1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
// SPDX-License-Identifier: MIT
// Copyright (c) 2015-2021 Zig Contributors
// This file is part of [zig](https://ziglang.org/), which is MIT licensed.
// The MIT license requires this copyright notice to be included in all copies
// and substantial portions of the software.
usingnamespace @import("bits.zig");
pub extern "NtDll" fn RtlGetVersion(
lpVersionInformation: PRTL_OSVERSIONINFOW,
) callconv(WINAPI) NTSTATUS;
pub extern "NtDll" fn RtlCaptureStackBackTrace(
FramesToSkip: DWORD,
FramesToCapture: DWORD,
BackTrace: **c_void,
BackTraceHash: ?*DWORD,
) callconv(WINAPI) WORD;
pub extern "NtDll" fn NtQueryInformationFile(
FileHandle: HANDLE,
IoStatusBlock: *IO_STATUS_BLOCK,
FileInformation: *c_void,
Length: ULONG,
FileInformationClass: FILE_INFORMATION_CLASS,
) callconv(WINAPI) NTSTATUS;
pub extern "NtDll" fn NtSetInformationFile(
FileHandle: HANDLE,
IoStatusBlock: *IO_STATUS_BLOCK,
FileInformation: PVOID,
Length: ULONG,
FileInformationClass: FILE_INFORMATION_CLASS,
) callconv(WINAPI) NTSTATUS;
pub extern "NtDll" fn NtQueryAttributesFile(
ObjectAttributes: *OBJECT_ATTRIBUTES,
FileAttributes: *FILE_BASIC_INFORMATION,
) callconv(WINAPI) NTSTATUS;
pub extern "NtDll" fn NtCreateFile(
FileHandle: *HANDLE,
DesiredAccess: ACCESS_MASK,
ObjectAttributes: *OBJECT_ATTRIBUTES,
IoStatusBlock: *IO_STATUS_BLOCK,
AllocationSize: ?*LARGE_INTEGER,
FileAttributes: ULONG,
ShareAccess: ULONG,
CreateDisposition: ULONG,
CreateOptions: ULONG,
EaBuffer: ?*c_void,
EaLength: ULONG,
) callconv(WINAPI) NTSTATUS;
pub extern "NtDll" fn NtDeviceIoControlFile(
FileHandle: HANDLE,
Event: ?HANDLE,
ApcRoutine: ?IO_APC_ROUTINE,
ApcContext: ?*c_void,
IoStatusBlock: *IO_STATUS_BLOCK,
IoControlCode: ULONG,
InputBuffer: ?*const c_void,
InputBufferLength: ULONG,
OutputBuffer: ?PVOID,
OutputBufferLength: ULONG,
) callconv(WINAPI) NTSTATUS;
pub extern "NtDll" fn NtFsControlFile(
FileHandle: HANDLE,
Event: ?HANDLE,
ApcRoutine: ?IO_APC_ROUTINE,
ApcContext: ?*c_void,
IoStatusBlock: *IO_STATUS_BLOCK,
FsControlCode: ULONG,
InputBuffer: ?*const c_void,
InputBufferLength: ULONG,
OutputBuffer: ?PVOID,
OutputBufferLength: ULONG,
) callconv(WINAPI) NTSTATUS;
pub extern "NtDll" fn NtClose(Handle: HANDLE) callconv(WINAPI) NTSTATUS;
pub extern "NtDll" fn RtlDosPathNameToNtPathName_U(
DosPathName: [*:0]const u16,
NtPathName: *UNICODE_STRING,
NtFileNamePart: ?*?[*:0]const u16,
DirectoryInfo: ?*CURDIR,
) callconv(WINAPI) BOOL;
pub extern "NtDll" fn RtlFreeUnicodeString(UnicodeString: *UNICODE_STRING) callconv(WINAPI) void;
pub extern "NtDll" fn NtQueryDirectoryFile(
FileHandle: HANDLE,
Event: ?HANDLE,
ApcRoutine: ?IO_APC_ROUTINE,
ApcContext: ?*c_void,
IoStatusBlock: *IO_STATUS_BLOCK,
FileInformation: *c_void,
Length: ULONG,
FileInformationClass: FILE_INFORMATION_CLASS,
ReturnSingleEntry: BOOLEAN,
FileName: ?*UNICODE_STRING,
RestartScan: BOOLEAN,
) callconv(WINAPI) NTSTATUS;
pub extern "NtDll" fn NtCreateKeyedEvent(
KeyedEventHandle: *HANDLE,
DesiredAccess: ACCESS_MASK,
ObjectAttributes: ?PVOID,
Flags: ULONG,
) callconv(WINAPI) NTSTATUS;
pub extern "NtDll" fn NtReleaseKeyedEvent(
EventHandle: HANDLE,
Key: *const c_void,
Alertable: BOOLEAN,
Timeout: ?*LARGE_INTEGER,
) callconv(WINAPI) NTSTATUS;
pub extern "NtDll" fn NtWaitForKeyedEvent(
EventHandle: HANDLE,
Key: *const c_void,
Alertable: BOOLEAN,
Timeout: ?*LARGE_INTEGER,
) callconv(WINAPI) NTSTATUS;
pub extern "NtDll" fn RtlSetCurrentDirectory_U(PathName: *UNICODE_STRING) callconv(WINAPI) NTSTATUS;
pub extern "NtDll" fn NtQueryObject(
Handle: HANDLE,
ObjectInformationClass: OBJECT_INFORMATION_CLASS,
ObjectInformation: PVOID,
ObjectInformationLength: ULONG,
ReturnLength: ?PULONG,
) callconv(WINAPI) NTSTATUS;
|
