG ReturnedLength);
716 
717 typedef NTSTATUS (WINAPI* NtOpenSymbolicLinkObjectFunction) (
718     PHANDLE LinkHandle,
719     ACCESS_MASK DesiredAccess,
720     POBJECT_ATTRIBUTES ObjectAttributes);
721 
722 #define DIRECTORY_QUERY               0x0001
723 #define DIRECTORY_TRAVERSE            0x0002
724 #define DIRECTORY_CREATE_OBJECT       0x0004
725 #define DIRECTORY_CREATE_SUBDIRECTORY 0x0008
726 #define DIRECTORY_ALL_ACCESS          0x000F
727 
728 typedef NTSTATUS (WINAPI* NtCreateLowBoxToken)(
729     OUT PHANDLE token,
730     IN HANDLE original_handle,
731     IN ACCESS_MASK access,
732     IN POBJECT_ATTRIBUTES object_attribute,
733     IN PSID appcontainer_sid,
734     IN DWORD capabilityCount,
735     IN PSID_AND_ATTRIBUTES capabilities,
736     IN DWORD handle_count,
737     IN PHANDLE handles);
738 
739 typedef NTSTATUS(WINAPI *NtSetInformationProcess)(
740     IN HANDLE process_handle,
741     IN ULONG info_class,
742     IN PVOID process_information,
743     IN ULONG information_length);
744 
745 struct PROCESS_ACCESS_TOKEN {
746   HANDLE token;
747   HANDLE thread;
748 };
749 
750 const unsigned int NtProcessInformationAccessToken = 9;
751 
752 // -----------------------------------------------------------------------
753 // GDI OPM API and Supported Calls
754 
755 #define DXGKMDT_OPM_OMAC_SIZE 16
756 #define DXGKMDT_OPM_128_BIT_RANDOM_NUMBER_SIZE 16
757 #define DXGKMDT_OPM_ENCRYPTED_PARAMETERS_SIZE 256
758 #define DXGKMDT_OPM_CONFIGURE_SETTING_DATA_SIZE 4056
759 #define DXGKMDT_OPM_GET_INFORMATION_PARAMETERS_SIZE 4056
760 #define DXGKMDT_OPM_REQUESTED_INFORMATION_SIZE 4076
761 #define DXGKMDT_OPM_HDCP_KEY_SELECTION_VECTOR_SIZE 5
762 #define DXGKMDT_OPM_PROTECTION_TYPE_SIZE 4
763 
764 enum DXGKMDT_CERTIFICATE_TYPE {
765   DXGKMDT_OPM_CERTIFICATE = 0,
766   DXGKMDT_COPP_CERTIFICATE = 1,
767   DXGKMDT_UAB_CERTIFICATE = 2,
768   DXGKMDT_FORCE_ULONG = 0xFFFFFFFF
769 };
770 
771 enum DXGKMDT_OPM_VIDEO_OUTPUT_SEMANTICS {
772   DXGKMDT_OPM_VOS_COPP_SEMANTICS = 0,
773   DXGKMDT_OPM_VOS_OPM_SEMANTICS = 1
774 };
775 
776 enum DXGKMDT_DPCP_PROTECTION_LEVEL {
777   DXGKMDT_OPM_DPCP_OFF = 0,
778   DXGKMDT_OPM_DPCP_ON = 1,
779   DXGKMDT_OPM_DPCP_FORCE_ULONG = 0x7fffffff
780 };
781 
782 enum DXGKMDT_OPM_HDCP_PROTECTION_LEVEL {
783   DXGKMDT_OPM_HDCP_OFF = 0,
784   DXGKMDT_OPM_HDCP_ON = 1,
785   DXGKMDT_OPM_HDCP_FORCE_ULONG = 0x7fffffff
786 };
787 
788 enum DXGKMDT_OPM_HDCP_FLAG {
789   DXGKMDT_OPM_HDCP_FLAG_NONE = 0x00,
790   DXGKMDT_OPM_HDCP_FLAG_REPEATER = 0x01
791 };
792 
793 enum DXGKMDT_OPM_PROTECTION_TYPE {
794   DXGKMDT_OPM_PROTECTION_TYPE_OTHER = 0x80000000,
795   DXGKMDT_OPM_PROTECTION_TYPE_NONE = 0x00000000,
796   DXGKMDT_OPM_PROTECTION_TYPE_COPP_COMPATIBLE_HDCP = 0x00000001,
797   DXGKMDT_OPM_PROTECTION_TYPE_ACP = 0x00000002,
798   DXGKMDT_OPM_PROTECTION_TYPE_CGMSA = 0x00000004,
799   DXGKMDT_OPM_PROTECTION_TYPE_HDCP = 0x00000008,
800   DXGKMDT_OPM_PROTECTION_TYPE_DPCP = 0x00000010,
801   DXGKMDT_OPM_PROTECTION_TYPE_MASK = 0x8000001F
802 };
803 
804 typedef void* OPM_PROTECTED_OUTPUT_HANDLE;
805 
806 struct DXGKMDT_OPM_ENCRYPTED_PARAMETERS {
807   BYTE abEncryptedParameters[DXGKMDT_OPM_ENCRYPTED_PARAMETERS_SIZE];
808 };
809 
810 struct DXGKMDT_OPM_OMAC {
811   BYTE abOMAC[DXGKMDT_OPM_OMAC_SIZE];
812 };
813 
814 struct DXGKMDT_OPM_CONFIGURE_PARAMETERS {
815   DXGKMDT_OPM_OMAC omac;
816   GUID guidSetting;
817   ULONG ulSequenceNumber;
818   ULONG cbParametersSize;
819   BYTE abParameters[DXGKMDT_OPM_CONFIGURE_SETTING_DATA_SIZE];
820 };
821 
822 struct DXGKMDT_OPM_RANDOM_NUMBER {
823   BYTE abRandomNumber[DXGKMDT_OPM_128_BIT_RANDOM_NUMBER_SIZE];
824 };
825 
826 struct DXGKMDT_OPM_GET_INFO_PARAMETERS {
827   DXGKMDT_OPM_OMAC omac;
828   DXGKMDT_OPM_RANDOM_NUMBER rnRandomNumber;
829   GUID guidInformation;
830   ULONG ulSequenceNumber;
831   ULONG cbParametersSize;
832   BYTE abParameters[DXGKMDT_OPM_GET_INFORMATION_PARAMETERS_SIZE];
833 };
834 
835 struct DXGKMDT_OPM_REQUESTED_INFORMATION {
836   DXGKMDT_OPM_OMAC omac;
837   ULONG cbRequestedInformationSize;
838   BYTE abRequestedInformation[DXGKMDT_OPM_REQUESTED_INFORMATION_SIZE];
839 };
840 
841 struct DXGKMDT_OPM_SET_PROTECTION_LEVEL_PARAMETERS {
842   ULONG ulProtectionType;
843   ULONG ulProtectionLevel;
844   ULONG Reserved;
845   ULONG Reserved2;
846 };
847 
848 struct DXGKMDT_OPM_STANDARD_INFORMATION {
849   DXGKMDT_OPM_RANDOM_NUMBER rnRandomNumber;
850   ULONG ulStatusFlags;
851   ULONG ulInformation;
852   ULONG ulReserved;
853   ULONG ulReserved2;
854 };
855 
856 typedef NTSTATUS(WINAPI* GetSuggestedOPMProtectedOutputArraySizeFunction)(
857     PUNICODE_STRING device_name,
858     DWORD* suggested_output_array_size);
859 
860 typedef NTSTATUS(WINAPI* CreateOPMProtectedOutputsFunction)(
861     PUNICODE_STRING device_name,
862     DXGKMDT_OPM_VIDEO_OUTPUT_SEMANTICS vos,
863     DWORD output_array_size,
864     DWORD* num_in_output_array,
865     OPM_PROTECTED_OUTPUT_HANDLE* output_array);
866 
867 typedef NTSTATUS(WINAPI* GetCertificateFunction)(
868     PUNICODE_STRING device_name,
869     DXGKMDT_CERTIFICATE_TYPE certificate_type,
870     BYTE* certificate,
871     ULONG certificate_length);
872 
873 typedef NTSTATUS(WINAPI* GetCertificateSizeFunction)(
874     PUNICODE_STRING device_name,
875     DXGKMDT_CERTIFICATE_TYPE certificate_type,
876     ULONG* certificate_length);
877 
878 typedef NTSTATUS(WINAPI* GetCertificateByHandleFunction)(
879     OPM_PROTECTED_OUTPUT_HANDLE protected_output,
880     DXGKMDT_CERTIFICATE_TYPE certificate_type,
881     BYTE* certificate,
882     ULONG certificate_length);
883 
884 typedef NTSTATUS(WINAPI* GetCertificateSizeByHandleFunction)(
885     OPM_PROTECTED_OUTPUT_HANDLE protected_output,
886     DXGKMDT_CERTIFICATE_TYPE certificate_type,
887     ULONG* certificate_length);
888 
889 typedef NTSTATUS(WINAPI* DestroyOPMProtectedOutputFunction)(
890     OPM_PROTECTED_OUTPUT_HANDLE protected_output);
891 
892 typedef NTSTATUS(WINAPI* ConfigureOPMProtectedOutputFunction)(
893     OPM_PROTECTED_OUTPUT_HANDLE protected_output,
894     const DXGKMDT_OPM_CONFIGURE_PARAMETERS* parameters,
895     ULONG additional_parameters_size,
896     const BYTE* additional_parameters);
897 
898 typedef NTSTATUS(WINAPI* GetOPMInformationFunction)(
899     OPM_PROTECTED_OUTPUT_HANDLE protected_output,
900     const DXGKMDT_OPM_GET_INFO_PARAMETERS* parameters,
901     DXGKMDT_OPM_REQUESTED_INFORMATION* requested_information);
902 
903 typedef NTSTATUS(WINAPI* GetOPMRandomNumberFunction)(
904     OPM_PROTECTED_OUTPUT_HANDLE protected_output,
905     DXGKMDT_OPM_RANDOM_NUMBER* random_number);
906 
907 typedef NTSTATUS(WINAPI* SetOPMSigningKeyAndSequenceNumbersFunction)(
908     OPM_PROTECTED_OUTPUT_HANDLE protected_output,
909     const DXGKMDT_OPM_ENCRYPTED_PARAMETERS* parameters);
910 
911 #endif  // SANDBOX_WIN_SRC_NT_INTERNALS_H__
912 
913