ntddk.h updates in Windows 10 WDK (Build 10586)

C:\Program Files (x86)\Windows Kits\10\Include\10.0.10586.0\km\ntddk.h got some updates:


typedef struct _SE_ADT_PARAMETER_ARRAY_EX {

    ULONG CategoryId;
    ULONG AuditId;
    ULONG Version;
    ULONG ParameterCount;
    ULONG Length;
    USHORT FlatSubCategoryId;
    USHORT Type;
    ULONG Flags;
    SE_ADT_PARAMETER_ARRAY_ENTRY Parameters[ SE_MAX_AUDIT_PARAMETERS ];

} SE_ADT_PARAMETER_ARRAY_EX, *PSE_ADT_PARAMETER_ARRAY_EX;

/////

not sure why this was added now here:


//
// Page/memory priorities.
//

#define MEMORY_PRIORITY_LOWEST           0
#define MEMORY_PRIORITY_VERY_LOW         1
#define MEMORY_PRIORITY_LOW              2
#define MEMORY_PRIORITY_MEDIUM           3
#define MEMORY_PRIORITY_BELOW_NORMAL     4
#define MEMORY_PRIORITY_NORMAL           5

/////////////


//
// Process mitigation policy information
//  NtSetInformationProcess using ProcessMitigationPolicy
//


typedef enum _PROCESS_MITIGATION_POLICY {
    ProcessControlFlowGuardPolicy,
    ProcessImageLoadPolicy
} PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY;

////////

//
// Known extended CPU state feature BITs
//

// 8    IPT                                 Supervisor

#define XSTATE_IPT                          (8)

#define XSTATE_MASK_IPT                     (1ui64 << (XSTATE_IPT))

//
// Define legal values for the SystemCall member.
//

#define SYSTEM_CALL_SYSCALL 0
#define SYSTEM_CALL_INT_2E  1

//////


//
// On AMD64, this value is initialized to a nonzero value if the system
// operates with an altered view of the system service call mechanism.
//

ULONG SystemCall;

//
// Reserved, available for reuse.
//

ULONG SystemCallPad0;
ULONGLONG SystemCallPad[2];

//
    // A bitmask of enclave features supported on this system.
    //

    ULONG EnclaveFeatureMask[4];

//
// Assembler logic assumes a zero value for syscall and a nonzero value for
// int 2e, and that no other values exist presently for the SystemCall field.
//

C_ASSERT(SYSTEM_CALL_SYSCALL == 0);
C_ASSERT(SYSTEM_CALL_INT_2E == 1);


C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, SystemCall) == 0x308);
C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, SystemCallPad0) == 0x30c);
C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, SystemCallPad) == 0x310);

C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, EnclaveFeatureMask) == 0x36c);
C_ASSERT(FIELD_OFFSET(KUSER_SHARED_DATA, Reserved8) == 0x37c);


Silo functions now at DISPATCH_LEVEL not APC_LEVEL:

_IRQL_requires_max_(DISPATCH_LEVEL)
NTKERNELAPI
PESILO
PsGetCurrentServerSilo(
    VOID
    );

/////////

#if (NTDDI_VERSION >= NTDDI_WIN10)
NTKERNELAPI
NTSTATUS
IoVolumeDeviceNameToGuid(
    _In_  PUNICODE_STRING VolumeDeviceName,
    _Out_ GUID            *Guid
    );
#endif

#if (NTDDI_VERSION >= NTDDI_WIN10)
_Must_inspect_result_
NTKERNELAPI
NTSTATUS
IoVolumeDeviceNameToGuidPath(
    _In_  PUNICODE_STRING VolumeDeviceName,
    _Out_ _At_(GuidPath->Buffer,
            __drv_allocatesMem(Mem)
            _Post_notnull_)
          PUNICODE_STRING GuidPath
    );
#endif

////

typedef struct _IO_FOEXT_SILO_PARAMETERS {

    ULONG Length;
    PESILO SiloContext;

} IO_FOEXT_SILO_PARAMETERS, *PIO_FOEXT_SILO_PARAMETERS;

#if (NTDDI_VERSION >= NTDDI_WINTHRESHOLD)
PIO_FOEXT_SILO_PARAMETERS
IoGetSiloParameters (
    _In_ PFILE_OBJECT FileObject
    );
#endif

//////////

typedef enum _HAL_SET_INFORMATION_CLASS {
HalSetResetParkDisposition,        // Set whether to park processors on reset (LOGICAL)
} HAL_SET_INFORMATION_CLASS, *PHAL_SET_INFORMATION_CLASS;