View difference between Paste ID: <a href="/kng6kSnZ">kng6kSnZ</a> and <a href="/esKmjsZc">esKmjsZc</a>

C:\Program Files (x86)\Windows Kits\10\Include\10.0.10586.0\km\ntddk.h got some updates:
1	-	C:\Program Files (x86)\Windows Kits\10\Include\10.0.10586.0\km\ntddk.h got some updates:
1	+	C:\Program Files (x86)\Windows Kits\10\Include\10.0.10586.0\km\ntifs.h got some updates:
2
3
4		#define SECURITY_USERMANAGER_ID_BASE_RID (0x0000005DL)
5		#define SECURITY_USERMANAGER_ID_RID_COUNT (6L)
6
7		#define SECURITY_WINRM_ID_BASE_RID (0x0000005EL)
8		#define SECURITY_WINRM_ID_RID_COUNT (6L)
9
10		typedef struct _SE_ADT_PARAMETER_ARRAY_EX {
11
12		ULONG CategoryId;
13		ULONG AuditId;
14		ULONG Version;
15		ULONG ParameterCount;
16		ULONG Length;
17		USHORT FlatSubCategoryId;
18	-	/////
18	+
19		ULONG Flags;
20	-	not sure why this was added now here:
20	+
21
22		} SE_ADT_PARAMETER_ARRAY_EX, *PSE_ADT_PARAMETER_ARRAY_EX;
23
24	-	// Page/memory priorities.
24	+	// V2 Drops support for LM hash, but adds the credential key
25		typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL_V2 {
26		ULONG Version;
27	-	#define MEMORY_PRIORITY_LOWEST 0
27	+
28	-	#define MEMORY_PRIORITY_VERY_LOW 1
28	+	UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
29	-	#define MEMORY_PRIORITY_LOW 2
29	+	UCHAR CredentialKey[MSV1_0_OWF_PASSWORD_LENGTH];
30	-	#define MEMORY_PRIORITY_MEDIUM 3
30	+	} MSV1_0_SUPPLEMENTAL_CREDENTIAL_V2, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL_V2;
31	-	#define MEMORY_PRIORITY_BELOW_NORMAL 4
31	+
32	-	#define MEMORY_PRIORITY_NORMAL 5
32	+	#if (_WIN32_WINNT >= _WIN32_WINNT_WINTHRESHOLD)
33		#define FSCTL_QUERY_VOLUME_CONTAINER_STATE CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 228, METHOD_BUFFERED, FILE_ANY_ACCESS)
34	-	/////////////
34	+	#define FSCTL_SET_LAYER_ROOT CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 229, METHOD_BUFFERED, FILE_ANY_ACCESS) // CONTAINER_ROOT_INFO_INPUT CONTAINER_ROOT_INFO_OUTPUT
35		#endif
36
37		// TODO_WIN32_WINNT_WIN10_TH2
38	-	// Process mitigation policy information
38	+	#if (_WIN32_WINNT >= _WIN32_WINNT_WINTHRESHOLD)
39	-	// NtSetInformationProcess using ProcessMitigationPolicy
39	+	#define FSCTL_QUERY_DIRECT_ACCESS_EXTENTS CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 230, METHOD_NEITHER, FILE_ANY_ACCESS)
40		#define FSCTL_NOTIFY_STORAGE_SPACE_ALLOCATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 231, METHOD_BUFFERED, FILE_ANY_ACCESS)
41		#define FSCTL_SSDI_STORAGE_REQUEST CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 232, METHOD_BUFFERED, FILE_ANY_ACCESS)
42
43	-	typedef enum _PROCESS_MITIGATION_POLICY {
43	+
44	-	ProcessControlFlowGuardPolicy,
44	+	#define FILE_STORAGE_TIER_FLAG_PARITY (0x00800000)
45	-	ProcessImageLoadPolicy
45	+
46	-	} PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY;
46	+	#if (_WIN32_WINNT >= _WIN32_WINNT_WINTHRESHOLD)
47
48	-	////////
48	+	typedef struct _CONTAINER_VOLUME_STATE {
49		ULONG Flags;
50		} CONTAINER_VOLUME_STATE, *PCONTAINER_VOLUME_STATE;
51	-	// Known extended CPU state feature BITs
51	+
52		#define CONTAINER_VOLUME_STATE_HOSTING_CONTAINER (0x00000001)
53
54	-	// 8 IPT Supervisor
54	+
55		typedef struct _CONTAINER_ROOT_INFO_INPUT {
56	-	#define XSTATE_IPT (8)
56	+
57		} CONTAINER_ROOT_INFO_INPUT, *PCONTAINER_ROOT_INFO_INPUT;
58	-	#define XSTATE_MASK_IPT (1ui64 << (XSTATE_IPT))
58	+
59		typedef struct _CONTAINER_ROOT_INFO_OUTPUT {
60		USHORT ContainerRootIdLength;
61	-	// Define legal values for the SystemCall member.
61	+	UCHAR ContainerRootId[ANYSIZE_ARRAY];
62		} CONTAINER_ROOT_INFO_OUTPUT, *PCONTAINER_ROOT_INFO_OUTPUT;
63
64	-	#define SYSTEM_CALL_SYSCALL 0
64	+	#define CONTAINER_ROOT_INFO_FLAG_SCRATCH_ROOT (0x00000001)
65	-	#define SYSTEM_CALL_INT_2E 1
65	+	#define CONTAINER_ROOT_INFO_FLAG_LAYER_ROOT (0x00000002)
66
67	-	//////
67	+
68
69		//
70		// Tag allocated to DropBox for HSM
71	-	// On AMD64, this value is initialized to a nonzero value if the system
71	+	// GUID: C5BB0F16-68E9-4456-B6B9-5F5EE5F89965
72	-	// operates with an altered view of the system service call mechanism.
72	+
73
74		#define IO_REPARSE_TAG_DROPBOX_HSM (0x00000044L)
75	-	ULONG SystemCall;
75	+
76
77		typedef enum _SharedVirtualDiskSupportType
78	-	// Reserved, available for reuse.
78	+	{
79		//
80		// The target device supports Continuous Data
81	-	ULONG SystemCallPad0;
81	+	// Protection (log based) snapshots.
82	-	ULONGLONG SystemCallPad[2];
82	+
83		SharedVirtualDiskCDPSnapshotsSupported = 7
84		} SharedVirtualDiskSupportType;
85	-	// A bitmask of enclave features supported on this system.
85	+
86		#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
87	-
87	+
88	-	ULONG EnclaveFeatureMask[4];
88	+	VOID
89		SeAuditFipsCryptoSelftests(
90		_In_ BOOLEAN bSuccess,
91	-	// Assembler logic assumes a zero value for syscall and a nonzero value for
91	+	_In_ ULONG SelftestCode
92	-	// int 2e, and that no other values exist presently for the SystemCall field.
92	+
93		#endif
94
95	-	C_ASSERT(SYSTEM_CALL_SYSCALL == 0);
95	+
96	-	C_ASSERT(SYSTEM_CALL_INT_2E == 1);
96	+	// Registration version post threshold.
97		//
98		#define FSRTL_UNC_REGISTRATION_VERSION_0201 0x0201
99	-	C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, SystemCall) == 0x308);
99	+
100	-	C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, SystemCallPad0) == 0x30c);
100	+
101	-	C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, SystemCallPad) == 0x310);
101	+
102		//
103	-	C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, EnclaveFeatureMask) == 0x36c);
103	+	// FSRTL_UNC_REGISTRATION_VERSION_0201 is available in post threshold only.
104	-	C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, Reserved8) == 0x37c);
104	+	// Change NTDDI_WINTHRESHOLD to appropriate value when new
105		// version is avaialble.
106		//
107	-	Silo functions now at DISPATCH_LEVEL not APC_LEVEL:
107	+	#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD) /* ABRACADABRA_THRESHOLD */
108
109	-	_IRQL_requires_max_(DISPATCH_LEVEL)
109	+	#define FSRTL_UNC_REGISTRATION_CURRENT_VERSION FSRTL_UNC_REGISTRATION_VERSION_0201 // Current version is 2.1
110
111	-	PESILO
111	+	#elif (NTDDI_VERSION >= NTDDI_WINBLUE) /* ABRACADABRA_THRESHOLD */
112	-	PsGetCurrentServerSilo(
112	+
113	-	VOID
113	+	#define FSRTL_UNC_REGISTRATION_CURRENT_VERSION FSRTL_UNC_REGISTRATION_VERSION_0200 // Current version is 2.0
114
115		#endif
116	-	/////////
116	+
117		#if (NTDDI_VERSION >= NTDDI_THRESHOLD)
118	-	#if (NTDDI_VERSION >= NTDDI_WIN10)
118	+
119		#define ATOMIC_CREATE_ECP_IN_FLAG_SPARSE_SPECIFIED 0x0001
120	-	NTSTATUS
120	+	#define ATOMIC_CREATE_ECP_IN_FLAG_REPARSE_POINT_SPECIFIED 0x0002
121	-	IoVolumeDeviceNameToGuid(
121	+	#define ATOMIC_CREATE_ECP_IN_FLAG_EOF_SPECIFIED 0x0004
122	-	_In_ PUNICODE_STRING VolumeDeviceName,
122	+	#define ATOMIC_CREATE_ECP_IN_FLAG_VDL_SPECIFIED 0x0008
123	-	_Out_ GUID *Guid
123	+	#define ATOMIC_CREATE_ECP_IN_FLAG_OPERATION_MASK 0x00ff
124
125		#define ATOMIC_CREATE_ECP_IN_FLAG_BEST_EFFORT 0x0100
126
127	-	#if (NTDDI_VERSION >= NTDDI_WIN10)
127	+	#define ATOMIC_CREATE_ECP_OUT_FLAG_SPARSE_SET 0x0001
128	-	_Must_inspect_result_
128	+	#define ATOMIC_CREATE_ECP_OUT_FLAG_REPARSE_POINT_SET 0x0002
129		#define ATOMIC_CREATE_ECP_OUT_FLAG_EOF_SET 0x0004
130	-	NTSTATUS
130	+	#define ATOMIC_CREATE_ECP_OUT_FLAG_VDL_SET 0x0008
131	-	IoVolumeDeviceNameToGuidPath(
131	+	#define ATOMIC_CREATE_ECP_OUT_FLAG_OPERATION_MASK 0x00ff
132	-	_In_ PUNICODE_STRING VolumeDeviceName,
132	+
133	-	_Out_ _At_(GuidPath->Buffer,
133	+	typedef struct _ATOMIC_CREATE_ECP_CONTEXT {
134	-	__drv_allocatesMem(Mem)
134	+
135	-	_Post_notnull_)
135	+
136	-	PUNICODE_STRING GuidPath
136	+	// Size of this context structure.
137		//
138
139		USHORT Size;
140	-	////
140	+
141		//
142	-	typedef struct _IO_FOEXT_SILO_PARAMETERS {
142	+	// ATOMIC_CREATE_ECP_IN_FLAG_xxx flags.
143		//
144
145	-	PESILO SiloContext;
145	+	USHORT InFlags;
146
147	-	} IO_FOEXT_SILO_PARAMETERS, *PIO_FOEXT_SILO_PARAMETERS;
147	+
148		// ATOMIC_CREATE_ECP_OUT_FLAG_xxx flags.
149		//
150	-	PIO_FOEXT_SILO_PARAMETERS
150	+
151	-	IoGetSiloParameters (
151	+	USHORT OutFlags;
152	-	_In_ PFILE_OBJECT FileObject
152	+
153		//
154		// Size of the ReparseBuffer below.
155		//
156	-	//////////
156	+	// This can't exceed MAXIMUM_REPARSE_DATA_BUFFER_SIZE (16K).
157		//
158	-	typedef enum _HAL_SET_INFORMATION_CLASS {
158	+
159	-	HalSetResetParkDisposition, // Set whether to park processors on reset (LOGICAL)
159	+	USHORT ReparseBufferLength;
160	-	} HAL_SET_INFORMATION_CLASS, *PHAL_SET_INFORMATION_CLASS;
160	+
161		//
162		// Optional REPARSE_DATA_BUFFER or REPARSE_GUID_DATA_BUFFER.
163		//
164
165		_Field_size_bytes_opt_(ReparseBufferLength) PREPARSE_DATA_BUFFER ReparseBuffer;
166
167		//
168		// Optional file size.
169		//
170
171		LONGLONG FileSize;
172
173		//
174		// Optional valid data length.
175		//
176
177		LONGLONG ValidDataLength;
178
179		} ATOMIC_CREATE_ECP_CONTEXT, *PATOMIC_CREATE_ECP_CONTEXT;
180
181		//
182		// The GUID used for the ATOMIC_CREATE_ECP_CONTEXT structure.
183		//
184		// {4720bd83-52ac-4104-a130-d1ec6a8cc8e5}
185		//
186
187		DEFINE_GUID( GUID_ECP_ATOMIC_CREATE,
188		0x4720bd83,
189		0x52ac,
190		0x4104,
191		0xa1, 0x30, 0xd1, 0xec, 0x6a, 0x8c, 0xc8, 0xe5 );
192
193		#endif
194
195
196		typedef struct _SEC_TOKEN_BINDING {
197		unsigned char MajorVersion; // Supported major version of the Token Binding protocol
198		unsigned char MinorVersion; // Supported minor version of the Token Binding protocol
199		unsigned short KeyParametersSize; // Size in bytes of the Token Binding key parameter IDs array
200		unsigned char KeyParameters[ANYSIZE_ARRAY]; // Token Binding key parameter IDs, most preferred first
201		} SEC_TOKEN_BINDING, *PSEC_TOKEN_BINDING;