use crate::ntapi_base::{CLIENT_ID, KPRIORITY, PCLIENT_ID};
use crate::ntexapi::{PROCESS_DISK_COUNTERS, PROCESS_ENERGY_VALUES};
use crate::ntpebteb::{PPEB, PTEB};
use winapi::ctypes::c_void;
use winapi::shared::basetsd::{PSIZE_T, SIZE_T, ULONG64, ULONG_PTR};
use winapi::shared::ntdef::{
    BOOLEAN, HANDLE, LARGE_INTEGER, LIST_ENTRY, LONG, LONGLONG, NTSTATUS, NT_PRODUCT_TYPE,
    PHANDLE, PLARGE_INTEGER, POBJECT_ATTRIBUTES, PROCESSOR_NUMBER, PSINGLE_LIST_ENTRY, PULONG,
    PVOID, SINGLE_LIST_ENTRY, UCHAR, ULONG, ULONGLONG, UNICODE_STRING, USHORT, WCHAR,
};
use winapi::um::winnt::{
    ACCESS_MASK, CONTEXT, HARDWARE_COUNTER_TYPE, IO_COUNTERS, JOBOBJECTINFOCLASS,
    JOBOBJECT_BASIC_ACCOUNTING_INFORMATION, LDT_ENTRY, MAX_HW_COUNTERS, PCONTEXT, PJOB_SET_ARRAY,
    PROCESS_MITIGATION_ASLR_POLICY, PROCESS_MITIGATION_BINARY_SIGNATURE_POLICY,
    PROCESS_MITIGATION_CHILD_PROCESS_POLICY, PROCESS_MITIGATION_CONTROL_FLOW_GUARD_POLICY,
    PROCESS_MITIGATION_DYNAMIC_CODE_POLICY, PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY,
    PROCESS_MITIGATION_FONT_DISABLE_POLICY, PROCESS_MITIGATION_IMAGE_LOAD_POLICY,
    PROCESS_MITIGATION_PAYLOAD_RESTRICTION_POLICY, PROCESS_MITIGATION_POLICY,
    PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY, PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY,
    PROCESS_MITIGATION_SYSTEM_CALL_FILTER_POLICY, PSECURITY_QUALITY_OF_SERVICE,
};
#[cfg(all(feature = "beta", not(target_arch = "aarch64")))]
use crate::winapi_local::um::winnt::NtCurrentTeb;
pub const GDI_HANDLE_BUFFER_SIZE32: usize = 34;
pub const GDI_HANDLE_BUFFER_SIZE64: usize = 60;
#[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))]
pub const GDI_HANDLE_BUFFER_SIZE: usize = GDI_HANDLE_BUFFER_SIZE64;
#[cfg(target_arch = "x86")]
pub const GDI_HANDLE_BUFFER_SIZE: usize = GDI_HANDLE_BUFFER_SIZE32;
pub type GDI_HANDLE_BUFFER = [ULONG; GDI_HANDLE_BUFFER_SIZE];
pub type GDI_HANDLE_BUFFER32 = [ULONG; GDI_HANDLE_BUFFER_SIZE32];
pub type GDI_HANDLE_BUFFER64 = [ULONG; GDI_HANDLE_BUFFER_SIZE];
pub const TLS_EXPANSION_SLOTS: usize = 1024;
STRUCT!{struct PEB_LDR_DATA {
    Length: ULONG,
    Initialized: BOOLEAN,
    SsHandle: HANDLE,
    InLoadOrderModuleList: LIST_ENTRY,
    InMemoryOrderModuleList: LIST_ENTRY,
    InInitializationOrderModuleList: LIST_ENTRY,
    EntryInProgress: PVOID,
    ShutdownInProgress: BOOLEAN,
    ShutdownThreadId: HANDLE,
}}
pub type PPEB_LDR_DATA = *mut PEB_LDR_DATA;
STRUCT!{struct INITIAL_TEB_OldInitialTeb {
    OldStackBase: PVOID,
    OldStackLimit: PVOID,
}}
STRUCT!{struct INITIAL_TEB {
    OldInitialTeb: INITIAL_TEB_OldInitialTeb,
    StackBase: PVOID,
    StackLimit: PVOID,
    StackAllocationBase: PVOID,
}}
pub type PINITIAL_TEB = *mut INITIAL_TEB;
STRUCT!{struct WOW64_PROCESS {
    Wow64: PVOID,
}}
pub type PWOW64_PROCESS = *mut WOW64_PROCESS;
ENUM!{enum PROCESSINFOCLASS {
    ProcessBasicInformation = 0,
    ProcessQuotaLimits = 1,
    ProcessIoCounters = 2,
    ProcessVmCounters = 3,
    ProcessTimes = 4,
    ProcessBasePriority = 5,
    ProcessRaisePriority = 6,
    ProcessDebugPort = 7,
    ProcessExceptionPort = 8,
    ProcessAccessToken = 9,
    ProcessLdtInformation = 10,
    ProcessLdtSize = 11,
    ProcessDefaultHardErrorMode = 12,
    ProcessIoPortHandlers = 13,
    ProcessPooledUsageAndLimits = 14,
    ProcessWorkingSetWatch = 15,
    ProcessUserModeIOPL = 16,
    ProcessEnableAlignmentFaultFixup = 17,
    ProcessPriorityClass = 18,
    ProcessWx86Information = 19,
    ProcessHandleCount = 20,
    ProcessAffinityMask = 21,
    ProcessPriorityBoost = 22,
    ProcessDeviceMap = 23,
    ProcessSessionInformation = 24,
    ProcessForegroundInformation = 25,
    ProcessWow64Information = 26,
    ProcessImageFileName = 27,
    ProcessLUIDDeviceMapsEnabled = 28,
    ProcessBreakOnTermination = 29,
    ProcessDebugObjectHandle = 30,
    ProcessDebugFlags = 31,
    ProcessHandleTracing = 32,
    ProcessIoPriority = 33,
    ProcessExecuteFlags = 34,
    ProcessResourceManagement = 35,
    ProcessCookie = 36,
    ProcessImageInformation = 37,
    ProcessCycleTime = 38,
    ProcessPagePriority = 39,
    ProcessInstrumentationCallback = 40,
    ProcessThreadStackAllocation = 41,
    ProcessWorkingSetWatchEx = 42,
    ProcessImageFileNameWin32 = 43,
    ProcessImageFileMapping = 44,
    ProcessAffinityUpdateMode = 45,
    ProcessMemoryAllocationMode = 46,
    ProcessGroupInformation = 47,
    ProcessTokenVirtualizationEnabled = 48,
    ProcessConsoleHostProcess = 49,
    ProcessWindowInformation = 50,
    ProcessHandleInformation = 51,
    ProcessMitigationPolicy = 52,
    ProcessDynamicFunctionTableInformation = 53,
    ProcessHandleCheckingMode = 54,
    ProcessKeepAliveCount = 55,
    ProcessRevokeFileHandles = 56,
    ProcessWorkingSetControl = 57,
    ProcessHandleTable = 58,
    ProcessCheckStackExtentsMode = 59,
    ProcessCommandLineInformation = 60,
    ProcessProtectionInformation = 61,
    ProcessMemoryExhaustion = 62,
    ProcessFaultInformation = 63,
    ProcessTelemetryIdInformation = 64,
    ProcessCommitReleaseInformation = 65,
    ProcessDefaultCpuSetsInformation = 66,
    ProcessAllowedCpuSetsInformation = 67,
    ProcessSubsystemProcess = 68,
    ProcessJobMemoryInformation = 69,
    ProcessInPrivate = 70,
    ProcessRaiseUMExceptionOnInvalidHandleClose = 71,
    ProcessIumChallengeResponse = 72,
    ProcessChildProcessInformation = 73,
    ProcessHighGraphicsPriorityInformation = 74,
    ProcessSubsystemInformation = 75,
    ProcessEnergyValues = 76,
    ProcessActivityThrottleState = 77,
    ProcessActivityThrottlePolicy = 78,
    ProcessWin32kSyscallFilterInformation = 79,
    ProcessDisableSystemAllowedCpuSets = 80,
    ProcessWakeInformation = 81,
    ProcessEnergyTrackingState = 82,
    ProcessManageWritesToExecutableMemory = 83,
    ProcessCaptureTrustletLiveDump = 84,
    ProcessTelemetryCoverage = 85,
    ProcessEnclaveInformation = 86,
    ProcessEnableReadWriteVmLogging = 87,
    ProcessUptimeInformation = 88,
    ProcessImageSection = 89,
    ProcessDebugAuthInformation = 90,
    ProcessSystemResourceManagement = 91,
    ProcessSequenceNumber = 92,
    ProcessLoaderDetour = 93,
    ProcessSecurityDomainInformation = 94,
    ProcessCombineSecurityDomainsInformation = 95,
    ProcessEnableLogging = 96,
    ProcessLeapSecondInformation = 97,
    MaxProcessInfoClass = 98,
}}
ENUM!{enum THREADINFOCLASS {
    ThreadBasicInformation = 0,
    ThreadTimes = 1,
    ThreadPriority = 2,
    ThreadBasePriority = 3,
    ThreadAffinityMask = 4,
    ThreadImpersonationToken = 5,
    ThreadDescriptorTableEntry = 6,
    ThreadEnableAlignmentFaultFixup = 7,
    ThreadEventPair = 8,
    ThreadQuerySetWin32StartAddress = 9,
    ThreadZeroTlsCell = 10,
    ThreadPerformanceCount = 11,
    ThreadAmILastThread = 12,
    ThreadIdealProcessor = 13,
    ThreadPriorityBoost = 14,
    ThreadSetTlsArrayAddress = 15,
    ThreadIsIoPending = 16,
    ThreadHideFromDebugger = 17,
    ThreadBreakOnTermination = 18,
    ThreadSwitchLegacyState = 19,
    ThreadIsTerminated = 20,
    ThreadLastSystemCall = 21,
    ThreadIoPriority = 22,
    ThreadCycleTime = 23,
    ThreadPagePriority = 24,
    ThreadActualBasePriority = 25,
    ThreadTebInformation = 26,
    ThreadCSwitchMon = 27,
    ThreadCSwitchPmu = 28,
    ThreadWow64Context = 29,
    ThreadGroupInformation = 30,
    ThreadUmsInformation = 31,
    ThreadCounterProfiling = 32,
    ThreadIdealProcessorEx = 33,
    ThreadCpuAccountingInformation = 34,
    ThreadSuspendCount = 35,
    ThreadHeterogeneousCpuPolicy = 36,
    ThreadContainerId = 37,
    ThreadNameInformation = 38,
    ThreadSelectedCpuSets = 39,
    ThreadSystemThreadInformation = 40,
    ThreadActualGroupAffinity = 41,
    ThreadDynamicCodePolicyInfo = 42,
    ThreadExplicitCaseSensitivity = 43,
    ThreadWorkOnBehalfTicket = 44,
    ThreadSubsystemInformation = 45,
    ThreadDbgkWerReportActive = 46,
    ThreadAttachContainer = 47,
    ThreadManageWritesToExecutableMemory = 48,
    ThreadPowerThrottlingState = 49,
    ThreadWorkloadClass = 50,
    MaxThreadInfoClass = 51,
}}
STRUCT!{struct PAGE_PRIORITY_INFORMATION {
    PagePriority: ULONG,
}}
pub type PPAGE_PRIORITY_INFORMATION = *mut PAGE_PRIORITY_INFORMATION;
STRUCT!{struct PROCESS_BASIC_INFORMATION {
    ExitStatus: NTSTATUS,
    PebBaseAddress: PPEB,
    AffinityMask: ULONG_PTR,
    BasePriority: KPRIORITY,
    UniqueProcessId: HANDLE,
    InheritedFromUniqueProcessId: HANDLE,
}}
pub type PPROCESS_BASIC_INFORMATION = *mut PROCESS_BASIC_INFORMATION;
STRUCT!{struct PROCESS_EXTENDED_BASIC_INFORMATION {
    Size: SIZE_T,
    BasicInfo: PROCESS_BASIC_INFORMATION,
    Flags: ULONG,
}}
BITFIELD!{PROCESS_EXTENDED_BASIC_INFORMATION Flags: ULONG [
    IsProtectedProcess set_IsProtectedProcess[0..1],
    IsWow64Process set_IsWow64Process[1..2],
    IsProcessDeleting set_IsProcessDeleting[2..3],
    IsCrossSessionCreate set_IsCrossSessionCreate[3..4],
    IsFrozen set_IsFrozen[4..5],
    IsBackground set_IsBackground[5..6],
    IsStronglyNamed set_IsStronglyNamed[6..7],
    IsSecureProcess set_IsSecureProcess[7..8],
    IsSubsystemProcess set_IsSubsystemProcess[8..9],
    SpareBits set_SpareBits[9..32],
]}
pub type PPROCESS_EXTENDED_BASIC_INFORMATION = *mut PROCESS_EXTENDED_BASIC_INFORMATION;
STRUCT!{struct VM_COUNTERS {
    PeakVirtualSize: SIZE_T,
    VirtualSize: SIZE_T,
    PageFaultCount: ULONG,
    PeakWorkingSetSize: SIZE_T,
    WorkingSetSize: SIZE_T,
    QuotaPeakPagedPoolUsage: SIZE_T,
    QuotaPagedPoolUsage: SIZE_T,
    QuotaPeakNonPagedPoolUsage: SIZE_T,
    QuotaNonPagedPoolUsage: SIZE_T,
    PagefileUsage: SIZE_T,
    PeakPagefileUsage: SIZE_T,
}}
pub type PVM_COUNTERS = *mut VM_COUNTERS;
STRUCT!{struct VM_COUNTERS_EX {
    PeakVirtualSize: SIZE_T,
    VirtualSize: SIZE_T,
    PageFaultCount: ULONG,
    PeakWorkingSetSize: SIZE_T,
    WorkingSetSize: SIZE_T,
    QuotaPeakPagedPoolUsage: SIZE_T,
    QuotaPagedPoolUsage: SIZE_T,
    QuotaPeakNonPagedPoolUsage: SIZE_T,
    QuotaNonPagedPoolUsage: SIZE_T,
    PagefileUsage: SIZE_T,
    PeakPagefileUsage: SIZE_T,
    PrivateUsage: SIZE_T,
}}
pub type PVM_COUNTERS_EX = *mut VM_COUNTERS_EX;
STRUCT!{struct VM_COUNTERS_EX2 {
    CountersEx: VM_COUNTERS_EX,
    PrivateWorkingSetSize: SIZE_T,
    SharedCommitUsage: SIZE_T,
}}
pub type PVM_COUNTERS_EX2 = *mut VM_COUNTERS_EX2;
STRUCT!{struct KERNEL_USER_TIMES {
    CreateTime: LARGE_INTEGER,
    ExitTime: LARGE_INTEGER,
    KernelTime: LARGE_INTEGER,
    UserTime: LARGE_INTEGER,
}}
pub type PKERNEL_USER_TIMES = *mut KERNEL_USER_TIMES;
STRUCT!{struct POOLED_USAGE_AND_LIMITS {
    PeakPagedPoolUsage: SIZE_T,
    PagedPoolUsage: SIZE_T,
    PagedPoolLimit: SIZE_T,
    PeakNonPagedPoolUsage: SIZE_T,
    NonPagedPoolUsage: SIZE_T,
    NonPagedPoolLimit: SIZE_T,
    PeakPagefileUsage: SIZE_T,
    PagefileUsage: SIZE_T,
    PagefileLimit: SIZE_T,
}}
pub type PPOOLED_USAGE_AND_LIMITS = *mut POOLED_USAGE_AND_LIMITS;
pub const PROCESS_EXCEPTION_PORT_ALL_STATE_BITS: ULONG_PTR = 0x00000003;
pub const PROCESS_EXCEPTION_PORT_ALL_STATE_FLAGS: ULONG_PTR =
    (1 << PROCESS_EXCEPTION_PORT_ALL_STATE_BITS) - 1;
STRUCT!{struct PROCESS_EXCEPTION_PORT {
    ExceptionPortHandle: HANDLE,
    StateFlags: ULONG,
}}
pub type PPROCESS_EXCEPTION_PORT = *mut PROCESS_EXCEPTION_PORT;
STRUCT!{struct PROCESS_ACCESS_TOKEN {
    Token: HANDLE,
    Thread: HANDLE,
}}
pub type PPROCESS_ACCESS_TOKEN = *mut PROCESS_ACCESS_TOKEN;
STRUCT!{struct PROCESS_LDT_INFORMATION {
    Start: ULONG,
    Length: ULONG,
    LdtEntries: [LDT_ENTRY; 1],
}}
pub type PPROCESS_LDT_INFORMATION = *mut PROCESS_LDT_INFORMATION;
STRUCT!{struct PROCESS_LDT_SIZE {
    Length: ULONG,
}}
pub type PPROCESS_LDT_SIZE = *mut PROCESS_LDT_SIZE;
STRUCT!{struct PROCESS_WS_WATCH_INFORMATION {
    FaultingPc: PVOID,
    FaultingVa: PVOID,
}}
pub type PPROCESS_WS_WATCH_INFORMATION = *mut PROCESS_WS_WATCH_INFORMATION;
STRUCT!{struct PROCESS_WS_WATCH_INFORMATION_EX {
    BasicInfo: PROCESS_WS_WATCH_INFORMATION,
    FaultingThreadId: ULONG_PTR,
    Flags: ULONG_PTR,
}}
pub type PPROCESS_WS_WATCH_INFORMATION_EX = *mut PROCESS_WS_WATCH_INFORMATION_EX;
pub const PROCESS_PRIORITY_CLASS_UNKNOWN: u32 = 0;
pub const PROCESS_PRIORITY_CLASS_IDLE: u32 = 1;
pub const PROCESS_PRIORITY_CLASS_NORMAL: u32 = 2;
pub const PROCESS_PRIORITY_CLASS_HIGH: u32 = 3;
pub const PROCESS_PRIORITY_CLASS_REALTIME: u32 = 4;
pub const PROCESS_PRIORITY_CLASS_BELOW_NORMAL: u32 = 5;
pub const PROCESS_PRIORITY_CLASS_ABOVE_NORMAL: u32 = 6;
STRUCT!{struct PROCESS_PRIORITY_CLASS {
    Foreground: BOOLEAN,
    PriorityClass: UCHAR,
}}
pub type PPROCESS_PRIORITY_CLASS = *mut PROCESS_PRIORITY_CLASS;
STRUCT!{struct PROCESS_FOREGROUND_BACKGROUND {
    Foreground: BOOLEAN,
}}
pub type PPROCESS_FOREGROUND_BACKGROUND = *mut PROCESS_FOREGROUND_BACKGROUND;
STRUCT!{struct PROCESS_DEVICEMAP_INFORMATION_Set {
    DirectoryHandle: HANDLE,
}}
STRUCT!{struct PROCESS_DEVICEMAP_INFORMATION_Query {
    DriveMap: ULONG,
    DriveType: [UCHAR; 32],
}}
UNION!{union PROCESS_DEVICEMAP_INFORMATION {
    Set: PROCESS_DEVICEMAP_INFORMATION_Set,
    Query: PROCESS_DEVICEMAP_INFORMATION_Query,
}}
pub type PPROCESS_DEVICEMAP_INFORMATION = *mut PROCESS_DEVICEMAP_INFORMATION;
pub const PROCESS_LUID_DOSDEVICES_ONLY: ULONG = 0x00000001;
STRUCT!{struct PROCESS_DEVICEMAP_INFORMATION_EX_u_Set {
    DirectoryHandle: HANDLE,
}}
STRUCT!{struct PROCESS_DEVICEMAP_INFORMATION_EX_u_Query {
    DriveMap: ULONG,
    DriveType: [UCHAR; 32],
}}
UNION!{union PROCESS_DEVICEMAP_INFORMATION_EX_u {
    Set: PROCESS_DEVICEMAP_INFORMATION_EX_u_Set,
    Query: PROCESS_DEVICEMAP_INFORMATION_EX_u_Query,
}}
STRUCT!{struct PROCESS_DEVICEMAP_INFORMATION_EX {
    u: PROCESS_DEVICEMAP_INFORMATION_EX_u,
    Flags: ULONG,
}}
pub type PPROCESS_DEVICEMAP_INFORMATION_EX = *mut PROCESS_DEVICEMAP_INFORMATION_EX;
STRUCT!{struct PROCESS_SESSION_INFORMATION {
    SessionId: ULONG,
}}
pub type PPROCESS_SESSION_INFORMATION = *mut PROCESS_SESSION_INFORMATION;
pub const PROCESS_HANDLE_EXCEPTIONS_ENABLED: ULONG = 0x00000001;
pub const PROCESS_HANDLE_RAISE_EXCEPTION_ON_INVALID_HANDLE_CLOSE_DISABLED: ULONG = 0x00000000;
pub const PROCESS_HANDLE_RAISE_EXCEPTION_ON_INVALID_HANDLE_CLOSE_ENABLED: ULONG = 0x00000001;
STRUCT!{struct PROCESS_HANDLE_TRACING_ENABLE {
    Flags: ULONG,
}}
pub type PPROCESS_HANDLE_TRACING_ENABLE = *mut PROCESS_HANDLE_TRACING_ENABLE;
pub const PROCESS_HANDLE_TRACING_MAX_SLOTS: ULONG = 0x20000;
STRUCT!{struct PROCESS_HANDLE_TRACING_ENABLE_EX {
    Flags: ULONG,
    TotalSlots: ULONG,
}}
pub type PPROCESS_HANDLE_TRACING_ENABLE_EX = *mut PROCESS_HANDLE_TRACING_ENABLE_EX;
pub const PROCESS_HANDLE_TRACING_MAX_STACKS: usize = 16;
pub const PROCESS_HANDLE_TRACE_TYPE_OPEN: ULONG = 1;
pub const PROCESS_HANDLE_TRACE_TYPE_CLOSE: ULONG = 2;
pub const PROCESS_HANDLE_TRACE_TYPE_BADREF: ULONG = 3;
STRUCT!{struct PROCESS_HANDLE_TRACING_ENTRY {
    Handle: HANDLE,
    ClientId: CLIENT_ID,
    Type: ULONG,
    Stacks: [PVOID; PROCESS_HANDLE_TRACING_MAX_STACKS],
}}
pub type PPROCESS_HANDLE_TRACING_ENTRY = *mut PROCESS_HANDLE_TRACING_ENTRY;
STRUCT!{struct PROCESS_HANDLE_TRACING_QUERY {
    Handle: HANDLE,
    TotalTraces: ULONG,
    HandleTrace: [PROCESS_HANDLE_TRACING_ENTRY; 1],
}}
pub type PPROCESS_HANDLE_TRACING_QUERY = *mut PROCESS_HANDLE_TRACING_QUERY;
STRUCT!{struct THREAD_TLS_INFORMATION {
    Flags: ULONG,
    NewTlsData: PVOID,
    OldTlsData: PVOID,
    ThreadId: HANDLE,
}}
pub type PTHREAD_TLS_INFORMATION = *mut THREAD_TLS_INFORMATION;
ENUM!{enum PROCESS_TLS_INFORMATION_TYPE {
    ProcessTlsReplaceIndex = 0,
    ProcessTlsReplaceVector = 1,
    MaxProcessTlsOperation = 2,
}}
pub type PPROCESS_TLS_INFORMATION_TYPE = *mut PROCESS_TLS_INFORMATION_TYPE;
STRUCT!{struct PROCESS_TLS_INFORMATION {
    Flags: ULONG,
    OperationType: ULONG,
    ThreadDataCount: ULONG,
    TlsIndex: ULONG,
    PreviousCount: ULONG,
    ThreadData: [THREAD_TLS_INFORMATION; 1],
}}
pub type PPROCESS_TLS_INFORMATION = *mut PROCESS_TLS_INFORMATION;
STRUCT!{struct PROCESS_INSTRUMENTATION_CALLBACK_INFORMATION {
    Version: ULONG,
    Reserved: ULONG,
    Callback: PVOID,
}}
pub type PPROCESS_INSTRUMENTATION_CALLBACK_INFORMATION =
    *mut PROCESS_INSTRUMENTATION_CALLBACK_INFORMATION;
STRUCT!{struct PROCESS_STACK_ALLOCATION_INFORMATION {
    ReserveSize: SIZE_T,
    ZeroBits: SIZE_T,
    StackBase: PVOID,
}}
pub type PPROCESS_STACK_ALLOCATION_INFORMATION = *mut PROCESS_STACK_ALLOCATION_INFORMATION;
STRUCT!{struct PROCESS_STACK_ALLOCATION_INFORMATION_EX {
    PreferredNode: ULONG,
    Reserved0: ULONG,
    Reserved1: ULONG,
    Reserved2: ULONG,
    AllocInfo: PROCESS_STACK_ALLOCATION_INFORMATION,
}}
pub type PPROCESS_STACK_ALLOCATION_INFORMATION_EX = *mut PROCESS_STACK_ALLOCATION_INFORMATION_EX;
STRUCT!{struct PROCESS_AFFINITY_UPDATE_MODE {
    Flags: ULONG,
}}
BITFIELD!{PROCESS_AFFINITY_UPDATE_MODE Flags: ULONG [
    EnableAutoUpdate set_EnableAutoUpdate[0..1],
    Permanent set_Permanent[1..2],
    Reserved set_Reserved[2..32],
]}
pub type PPROCESS_AFFINITY_UPDATE_MODE = *mut PROCESS_AFFINITY_UPDATE_MODE;
STRUCT!{struct PROCESS_MEMORY_ALLOCATION_MODE {
    Flags: ULONG,
}}
BITFIELD!{PROCESS_MEMORY_ALLOCATION_MODE Flags: ULONG [
    TopDown set_TopDown[0..1],
    Reserved set_Reserved[1..32],
]}
pub type PPROCESS_MEMORY_ALLOCATION_MODE = *mut PROCESS_MEMORY_ALLOCATION_MODE;
STRUCT!{struct PROCESS_HANDLE_INFORMATION {
    HandleCount: ULONG,
    HandleCountHighWatermark: ULONG,
}}
pub type PPROCESS_HANDLE_INFORMATION = *mut PROCESS_HANDLE_INFORMATION;
STRUCT!{struct PROCESS_CYCLE_TIME_INFORMATION {
    AccumulatedCycles: ULONGLONG,
    CurrentCycleCount: ULONGLONG,
}}
pub type PPROCESS_CYCLE_TIME_INFORMATION = *mut PROCESS_CYCLE_TIME_INFORMATION;
STRUCT!{struct PROCESS_WINDOW_INFORMATION {
    WindowFlags: ULONG,
    WindowTitleLength: USHORT,
    WindowTitle: [WCHAR; 1],
}}
pub type PPROCESS_WINDOW_INFORMATION = *mut PROCESS_WINDOW_INFORMATION;
STRUCT!{struct PROCESS_HANDLE_TABLE_ENTRY_INFO {
    HandleValue: HANDLE,
    HandleCount: ULONG_PTR,
    PointerCount: ULONG_PTR,
    GrantedAccess: ULONG,
    ObjectTypeIndex: ULONG,
    HandleAttributes: ULONG,
    Reserved: ULONG,
}}
pub type PPROCESS_HANDLE_TABLE_ENTRY_INFO = *mut PROCESS_HANDLE_TABLE_ENTRY_INFO;
STRUCT!{struct PROCESS_HANDLE_SNAPSHOT_INFORMATION {
    NumberOfHandles: ULONG_PTR,
    Reserved: ULONG_PTR,
    Handles: [PROCESS_HANDLE_TABLE_ENTRY_INFO; 1],
}}
pub type PPROCESS_HANDLE_SNAPSHOT_INFORMATION = *mut PROCESS_HANDLE_SNAPSHOT_INFORMATION;
UNION!{union PROCESS_MITIGATION_POLICY_INFORMATION_u {
    ASLRPolicy: PROCESS_MITIGATION_ASLR_POLICY,
    StrictHandleCheckPolicy: PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY,
    SystemCallDisablePolicy: PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY,
    ExtensionPointDisablePolicy: PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY,
    DynamicCodePolicy: PROCESS_MITIGATION_DYNAMIC_CODE_POLICY,
    ControlFlowGuardPolicy: PROCESS_MITIGATION_CONTROL_FLOW_GUARD_POLICY,
    SignaturePolicy: PROCESS_MITIGATION_BINARY_SIGNATURE_POLICY,
    FontDisablePolicy: PROCESS_MITIGATION_FONT_DISABLE_POLICY,
    ImageLoadPolicy: PROCESS_MITIGATION_IMAGE_LOAD_POLICY,
    SystemCallFilterPolicy: PROCESS_MITIGATION_SYSTEM_CALL_FILTER_POLICY,
    PayloadRestrictionPolicy: PROCESS_MITIGATION_PAYLOAD_RESTRICTION_POLICY,
    ChildProcessPolicy: PROCESS_MITIGATION_CHILD_PROCESS_POLICY,
    // SideChannelIsolationPolicy: PROCESS_MITIGATION_SIDE_CHANNEL_ISOLATION_POLICY, //TODO
}}
STRUCT!{struct PROCESS_MITIGATION_POLICY_INFORMATION {
    Policy: PROCESS_MITIGATION_POLICY,
    u: PROCESS_MITIGATION_POLICY_INFORMATION_u,
}}
pub type PPROCESS_MITIGATION_POLICY_INFORMATION = *mut PROCESS_MITIGATION_POLICY_INFORMATION;
STRUCT!{struct PROCESS_KEEPALIVE_COUNT_INFORMATION {
    WakeCount: ULONG,
    NoWakeCount: ULONG,
}}
pub type PPROCESS_KEEPALIVE_COUNT_INFORMATION = *mut PROCESS_KEEPALIVE_COUNT_INFORMATION;
STRUCT!{struct PROCESS_REVOKE_FILE_HANDLES_INFORMATION {
    TargetDevicePath: UNICODE_STRING,
}}
pub type PPROCESS_REVOKE_FILE_HANDLES_INFORMATION = *mut PROCESS_REVOKE_FILE_HANDLES_INFORMATION;
ENUM!{enum PROCESS_WORKING_SET_OPERATION {
    ProcessWorkingSetSwap = 0,
    ProcessWorkingSetEmpty = 1,
    ProcessWorkingSetOperationMax = 2,
}}
STRUCT!{struct PROCESS_WORKING_SET_CONTROL {
    Version: ULONG,
    Operation: PROCESS_WORKING_SET_OPERATION,
    Flags: ULONG,
}}
pub type PPROCESS_WORKING_SET_CONTROL = *mut PROCESS_WORKING_SET_CONTROL;
ENUM!{enum PS_PROTECTED_TYPE {
    PsProtectedTypeNone = 0,
    PsProtectedTypeProtectedLight = 1,
    PsProtectedTypeProtected = 2,
    PsProtectedTypeMax = 3,
}}
ENUM!{enum PS_PROTECTED_SIGNER {
    PsProtectedSignerNone = 0,
    PsProtectedSignerAuthenticode = 1,
    PsProtectedSignerCodeGen = 2,
    PsProtectedSignerAntimalware = 3,
    PsProtectedSignerLsa = 4,
    PsProtectedSignerWindows = 5,
    PsProtectedSignerWinTcb = 6,
    PsProtectedSignerWinSystem = 7,
    PsProtectedSignerApp = 8,
    PsProtectedSignerMax = 9,
}}
pub const PS_PROTECTED_SIGNER_MASK: UCHAR = 0xFF;
pub const PS_PROTECTED_AUDIT_MASK: UCHAR = 0x08;
pub const PS_PROTECTED_TYPE_MASK: UCHAR = 0x07;
#[inline]
pub const fn PsProtectedValue(
    aSigner: PS_PROTECTED_SIGNER,
    aAudit: u8,
    aType: PS_PROTECTED_TYPE,
) -> UCHAR {
    (aSigner as u8 & PS_PROTECTED_SIGNER_MASK) << 4 | (aAudit & PS_PROTECTED_AUDIT_MASK) << 3
        | (aType as u8 & PS_PROTECTED_TYPE_MASK)
}
#[inline]
pub fn InitializePsProtection(
    aProtectionLevelPtr: &mut PS_PROTECTION,
    aSigner: PS_PROTECTED_SIGNER,
    aAudit: u8,
    aType: PS_PROTECTED_TYPE,
) {
    aProtectionLevelPtr.set_Signer(aSigner as u8);
    aProtectionLevelPtr.set_Audit(aAudit);
    aProtectionLevelPtr.set_Type(aType as u8);
}
STRUCT!{struct PS_PROTECTION {
    Level: UCHAR,
}}
pub type PPS_PROTECTION = *mut PS_PROTECTION;
BITFIELD!{PS_PROTECTION Level: UCHAR [
    Type set_Type[0..3],
    Audit set_Audit[3..4],
    Signer set_Signer[4..8],
]}
STRUCT!{struct PROCESS_FAULT_INFORMATION {
    FaultFlags: ULONG,
    AdditionalInfo: ULONG,
}}
pub type PPROCESS_FAULT_INFORMATION = *mut PROCESS_FAULT_INFORMATION;
STRUCT!{struct PROCESS_TELEMETRY_ID_INFORMATION {
    HeaderSize: ULONG,
    ProcessId: ULONG,
    ProcessStartKey: ULONGLONG,
    CreateTime: ULONGLONG,
    CreateInterruptTime: ULONGLONG,
    CreateUnbiasedInterruptTime: ULONGLONG,
    ProcessSequenceNumber: ULONGLONG,
    SessionCreateTime: ULONGLONG,
    SessionId: ULONG,
    BootId: ULONG,
    ImageChecksum: ULONG,
    ImageTimeDateStamp: ULONG,
    UserSidOffset: ULONG,
    ImagePathOffset: ULONG,
    PackageNameOffset: ULONG,
    RelativeAppNameOffset: ULONG,
    CommandLineOffset: ULONG,
}}
pub type PPROCESS_TELEMETRY_ID_INFORMATION = *mut PROCESS_TELEMETRY_ID_INFORMATION;
STRUCT!{struct PROCESS_COMMIT_RELEASE_INFORMATION {
    Version: ULONG,
    s: ULONG,
    CommitDebt: SIZE_T,
    CommittedMemResetSize: SIZE_T,
    RepurposedMemResetSize: SIZE_T,
}}
BITFIELD!{PROCESS_COMMIT_RELEASE_INFORMATION s: ULONG [
    Eligible set_Eligible[0..1],
    ReleaseRepurposedMemResetCommit set_ReleaseRepurposedMemResetCommit[1..2],
    ForceReleaseMemResetCommit set_ForceReleaseMemResetCommit[2..3],
    Spare set_Spare[3..32],
]}
pub type PPROCESS_COMMIT_RELEASE_INFORMATION = *mut PROCESS_COMMIT_RELEASE_INFORMATION;
STRUCT!{struct PROCESS_JOB_MEMORY_INFO {
    SharedCommitUsage: ULONGLONG,
    PrivateCommitUsage: ULONGLONG,
    PeakPrivateCommitUsage: ULONGLONG,
    PrivateCommitLimit: ULONGLONG,
    TotalCommitLimit: ULONGLONG,
}}
pub type PPROCESS_JOB_MEMORY_INFO = *mut PROCESS_JOB_MEMORY_INFO;
STRUCT!{struct PROCESS_CHILD_PROCESS_INFORMATION {
    ProhibitChildProcesses: BOOLEAN,
    AlwaysAllowSecureChildProcess: BOOLEAN,
    AuditProhibitChildProcesses: BOOLEAN,
}}
pub type PPROCESS_CHILD_PROCESS_INFORMATION = *mut PROCESS_CHILD_PROCESS_INFORMATION;
STRUCT!{struct PROCESS_WAKE_INFORMATION {
    NotificationChannel: ULONGLONG,
    WakeCounters: [ULONG; 7],
    WakeFilter: *mut JOBOBJECT_WAKE_FILTER,
}}
pub type PPROCESS_WAKE_INFORMATION = *mut PROCESS_WAKE_INFORMATION;
STRUCT!{struct PROCESS_ENERGY_TRACKING_STATE {
    StateUpdateMask: ULONG,
    StateDesiredValue: ULONG,
    StateSequence: ULONG,
    UpdateTag: ULONG,
    Tag: [WCHAR; 64],
}}
pub type PPROCESS_ENERGY_TRACKING_STATE = *mut PROCESS_ENERGY_TRACKING_STATE;
BITFIELD!{PROCESS_ENERGY_TRACKING_STATE UpdateTag: ULONG [
    UpdateTag set_UpdateTag[0..1],
]}
STRUCT!{struct MANAGE_WRITES_TO_EXECUTABLE_MEMORY {
    BitFields: ULONG,
}}
BITFIELD!{MANAGE_WRITES_TO_EXECUTABLE_MEMORY BitFields: ULONG [
    Machine set_Machine[0..16],
    KernelMode set_KernelMode[16..17],
    UserMode set_UserMode[17..18],
    Native set_Native[18..19],
    Process set_Process[19..20],
    ReservedZero0 set_ReservedZero0[20..32],
]}
pub type PMANAGE_WRITES_TO_EXECUTABLE_MEMORY = *mut MANAGE_WRITES_TO_EXECUTABLE_MEMORY;
pub const PROCESS_READWRITEVM_LOGGING_ENABLE_READVM: UCHAR = 1;
pub const PROCESS_READWRITEVM_LOGGING_ENABLE_WRITEVM: UCHAR = 2;
pub const PROCESS_READWRITEVM_LOGGING_ENABLE_READVM_V: UCHAR = 1;
pub const PROCESS_READWRITEVM_LOGGING_ENABLE_WRITEVM_V: UCHAR = 2;
STRUCT!{struct PROCESS_READWRITEVM_LOGGING_INFORMATION {
    Flags: UCHAR,
}}
BITFIELD!{PROCESS_READWRITEVM_LOGGING_INFORMATION Flags: UCHAR [
    EnableReadVmLogging set_EnableReadVmLogging[0..1],
    EnableWriteVmLogging set_EnableWriteVmLogging[1..2],
    Unused set_Unused[2..8],
]}
UNION!{union PROCESS_UPTIME_INFORMATION_u {
    HangCount: ULONG,
    GhostCount: ULONG,
    Crashed: ULONG,
    Terminated: ULONG,
}}
pub type PPROCESS_READWRITEVM_LOGGING_INFORMATION = *mut PROCESS_READWRITEVM_LOGGING_INFORMATION;
STRUCT!{struct PROCESS_UPTIME_INFORMATION {
    QueryInterruptTime: ULONGLONG,
    QueryUnbiasedTime: ULONGLONG,
    EndInterruptTime: ULONGLONG,
    TimeSinceCreation: ULONGLONG,
    Uptime: ULONGLONG,
    SuspendedTime: ULONGLONG,
    u: PROCESS_UPTIME_INFORMATION_u,
}}
pub type PPROCESS_UPTIME_INFORMATION = *mut PROCESS_UPTIME_INFORMATION;
STRUCT!{struct PROCESS_SYSTEM_RESOURCE_MANAGEMENT {
    Flags: ULONG,
}}
pub type PPROCESS_SYSTEM_RESOURCE_MANAGEMENT = *mut PROCESS_SYSTEM_RESOURCE_MANAGEMENT;
BITFIELD!{PROCESS_SYSTEM_RESOURCE_MANAGEMENT Flags: ULONG [
    Foreground set_Foreground[0..1],
    Reserved set_Reserved[1..32],
]}
STRUCT!{struct PROCESS_SECURITY_DOMAIN_INFORMATION {
    SecurityDomain: ULONGLONG,
}}
pub type PPROCESS_SECURITY_DOMAIN_INFORMATION = *mut PROCESS_SECURITY_DOMAIN_INFORMATION;
STRUCT!{struct PROCESS_COMBINE_SECURITY_DOMAINS_INFORMATION {
    ProcessHandle: HANDLE,
}}
pub type PPROCESS_COMBINE_SECURITY_DOMAINS_INFORMATION =
    *mut PROCESS_COMBINE_SECURITY_DOMAINS_INFORMATION;
STRUCT!{struct PROCESS_LOGGING_INFORMATION {
    Flags: ULONG,
    BitFields: ULONG,
}}
BITFIELD!{PROCESS_LOGGING_INFORMATION BitFields: ULONG [
    EnableReadVmLogging set_EnableReadVmLogging[0..1],
    EnableWriteVmLogging set_EnableWriteVmLogging[1..2],
    EnableProcessSuspendResumeLogging set_EnableProcessSuspendResumeLogging[2..3],
    EnableThreadSuspendResumeLogging set_EnableThreadSuspendResumeLogging[3..4],
    Reserved set_Reserved[4..32],
]}
pub type PPROCESS_LOGGING_INFORMATION = *mut PROCESS_LOGGING_INFORMATION;
STRUCT!{struct PROCESS_LEAP_SECOND_INFORMATION {
    Flags: ULONG,
    Reserved: ULONG,
}}
pub type PPROCESS_LEAP_SECOND_INFORMATION = *mut PROCESS_LEAP_SECOND_INFORMATION;
STRUCT!{struct THREAD_BASIC_INFORMATION {
    ExitStatus: NTSTATUS,
    TebBaseAddress: PTEB,
    ClientId: CLIENT_ID,
    AffinityMask: ULONG_PTR,
    Priority: KPRIORITY,
    BasePriority: LONG,
}}
pub type PTHREAD_BASIC_INFORMATION = *mut THREAD_BASIC_INFORMATION;
STRUCT!{struct THREAD_LAST_SYSCALL_INFORMATION {
    FirstArgument: PVOID,
    SystemCallNumber: USHORT,
    Pad: [USHORT; 1],
    WaitTime: ULONG64,
}}
pub type PTHREAD_LAST_SYSCALL_INFORMATION = *mut THREAD_LAST_SYSCALL_INFORMATION;
STRUCT!{struct THREAD_CYCLE_TIME_INFORMATION {
    AccumulatedCycles: ULONGLONG,
    CurrentCycleCount: ULONGLONG,
}}
pub type PTHREAD_CYCLE_TIME_INFORMATION = *mut THREAD_CYCLE_TIME_INFORMATION;
STRUCT!{struct THREAD_TEB_INFORMATION {
    TebInformation: PVOID,
    TebOffset: ULONG,
    BytesToRead: ULONG,
}}
pub type PTHREAD_TEB_INFORMATION = *mut THREAD_TEB_INFORMATION;
STRUCT!{struct COUNTER_READING {
    Type: HARDWARE_COUNTER_TYPE,
    Index: ULONG,
    Start: ULONG64,
    Total: ULONG64,
}}
pub type PCOUNTER_READING = *mut COUNTER_READING;
STRUCT!{struct THREAD_PERFORMANCE_DATA {
    Size: USHORT,
    Version: USHORT,
    ProcessorNumber: PROCESSOR_NUMBER,
    ContextSwitches: ULONG,
    HwCountersCount: ULONG,
    UpdateCount: ULONG64,
    WaitReasonBitMap: ULONG64,
    HardwareCounters: ULONG64,
    CycleTime: COUNTER_READING,
    HwCounters: [COUNTER_READING; MAX_HW_COUNTERS],
}}
pub type PTHREAD_PERFORMANCE_DATA = *mut THREAD_PERFORMANCE_DATA;
STRUCT!{struct THREAD_PROFILING_INFORMATION {
    HardwareCounters: ULONG64,
    Flags: ULONG,
    Enable: ULONG,
    PerformanceData: PTHREAD_PERFORMANCE_DATA,
}}
pub type PTHREAD_PROFILING_INFORMATION = *mut THREAD_PROFILING_INFORMATION;
#[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))]
STRUCT!{#[repr(align(16))] struct RTL_UMS_CONTEXT {
    Link: SINGLE_LIST_ENTRY,
    __padding: u64,
    Context: CONTEXT,
    Teb: PVOID,
    UserContext: PVOID,
    ScheduledThread: ULONG,
    Suspended: ULONG,
    VolatileContext: ULONG,
    Terminated: ULONG,
    DebugActive: ULONG,
    RunningOnSelfThread: ULONG,
    DenyRunningOnSelfThread: ULONG,
    Flags: LONG,
    KernelUpdateLock: ULONG64,
    PrimaryClientID: ULONG64,
    ContextLock: ULONG64,
    PrimaryUmsContext: *mut RTL_UMS_CONTEXT,
    SwitchCount: ULONG,
    KernelYieldCount: ULONG,
    MixedYieldCount: ULONG,
    YieldCount: ULONG,
}}
#[cfg(target_arch = "x86")]
STRUCT!{struct RTL_UMS_CONTEXT {
    Link: SINGLE_LIST_ENTRY,
    Context: CONTEXT,
    Teb: PVOID,
    UserContext: PVOID,
    ScheduledThread: ULONG,
    Suspended: ULONG,
    VolatileContext: ULONG,
    Terminated: ULONG,
    DebugActive: ULONG,
    RunningOnSelfThread: ULONG,
    DenyRunningOnSelfThread: ULONG,
    Flags: LONG,
    KernelUpdateLock: ULONG64,
    PrimaryClientID: ULONG64,
    ContextLock: ULONG64,
    PrimaryUmsContext: *mut RTL_UMS_CONTEXT,
    SwitchCount: ULONG,
    KernelYieldCount: ULONG,
    MixedYieldCount: ULONG,
    YieldCount: ULONG,
    __padding: u32,
}}
pub type PRTL_UMS_CONTEXT = *mut RTL_UMS_CONTEXT;
ENUM!{enum THREAD_UMS_INFORMATION_COMMAND {
    UmsInformationCommandInvalid = 0,
    UmsInformationCommandAttach = 1,
    UmsInformationCommandDetach = 2,
    UmsInformationCommandQuery = 3,
}}
STRUCT!{struct RTL_UMS_COMPLETION_LIST {
    ThreadListHead: PSINGLE_LIST_ENTRY,
    CompletionEvent: PVOID,
    CompletionFlags: ULONG,
    InternalListHead: SINGLE_LIST_ENTRY,
}}
pub type PRTL_UMS_COMPLETION_LIST = *mut RTL_UMS_COMPLETION_LIST;
STRUCT!{struct THREAD_UMS_INFORMATION {
    Command: THREAD_UMS_INFORMATION_COMMAND,
    CompletionList: PRTL_UMS_COMPLETION_LIST,
    UmsContext: PRTL_UMS_CONTEXT,
    Flags: ULONG,
}}
BITFIELD!{THREAD_UMS_INFORMATION Flags: ULONG [
    IsUmsSchedulerThread set_IsUmsSchedulerThread[0..1],
    IsUmsWorkerThread set_IsUmsWorkerThread[1..2],
    SpareBits set_SpareBits[2..32],
]}
pub type PTHREAD_UMS_INFORMATION = *mut THREAD_UMS_INFORMATION;
STRUCT!{struct THREAD_NAME_INFORMATION {
    ThreadName: UNICODE_STRING,
}}
pub type PTHREAD_NAME_INFORMATION = *mut THREAD_NAME_INFORMATION;
ENUM!{enum SUBSYSTEM_INFORMATION_TYPE {
    SubsystemInformationTypeWin32 = 0,
    SubsystemInformationTypeWSL = 1,
    MaxSubsystemInformationType = 2,
}}
ENUM!{enum THREAD_WORKLOAD_CLASS {
    ThreadWorkloadClassDefault = 0,
    ThreadWorkloadClassGraphics = 1,
    MaxThreadWorkloadClass = 2,
}}
EXTERN!{extern "system" {
    fn NtCreateProcess(
        ProcessHandle: PHANDLE,
        DesiredAccess: ACCESS_MASK,
        ObjectAttributes: POBJECT_ATTRIBUTES,
        ParentProcess: HANDLE,
        InheritObjectTable: BOOLEAN,
        SectionHandle: HANDLE,
        DebugPort: HANDLE,
        ExceptionPort: HANDLE,
    ) -> NTSTATUS;
}}
pub const PROCESS_CREATE_FLAGS_BREAKAWAY: ULONG = 0x00000001;
pub const PROCESS_CREATE_FLAGS_NO_DEBUG_INHERIT: ULONG = 0x00000002;
pub const PROCESS_CREATE_FLAGS_INHERIT_HANDLES: ULONG = 0x00000004;
pub const PROCESS_CREATE_FLAGS_OVERRIDE_ADDRESS_SPACE: ULONG = 0x00000008;
pub const PROCESS_CREATE_FLAGS_LARGE_PAGES: ULONG = 0x00000010;
EXTERN!{extern "system" {
    fn NtCreateProcessEx(
        ProcessHandle: PHANDLE,
        DesiredAccess: ACCESS_MASK,
        ObjectAttributes: POBJECT_ATTRIBUTES,
        ParentProcess: HANDLE,
        Flags: ULONG,
        SectionHandle: HANDLE,
        DebugPort: HANDLE,
        ExceptionPort: HANDLE,
        JobMemberLevel: ULONG,
    ) -> NTSTATUS;
    fn NtOpenProcess(
        ProcessHandle: PHANDLE,
        DesiredAccess: ACCESS_MASK,
        ObjectAttributes: POBJECT_ATTRIBUTES,
        ClientId: PCLIENT_ID,
    ) -> NTSTATUS;
    fn NtTerminateProcess(
        ProcessHandle: HANDLE,
        ExitStatus: NTSTATUS,
    ) -> NTSTATUS;
    fn NtSuspendProcess(
        ProcessHandle: HANDLE,
    ) -> NTSTATUS;
    fn NtResumeProcess(
        ProcessHandle: HANDLE,
    ) -> NTSTATUS;
}}
pub const NtCurrentProcess: HANDLE = -1isize as *mut c_void;
pub const ZwCurrentProcess: HANDLE = NtCurrentProcess;
pub const NtCurrentThread: HANDLE = -2isize as *mut c_void;
pub const ZwCurrentThread: HANDLE = NtCurrentThread;
pub const NtCurrentSession: HANDLE = -3isize as *mut c_void;
pub const ZwCurrentSession: HANDLE = NtCurrentSession;
#[inline] #[cfg(all(feature = "beta", not(target_arch = "aarch64")))]
pub unsafe fn NtCurrentPeb() -> PPEB {
    (*NtCurrentTeb()).ProcessEnvironmentBlock
}
pub const NtCurrentProcessToken: HANDLE = -4isize as *mut c_void;
pub const NtCurrentThreadToken: HANDLE = -5isize as *mut c_void;
pub const NtCurrentEffectiveToken: HANDLE = -6isize as *mut c_void;
pub const NtCurrentSilo: HANDLE = -1isize as *mut c_void;
#[inline] #[cfg(all(feature = "beta", not(target_arch = "aarch64")))]
pub unsafe fn NtCurrentProcessId() -> HANDLE {
    (*NtCurrentTeb()).ClientId.UniqueProcess
}
#[inline] #[cfg(all(feature = "beta", not(target_arch = "aarch64")))]
pub unsafe fn NtCurrentThreadId() -> HANDLE {
    (*NtCurrentTeb()).ClientId.UniqueThread
}
EXTERN!{extern "system" {
    fn NtQueryInformationProcess(
        ProcessHandle: HANDLE,
        ProcessInformationClass: PROCESSINFOCLASS,
        ProcessInformation: PVOID,
        ProcessInformationLength: ULONG,
        ReturnLength: PULONG,
    ) -> NTSTATUS;
    fn NtGetNextProcess(
        ProcessHandle: HANDLE,
        DesiredAccess: ACCESS_MASK,
        HandleAttributes: ULONG,
        Flags: ULONG,
        NewProcessHandle: PHANDLE,
    ) -> NTSTATUS;
    fn NtGetNextThread(
        ProcessHandle: HANDLE,
        ThreadHandle: HANDLE,
        DesiredAccess: ACCESS_MASK,
        HandleAttributes: ULONG,
        Flags: ULONG,
        NewThreadHandle: PHANDLE,
    ) -> NTSTATUS;
    fn NtSetInformationProcess(
        ProcessHandle: HANDLE,
        ProcessInformationClass: PROCESSINFOCLASS,
        ProcessInformation: PVOID,
        ProcessInformationLength: ULONG,
    ) -> NTSTATUS;
    fn NtQueryPortInformationProcess() -> NTSTATUS;
    fn NtCreateThread(
        ThreadHandle: PHANDLE,
        DesiredAccess: ACCESS_MASK,
        ObjectAttributes: POBJECT_ATTRIBUTES,
        ProcessHandle: HANDLE,
        ClientId: PCLIENT_ID,
        ThreadContext: PCONTEXT,
        InitialTeb: PINITIAL_TEB,
        CreateSuspended: BOOLEAN,
    ) -> NTSTATUS;
    fn NtOpenThread(
        ThreadHandle: PHANDLE,
        DesiredAccess: ACCESS_MASK,
        ObjectAttributes: POBJECT_ATTRIBUTES,
        ClientId: PCLIENT_ID,
    ) -> NTSTATUS;
    fn NtTerminateThread(
        ThreadHandle: HANDLE,
        ExitStatus: NTSTATUS,
    ) -> NTSTATUS;
    fn NtSuspendThread(
        ThreadHandle: HANDLE,
        PreviousSuspendCount: PULONG,
    ) -> NTSTATUS;
    fn NtResumeThread(
        ThreadHandle: HANDLE,
        PreviousSuspendCount: PULONG,
    ) -> NTSTATUS;
    fn NtGetCurrentProcessorNumber() -> ULONG;
    fn NtGetContextThread(
        ThreadHandle: HANDLE,
        ThreadContext: PCONTEXT,
    ) -> NTSTATUS;
    fn NtSetContextThread(
        ThreadHandle: HANDLE,
        ThreadContext: PCONTEXT,
    ) -> NTSTATUS;
    fn NtQueryInformationThread(
        ThreadHandle: HANDLE,
        ThreadInformationClass: THREADINFOCLASS,
        ThreadInformation: PVOID,
        ThreadInformationLength: ULONG,
        ReturnLength: PULONG,
    ) -> NTSTATUS;
    fn NtSetInformationThread(
        ThreadHandle: HANDLE,
        ThreadInformationClass: THREADINFOCLASS,
        ThreadInformation: PVOID,
        ThreadInformationLength: ULONG,
    ) -> NTSTATUS;
    fn NtAlertThread(
        ThreadHandle: HANDLE,
    ) -> NTSTATUS;
    fn NtAlertResumeThread(
        ThreadHandle: HANDLE,
        PreviousSuspendCount: PULONG,
    ) -> NTSTATUS;
    fn NtTestAlert() -> NTSTATUS;
    fn NtImpersonateThread(
        ServerThreadHandle: HANDLE,
        ClientThreadHandle: HANDLE,
        SecurityQos: PSECURITY_QUALITY_OF_SERVICE,
    ) -> NTSTATUS;
    fn NtRegisterThreadTerminatePort(
        PortHandle: HANDLE,
    ) -> NTSTATUS;
    fn NtSetLdtEntries(
        Selector0: ULONG,
        Entry0Low: ULONG,
        Entry0Hi: ULONG,
        Selector1: ULONG,
        Entry1Low: ULONG,
        Entry1Hi: ULONG,
    ) -> NTSTATUS;
}}
FN!{cdecl PPS_APC_ROUTINE(
    ApcArgument1: PVOID,
    ApcArgument2: PVOID,
    ApcArgument3: PVOID,
) -> ()}
EXTERN!{extern "system" {
    fn NtQueueApcThread(
        ThreadHandle: HANDLE,
        ApcRoutine: PPS_APC_ROUTINE,
        ApcArgument1: PVOID,
        ApcArgument2: PVOID,
        ApcArgument3: PVOID,
    ) -> NTSTATUS;
}}
pub const APC_FORCE_THREAD_SIGNAL: HANDLE = 1 as *mut c_void;
EXTERN!{extern "system" {
    fn NtQueueApcThreadEx(
        ThreadHandle: HANDLE,
        UserApcReserveHandle: HANDLE,
        ApcRoutine: PPS_APC_ROUTINE,
        ApcArgument1: PVOID,
        ApcArgument2: PVOID,
        ApcArgument3: PVOID,
    ) -> NTSTATUS;
    fn NtAlertThreadByThreadId(
        ThreadId: HANDLE,
    ) -> NTSTATUS;
    fn NtWaitForAlertByThreadId(
        Address: PVOID,
        Timeout: PLARGE_INTEGER,
    ) -> NTSTATUS;
}}
pub const PS_ATTRIBUTE_NUMBER_MASK: u32 = 0x0000ffff;
pub const PS_ATTRIBUTE_THREAD: u32 = 0x00010000;
pub const PS_ATTRIBUTE_INPUT: u32 = 0x00020000;
pub const PS_ATTRIBUTE_ADDITIVE: u32 = 0x00040000;
ENUM!{enum PS_ATTRIBUTE_NUM {
    PsAttributeParentProcess = 0,
    PsAttributeDebugPort = 1,
    PsAttributeToken = 2,
    PsAttributeClientId = 3,
    PsAttributeTebAddress = 4,
    PsAttributeImageName = 5,
    PsAttributeImageInfo = 6,
    PsAttributeMemoryReserve = 7,
    PsAttributePriorityClass = 8,
    PsAttributeErrorMode = 9,
    PsAttributeStdHandleInfo = 10,
    PsAttributeHandleList = 11,
    PsAttributeGroupAffinity = 12,
    PsAttributePreferredNode = 13,
    PsAttributeIdealProcessor = 14,
    PsAttributeUmsThread = 15,
    PsAttributeMitigationOptions = 16,
    PsAttributeProtectionLevel = 17,
    PsAttributeSecureProcess = 18,
    PsAttributeJobList = 19,
    PsAttributeChildProcessPolicy = 20,
    PsAttributeAllApplicationPackagesPolicy = 21,
    PsAttributeWin32kFilter = 22,
    PsAttributeSafeOpenPromptOriginClaim = 23,
    PsAttributeBnoIsolation = 24,
    PsAttributeDesktopAppPolicy = 25,
    PsAttributeChpe = 26,
    PsAttributeMax = 27,
}}
#[inline]
pub const fn PsAttributeValue(
    Number: PS_ATTRIBUTE_NUM,
    Thread: bool,
    Input: bool,
    Additive: bool,
) -> ULONG_PTR { //fixme
    (Number & PS_ATTRIBUTE_NUMBER_MASK | [0, PS_ATTRIBUTE_THREAD][Thread as usize]
    | [0, PS_ATTRIBUTE_INPUT][Input as usize] | [0, PS_ATTRIBUTE_ADDITIVE][Additive as usize]
    ) as usize
}
pub const PS_ATTRIBUTE_PARENT_PROCESS: ULONG_PTR = 0x00060000;
pub const PS_ATTRIBUTE_DEBUG_PORT: ULONG_PTR = 0x00060001;
pub const PS_ATTRIBUTE_TOKEN: ULONG_PTR = 0x00060002;
pub const PS_ATTRIBUTE_CLIENT_ID: ULONG_PTR = 0x00010003;
pub const PS_ATTRIBUTE_TEB_ADDRESS: ULONG_PTR = 0x00010004;
pub const PS_ATTRIBUTE_IMAGE_NAME: ULONG_PTR = 0x00020005;
pub const PS_ATTRIBUTE_IMAGE_INFO: ULONG_PTR = 0x00000006;
pub const PS_ATTRIBUTE_MEMORY_RESERVE: ULONG_PTR = 0x00020007;
pub const PS_ATTRIBUTE_PRIORITY_CLASS: ULONG_PTR = 0x00020008;
pub const PS_ATTRIBUTE_ERROR_MODE: ULONG_PTR = 0x00020009;
pub const PS_ATTRIBUTE_STD_HANDLE_INFO: ULONG_PTR = 0x0002000a;
pub const PS_ATTRIBUTE_HANDLE_LIST: ULONG_PTR = 0x0002000b;
pub const PS_ATTRIBUTE_GROUP_AFFINITY: ULONG_PTR = 0x0003000c;
pub const PS_ATTRIBUTE_PREFERRED_NODE: ULONG_PTR = 0x0002000d;
pub const PS_ATTRIBUTE_IDEAL_PROCESSOR: ULONG_PTR = 0x0003000e;
pub const PS_ATTRIBUTE_UMS_THREAD: ULONG_PTR = 0x0003000f;
pub const PS_ATTRIBUTE_MITIGATION_OPTIONS: ULONG_PTR = 0x00060010;
pub const PS_ATTRIBUTE_PROTECTION_LEVEL: ULONG_PTR = 0x00060011;
pub const PS_ATTRIBUTE_SECURE_PROCESS: ULONG_PTR = 0x00020012;
pub const PS_ATTRIBUTE_JOB_LIST: ULONG_PTR = 0x00020013;
pub const PS_ATTRIBUTE_CHILD_PROCESS_POLICY: ULONG_PTR = 0x00020014;
pub const PS_ATTRIBUTE_ALL_APPLICATION_PACKAGES_POLICY: ULONG_PTR = 0x00020015;
pub const PS_ATTRIBUTE_WIN32K_FILTER: ULONG_PTR = 0x00020016;
pub const PS_ATTRIBUTE_SAFE_OPEN_PROMPT_ORIGIN_CLAIM: ULONG_PTR = 0x00020017;
pub const PS_ATTRIBUTE_BNO_ISOLATION: ULONG_PTR = 0x00020018;
pub const PS_ATTRIBUTE_DESKTOP_APP_POLICY: ULONG_PTR = 0x00020019;
UNION!{union PS_ATTRIBUTE_u {
    Value: ULONG_PTR,
    ValuePtr: PVOID,
}}
STRUCT!{struct PS_ATTRIBUTE {
    Attribute: ULONG_PTR,
    Size: SIZE_T,
    u: PS_ATTRIBUTE_u,
    ReturnLength: PSIZE_T,
}}
pub type PPS_ATTRIBUTE = *mut PS_ATTRIBUTE;
STRUCT!{struct PS_ATTRIBUTE_LIST {
    TotalLength: SIZE_T,
    Attributes: [PS_ATTRIBUTE; 1],
}}
pub type PPS_ATTRIBUTE_LIST = *mut PS_ATTRIBUTE_LIST;
STRUCT!{struct PS_MEMORY_RESERVE {
    ReserveAddress: PVOID,
    ReserveSize: SIZE_T,
}}
pub type PPS_MEMORY_RESERVE = *mut PS_MEMORY_RESERVE;
ENUM!{enum PS_STD_HANDLE_STATE {
    PsNeverDuplicate = 0,
    PsRequestDuplicate = 1,
    PsAlwaysDuplicate = 2,
    PsMaxStdHandleStates = 3,
}}
pub const PS_STD_INPUT_HANDLE: u32 = 0x1;
pub const PS_STD_OUTPUT_HANDLE: u32 = 0x2;
pub const PS_STD_ERROR_HANDLE: u32 = 0x4;
STRUCT!{struct PS_STD_HANDLE_INFO {
    Flags: ULONG,
    StdHandleSubsystemType: ULONG,
}}
pub type PPS_STD_HANDLE_INFO = *mut PS_STD_HANDLE_INFO;
BITFIELD!{PS_STD_HANDLE_INFO Flags: ULONG [
    StdHandleState set_StdHandleState[0..2],
    PseudoHandleMask set_PseudoHandleMask[2..5],
]}
STRUCT!{struct PS_BNO_ISOLATION_PARAMETERS {
    IsolationPrefix: UNICODE_STRING,
    HandleCount: ULONG,
    Handles: *mut PVOID,
    IsolationEnabled: BOOLEAN,
}}
pub type PPS_BNO_ISOLATION_PARAMETERS = *mut PS_BNO_ISOLATION_PARAMETERS;
ENUM!{enum PS_MITIGATION_OPTION {
    PS_MITIGATION_OPTION_NX = 0,
    PS_MITIGATION_OPTION_SEHOP = 1,
    PS_MITIGATION_OPTION_FORCE_RELOCATE_IMAGES = 2,
    PS_MITIGATION_OPTION_HEAP_TERMINATE = 3,
    PS_MITIGATION_OPTION_BOTTOM_UP_ASLR = 4,
    PS_MITIGATION_OPTION_HIGH_ENTROPY_ASLR = 5,
    PS_MITIGATION_OPTION_STRICT_HANDLE_CHECKS = 6,
    PS_MITIGATION_OPTION_WIN32K_SYSTEM_CALL_DISABLE = 7,
    PS_MITIGATION_OPTION_EXTENSION_POINT_DISABLE = 8,
    PS_MITIGATION_OPTION_PROHIBIT_DYNAMIC_CODE = 9,
    PS_MITIGATION_OPTION_CONTROL_FLOW_GUARD = 10,
    PS_MITIGATION_OPTION_BLOCK_NON_MICROSOFT_BINARIES = 11,
    PS_MITIGATION_OPTION_FONT_DISABLE = 12,
    PS_MITIGATION_OPTION_IMAGE_LOAD_NO_REMOTE = 13,
    PS_MITIGATION_OPTION_IMAGE_LOAD_NO_LOW_LABEL = 14,
    PS_MITIGATION_OPTION_IMAGE_LOAD_PREFER_SYSTEM32 = 15,
    PS_MITIGATION_OPTION_RETURN_FLOW_GUARD = 16,
    PS_MITIGATION_OPTION_LOADER_INTEGRITY_CONTINUITY = 17,
    PS_MITIGATION_OPTION_STRICT_CONTROL_FLOW_GUARD = 18,
    PS_MITIGATION_OPTION_RESTRICT_SET_THREAD_CONTEXT = 19,
    PS_MITIGATION_OPTION_ROP_STACKPIVOT = 20,
    PS_MITIGATION_OPTION_ROP_CALLER_CHECK = 21,
    PS_MITIGATION_OPTION_ROP_SIMEXEC = 22,
    PS_MITIGATION_OPTION_EXPORT_ADDRESS_FILTER = 23,
    PS_MITIGATION_OPTION_EXPORT_ADDRESS_FILTER_PLUS = 24,
    PS_MITIGATION_OPTION_RESTRICT_CHILD_PROCESS_CREATION = 25,
    PS_MITIGATION_OPTION_IMPORT_ADDRESS_FILTER = 26,
    PS_MITIGATION_OPTION_MODULE_TAMPERING_PROTECTION = 27,
    PS_MITIGATION_OPTION_RESTRICT_INDIRECT_BRANCH_PREDICTION = 28,
    PS_MITIGATION_OPTION_SPECULATIVE_STORE_BYPASS_DISABLE = 29,
    PS_MITIGATION_OPTION_ALLOW_DOWNGRADE_DYNAMIC_CODE_POLICY = 30,
    PS_MITIGATION_OPTION_CET_SHADOW_STACKS = 31,
}}
ENUM!{enum PS_CREATE_STATE {
    PsCreateInitialState = 0,
    PsCreateFailOnFileOpen = 1,
    PsCreateFailOnSectionCreate = 2,
    PsCreateFailExeFormat = 3,
    PsCreateFailMachineMismatch = 4,
    PsCreateFailExeName = 5,
    PsCreateSuccess = 6,
    PsCreateMaximumStates = 7,
}}
STRUCT!{struct PS_CREATE_INFO_u_InitState {
    InitFlags: ULONG,
    AdditionalFileAccess: ACCESS_MASK,
}}
BITFIELD!{PS_CREATE_INFO_u_InitState InitFlags: ULONG [
    WriteOutputOnExit set_WriteOutputOnExit[0..1],
    DetectManifest set_DetectManifest[1..2],
    IFEOSkipDebugger set_IFEOSkipDebugger[2..3],
    IFEODoNotPropagateKeyState set_IFEODoNotPropagateKeyState[3..4],
    SpareBits1 set_SpareBits1[4..8],
    SpareBits2 set_SpareBits2[8..16],
    ProhibitedImageCharacteristics set_ProhibitedImageCharacteristics[16..32],
]}
STRUCT!{struct PS_CREATE_INFO_u_SuccessState {
    OutputFlags: ULONG,
    FileHandle: HANDLE,
    SectionHandle: HANDLE,
    UserProcessParametersNative: ULONGLONG,
    UserProcessParametersWow64: ULONG,
    CurrentParameterFlags: ULONG,
    PebAddressNative: ULONGLONG,
    PebAddressWow64: ULONG,
    ManifestAddress: ULONGLONG,
    ManifestSize: ULONG,
}}
BITFIELD!{PS_CREATE_INFO_u_SuccessState OutputFlags: ULONG [
    ProtectedProcess set_ProtectedProcess[0..1],
    AddressSpaceOverride set_AddressSpaceOverride[1..2],
    DevOverrideEnabled set_DevOverrideEnabled[2..3],
    ManifestDetected set_ManifestDetected[3..4],
    ProtectedProcessLight set_ProtectedProcessLight[4..5],
    SpareBits1 set_SpareBits1[5..8],
    SpareBits2 set_SpareBits2[8..16],
    SpareBits3 set_SpareBits3[16..32],
]}
UNION!{union PS_CREATE_INFO_u {
    InitState: PS_CREATE_INFO_u_InitState,
    FileHandle: HANDLE,
    DllCharacteristics: USHORT,
    IFEOKey: HANDLE,
    SuccessState: PS_CREATE_INFO_u_SuccessState,
}}
STRUCT!{struct PS_CREATE_INFO {
    Size: SIZE_T,
    State: PS_CREATE_STATE,
    u: PS_CREATE_INFO_u,
}}
pub type PPS_CREATE_INFO = *mut PS_CREATE_INFO;
pub const PROCESS_CREATE_FLAGS_LARGE_PAGE_SYSTEM_DLL: ULONG = 0x00000020;
pub const PROCESS_CREATE_FLAGS_PROTECTED_PROCESS: ULONG = 0x00000040;
pub const PROCESS_CREATE_FLAGS_CREATE_SESSION: ULONG = 0x00000080;
pub const PROCESS_CREATE_FLAGS_INHERIT_FROM_PARENT: ULONG = 0x00000100;
pub const PROCESS_CREATE_FLAGS_SUSPENDED: ULONG = 0x00000200;
pub const PROCESS_CREATE_FLAGS_EXTENDED_UNKNOWN: ULONG = 0x00000400;
EXTERN!{extern "system" {
    fn NtCreateUserProcess(
        ProcessHandle: PHANDLE,
        ThreadHandle: PHANDLE,
        ProcessDesiredAccess: ACCESS_MASK,
        ThreadDesiredAccess: ACCESS_MASK,
        ProcessObjectAttributes: POBJECT_ATTRIBUTES,
        ThreadObjectAttributes: POBJECT_ATTRIBUTES,
        ProcessFlags: ULONG,
        ThreadFlags: ULONG,
        ProcessParameters: PVOID,
        CreateInfo: PPS_CREATE_INFO,
        AttributeList: PPS_ATTRIBUTE_LIST,
    ) -> NTSTATUS;
}}
pub const THREAD_CREATE_FLAGS_CREATE_SUSPENDED: ULONG = 0x00000001;
pub const THREAD_CREATE_FLAGS_SKIP_THREAD_ATTACH: ULONG = 0x00000002;
pub const THREAD_CREATE_FLAGS_HIDE_FROM_DEBUGGER: ULONG = 0x00000004;
pub const THREAD_CREATE_FLAGS_HAS_SECURITY_DESCRIPTOR: ULONG = 0x00000010;
pub const THREAD_CREATE_FLAGS_ACCESS_CHECK_IN_TARGET: ULONG = 0x00000020;
pub const THREAD_CREATE_FLAGS_INITIAL_THREAD: ULONG = 0x00000080;
EXTERN!{extern "system" {
    fn NtCreateThreadEx(
        ThreadHandle: PHANDLE,
        DesiredAccess: ACCESS_MASK,
        ObjectAttributes: POBJECT_ATTRIBUTES,
        ProcessHandle: HANDLE,
        StartRoutine: PVOID,
        Argument: PVOID,
        CreateFlags: ULONG,
        ZeroBits: SIZE_T,
        StackSize: SIZE_T,
        MaximumStackSize: SIZE_T,
        AttributeList: PPS_ATTRIBUTE_LIST,
    ) -> NTSTATUS;
}}
STRUCT!{struct JOBOBJECT_EXTENDED_ACCOUNTING_INFORMATION {
    BasicInfo: JOBOBJECT_BASIC_ACCOUNTING_INFORMATION,
    IoInfo: IO_COUNTERS,
    DiskIoInfo: PROCESS_DISK_COUNTERS,
    ContextSwitches: ULONG64,
    TotalCycleTime: LARGE_INTEGER,
    ReadyTime: ULONG64,
    EnergyValues: PROCESS_ENERGY_VALUES,
}}
pub type PJOBOBJECT_EXTENDED_ACCOUNTING_INFORMATION =
    *mut JOBOBJECT_EXTENDED_ACCOUNTING_INFORMATION;
STRUCT!{struct JOBOBJECT_WAKE_INFORMATION {
    NotificationChannel: HANDLE,
    WakeCounters: [ULONG64; 7],
}}
pub type PJOBOBJECT_WAKE_INFORMATION = *mut JOBOBJECT_WAKE_INFORMATION;
STRUCT!{struct JOBOBJECT_WAKE_INFORMATION_V1 {
    NotificationChannel: HANDLE,
    WakeCounters: [ULONG64; 4],
}}
pub type PJOBOBJECT_WAKE_INFORMATION_V1 = *mut JOBOBJECT_WAKE_INFORMATION_V1;
STRUCT!{struct JOBOBJECT_INTERFERENCE_INFORMATION {
    Count: ULONG64,
}}
pub type PJOBOBJECT_INTERFERENCE_INFORMATION = *mut JOBOBJECT_INTERFERENCE_INFORMATION;
STRUCT!{struct JOBOBJECT_WAKE_FILTER {
    HighEdgeFilter: ULONG,
    LowEdgeFilter: ULONG,
}}
pub type PJOBOBJECT_WAKE_FILTER = *mut JOBOBJECT_WAKE_FILTER;
STRUCT!{struct JOBOBJECT_FREEZE_INFORMATION {
    Flags: ULONG,
    Freeze: BOOLEAN,
    Swap: BOOLEAN,
    Reserved0: [UCHAR; 2],
    WakeFilter: JOBOBJECT_WAKE_FILTER,
}}
pub type PJOBOBJECT_FREEZE_INFORMATION = *mut JOBOBJECT_FREEZE_INFORMATION;
BITFIELD!{JOBOBJECT_FREEZE_INFORMATION Flags: ULONG [
    FreezeOperation set_FreezeOperation[0..1],
    FilterOperation set_FilterOperation[1..2],
    SwapOperation set_SwapOperation[2..3],
    Reserved set_Reserved[3..32],
]}
STRUCT!{struct JOBOBJECT_MEMORY_USAGE_INFORMATION {
    JobMemory: ULONG64,
    PeakJobMemoryUsed: ULONG64,
}}
pub type PJOBOBJECT_MEMORY_USAGE_INFORMATION = *mut JOBOBJECT_MEMORY_USAGE_INFORMATION;
STRUCT!{struct JOBOBJECT_MEMORY_USAGE_INFORMATION_V2 {
    BasicInfo: JOBOBJECT_MEMORY_USAGE_INFORMATION,
    JobSharedMemory: ULONG64,
    Reserved: [ULONG64; 2],
}}
pub type PJOBOBJECT_MEMORY_USAGE_INFORMATION_V2 = *mut JOBOBJECT_MEMORY_USAGE_INFORMATION_V2;
STRUCT!{struct SILO_USER_SHARED_DATA {
    ServiceSessionId: ULONG64,
    ActiveConsoleId: ULONG,
    ConsoleSessionForegroundProcessId: LONGLONG,
    NtProductType: NT_PRODUCT_TYPE,
    SuiteMask: ULONG,
    SharedUserSessionId: ULONG,
    IsMultiSessionSku: BOOLEAN,
    NtSystemRoot: [WCHAR; 260],
    UserModeGlobalLogger: [USHORT; 16],
}}
pub type PSILO_USER_SHARED_DATA = *mut SILO_USER_SHARED_DATA;
STRUCT!{struct SILOOBJECT_ROOT_DIRECTORY {
    ControlFlags: ULONG,
    Path: UNICODE_STRING,
}}
pub type PSILOOBJECT_ROOT_DIRECTORY = *mut SILOOBJECT_ROOT_DIRECTORY;
STRUCT!{struct JOBOBJECT_ENERGY_TRACKING_STATE {
    Value: ULONG64,
    UpdateMask: ULONG,
    DesiredState: ULONG,
}}
pub type PJOBOBJECT_ENERGY_TRACKING_STATE = *mut JOBOBJECT_ENERGY_TRACKING_STATE;
EXTERN!{extern "system" {
    fn NtCreateJobObject(
        JobHandle: PHANDLE,
        DesiredAccess: ACCESS_MASK,
        ObjectAttributes: POBJECT_ATTRIBUTES,
    ) -> NTSTATUS;
    fn NtOpenJobObject(
        JobHandle: PHANDLE,
        DesiredAccess: ACCESS_MASK,
        ObjectAttributes: POBJECT_ATTRIBUTES,
    ) -> NTSTATUS;
    fn NtAssignProcessToJobObject(
        JobHandle: HANDLE,
        ProcessHandle: HANDLE,
    ) -> NTSTATUS;
    fn NtTerminateJobObject(
        JobHandle: HANDLE,
        ExitStatus: NTSTATUS,
    ) -> NTSTATUS;
    fn NtIsProcessInJob(
        ProcessHandle: HANDLE,
        JobHandle: HANDLE,
    ) -> NTSTATUS;
    fn NtQueryInformationJobObject(
        JobHandle: HANDLE,
        JobObjectInformationClass: JOBOBJECTINFOCLASS,
        JobObjectInformation: PVOID,
        JobObjectInformationLength: ULONG,
        ReturnLength: PULONG,
    ) -> NTSTATUS;
    fn NtSetInformationJobObject(
        JobHandle: HANDLE,
        JobObjectInformationClass: JOBOBJECTINFOCLASS,
        JobObjectInformation: PVOID,
        JobObjectInformationLength: ULONG,
    ) -> NTSTATUS;
    fn NtCreateJobSet(
        NumJob: ULONG,
        UserJobSet: PJOB_SET_ARRAY,
        Flags: ULONG,
    ) -> NTSTATUS;
    fn NtRevertContainerImpersonation() -> NTSTATUS;
}}
ENUM!{enum MEMORY_RESERVE_TYPE {
    MemoryReserveUserApc = 0,
    MemoryReserveIoCompletion = 1,
    MemoryReserveTypeMax = 2,
}}
EXTERN!{extern "system" {
    fn NtAllocateReserveObject(
        MemoryReserveHandle: PHANDLE,
        ObjectAttributes: POBJECT_ATTRIBUTES,
        Type: MEMORY_RESERVE_TYPE,
    ) -> NTSTATUS;
}}