win2ksrc.rar elfproto.h

www.pudn.com > win2ksrc.rar > elfproto.h

/*++

Copyright (c) 1991 Microsoft Corporation

Module Name:

elfproto.h

Abstract:

This file contains the prototypes for the Eventlog service.

Author:

Rajen Shah (rajens) 12-Aug-1991

Revision History:

--*/

#ifndef _ELFPROTO_
#define _ELFPROTO

//
// Other prototypes
//
PVOID
ElfpAllocateBuffer (
ULONG size
);

VOID
ElfpFreeBuffer (
PVOID BufPtr
);

VOID
ElfPerformRequest(
PELF_REQUEST_RECORD Request
);

PLOGMODULE
GetModuleStruc (
PUNICODE_STRING ModuleName
);

PLOGMODULE
FindModuleStrucFromAtom (
ATOM Atom
);

VOID
ElfControlResponse(
DWORD
);

VOID
IELF_HANDLE_rundown(
IELF_HANDLE ElfHandle
);

VOID
LinkContextHandle(
IELF_HANDLE LogHandle
);

VOID
UnlinkContextHandle (
IELF_HANDLE LogHandle
);

VOID
LinkLogModule (
PLOGMODULE pLogModule,
ANSI_STRING * pModuleNameA
);

VOID
UnlinkLogModule (
PLOGMODULE pLogModule
);

VOID
LinkLogFile (
PLOGFILE pLogFile
);

VOID
UnlinkLogFile (
PLOGFILE pLogFile
);

VOID
GetGlobalResource (
DWORD Type
);

VOID
ReleaseGlobalResource(
VOID
);

NTSTATUS
SetUpDataStruct (
PUNICODE_STRING LogFileName,
ULONG MaxFileSize,
ULONG Retention,
ULONG GuestAccessRestriction,
PUNICODE_STRING ModuleName,
HANDLE hLogFile,
ELF_LOG_TYPE LogType,
LOGPOPUP logpLogPopup
);

NTSTATUS
SetUpModules (
HANDLE hLogFile,
PLOGFILE pLogFile,
BOOLEAN bAllowDupes
);

BOOL
StartLPCThread (
VOID
);

VOID
StopLPCThread (
VOID
);

BOOL
ElfStartRegistryMonitor (
VOID
);

VOID
StopRegistryMonitor (
VOID
);

NTSTATUS
ReadRegistryInfo (
HANDLE hLogFiles,
PUNICODE_STRING SubKeyName,
PLOG_FILE_INFO LogFileInfo
);

NTSTATUS
ElfOpenLogFile (
PLOGFILE pLogFile,
ELF_LOG_TYPE LogType
);

NTSTATUS
ElfpCloseLogFile (
PLOGFILE pLogFile,
DWORD Flags
);

BOOL
ValidFilePos (
PVOID Position,
PVOID BeginningRecord,
PVOID EndingRecord,
PVOID PhysicalEOF,
PVOID BaseAddress,
BOOL fCheckBeginEndRange
);

VOID
ElfpCleanUp (
ULONG EventFlags
);

NTSTATUS
ElfpCopyFile (
IN HANDLE SourceHandle,
IN PUNICODE_STRING TargetFileName
);

VOID
FreeModuleAndLogFileStructs (VOID);

NTSTATUS
ElfpFlushFiles (VOID);

VOID
InvalidateContextHandlesForLogFile (
PLOGFILE pLogFile
);

VOID
FixContextHandlesForRecord (
DWORD RecordOffset,
DWORD NewRecordOffset
);

PLOGFILE
FindLogFileFromName (
PUNICODE_STRING LogFileName
);

BOOL
SendAdminAlert (
ULONG MessageID,
ULONG NumStrings,
UNICODE_STRING *pStrings
);

PVOID
NextRecordPosition (
ULONG ReadFlags,
PVOID CurrPosition,
ULONG CurrRecordLength,
PVOID BeginRecord,
PVOID EndRecord,
PVOID PhysicalEOF,
PVOID PhysStart
);

VOID
NotifyChange (
PLOGFILE pLogFile
);

VOID
WriteQueuedEvents (
VOID
);

VOID
FlushQueuedEvents (
VOID
);

VOID
PerformWriteRequest (
PELF_REQUEST_RECORD Request
);

NTSTATUS
ElfpCreateLogFileObject(
PLOGFILE LogFile,
DWORD Type,
ULONG GuestAccessRestriction
);

VOID
ElfpDeleteLogFileObject(
PLOGFILE LogFile
);

VOID
ElfpCloseAudit(
IN LPWSTR SubsystemName,
IN IELF_HANDLE ContextHandle
);

NTSTATUS
ElfpAccessCheckAndAudit(
IN LPWSTR SubsystemName,
IN LPWSTR ObjectTypeName,
IN LPWSTR ObjectName,
IN OUT IELF_HANDLE ContextHandle,
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN ACCESS_MASK DesiredAccess,
IN PGENERIC_MAPPING GenericMapping,
IN BOOL ForSecurityLog
);

NTSTATUS
ElfCreateWellKnownSids(
VOID
);

VOID
ElfFreeWellKnownSids(
VOID
);

NTSTATUS
ElfCreateAndSetSD(
IN PRTL_ACE_DATA AceData,
IN ULONG AceCount,
IN PSID OwnerSid OPTIONAL,
IN PSID GroupSid OPTIONAL,
OUT PSECURITY_DESCRIPTOR *NewDescriptor
);

NTSTATUS
ElfCreateUserSecurityObject(
IN PRTL_ACE_DATA AceData,
IN ULONG AceCount,
IN PSID OwnerSid,
IN PSID GroupSid,
IN BOOLEAN IsDirectoryObject,
IN PGENERIC_MAPPING GenericMapping,
OUT PSECURITY_DESCRIPTOR *NewDescriptor
);

VOID
ElfpCreateElfEvent(
IN ULONG EventId,
IN USHORT EventType,
IN USHORT EventCategory,
IN USHORT NumStrings,
IN LPWSTR * Strings,
IN LPVOID Data,
IN ULONG DataSize,
IN USHORT Flags
);

VOID
ElfpCreateQueuedAlert(
DWORD MessageId,
DWORD NumberOfStrings,
LPWSTR Strings[]
);

VOID
ElfpCreateQueuedMessage(
DWORD MessageId,
DWORD NumberOfStrings,
LPWSTR Strings[]
);

DWORD
ElfStatusUpdate(
IN DWORD NewState
);

DWORD
GetElState (
VOID
);

VOID
ElfpGenerateLogClearedEvent(
IELF_HANDLE LogHandle
);

VOID
ElInitStatus(
VOID
);

VOID
ElCleanupStatus(
VOID
);

DWORD
ElfBeginForcedShutdown(
IN BOOL PendingCode,
IN DWORD ExitCode,
IN DWORD ServiceSpecificCode
);

NTSTATUS
ElfpTestClientPrivilege(
IN ULONG ulPrivilege,
IN HANDLE hThreadToken OPTIONAL
);

//SS: added to extend clustering support
NTSTATUS
FindSizeofEventsSinceStart (
OUT PULONG pulTotalEventSize,
IN PULONG pulNumLogFiles,
OUT PPROPLOGFILEINFO *ppPropLogFileInfo
);

NTSTATUS
GetEventsToProp(
IN PEVENTLOGRECORD pEventLogRecords,
IN PPROPLOGFILEINFO pPropLogFileInfo
);

//SS: end of changes for clustering

VOID
ElfWriteTimeStamp(
TIMESTAMPEVENT EventType,
BOOLEAN Append
);

VOID CALLBACK
ElfWriteLastAliveTimeStamp(
UINT uID,
UINT uMsg,
DWORD dwUser,
DWORD dw1,
DWORD dw2
);

#endif // ifndef _ELFPROTO_