[SYNC] Sync phnt

winsiderss/systeminformer@4107641

Author: RatinCN

Source/Include/KNSoft/NDK/NT/Etw.h

@@ -3733,61 +3733,100 @@ DEFINE_GUID(  /* e46eead8-0c54-4489-9898-8fa79d059e0e */
 //    0xae, 0xfc, 0xdc, 0x0f, 0x1d, 0x2f, 0xd2, 0x35
 //    );
 
+/**
+ * The ETW class GUID for file I/O events.
+ * \sa https://learn.microsoft.com/en-us/windows/win32/etw/fileio
+ */
 DEFINE_GUID( /* 90cbdc39-4a3e-11d1-84f4-0000f80464e3 */
     FileIoGuid,
     0x90cbdc39,
     0x4a3e,
     0x11d1,
     0x84, 0xf4, 0x00, 0x00, 0xf8, 0x04, 0x64, 0xe3
-);
+    );
 
+/**
+ * The ETW class GUID for image load events.
+ * \sa https://learn.microsoft.com/en-us/windows/win32/etw/image
+ */
 DEFINE_GUID( /* 2cb15d1d-5fc1-11d2-abe1-00a0c911f518 */
     ImageLoadGuid,
     0x2cb15d1d,
     0x5fc1,
     0x11d2,
     0xab, 0xe1, 0x00, 0xa0, 0xc9, 0x11, 0xf5, 0x18
-);
+    );
 
+/**
+ * The ETW class GUID for page fault events.
+ * \sa https://learn.microsoft.com/en-us/windows/win32/etw/pagefault-v2
+ */
 DEFINE_GUID( /* 3d6fa8d3-fe05-11d0-9dda-00c04fd7ba7c */
     PageFaultGuid,
     0x3d6fa8d3,
     0xfe05,
     0x11d0,
     0x9d, 0xda, 0x00, 0xc0, 0x4f, 0xd7, 0xba, 0x7c
-);
+    );
 
+/**
+ * The ETW class GUID for registry events.
+ * \sa https://learn.microsoft.com/en-us/windows/win32/etw/registry
+ */
 DEFINE_GUID( /* AE53722E-C863-11d2-8659-00C04FA321A1 */
     RegistryGuid,
     0xae53722e,
     0xc863,
     0x11d2,
     0x86, 0x59, 0x0, 0xc0, 0x4f, 0xa3, 0x21, 0xa1
-);
+    );
 
+/**
+ * The ETW class GUID for TCP/IP events.
+ * \sa https://learn.microsoft.com/en-us/windows/win32/etw/tcpip
+ */
 DEFINE_GUID( /* 9a280ac0-c8e0-11d1-84e2-00c04fb998a2 */
     TcpIpGuid,
     0x9a280ac0,
     0xc8e0,
     0x11d1,
     0x84, 0xe2, 0x00, 0xc0, 0x4f, 0xb9, 0x98, 0xa2
-);
+    );
 
+/**
+ * The ETW class GUID for thread events.
+ * \sa https://learn.microsoft.com/en-us/windows/win32/etw/thread
+ */
 DEFINE_GUID( /* 3d6fa8d1-fe05-11d0-9dda-00c04fd7ba7c */
     ThreadGuid,
     0x3d6fa8d1,
     0xfe05,
     0x11d0,
     0x9d, 0xda, 0x00, 0xc0, 0x4f, 0xd7, 0xba, 0x7c
-);
+    );
 
+/**
+ * The ETW class GUID for UDP/IP events.
+ * \sa https://learn.microsoft.com/en-us/windows/win32/etw/udpip
+ */
 DEFINE_GUID( /* bf3a50c5-a9c9-4988-a005-2df0b7c80f80 */
     UdpIpGuid,
     0xbf3a50c5,
     0xa9c9,
     0x4988,
     0xa0, 0x05, 0x2d, 0xf0, 0xb7, 0xc8, 0x0f, 0x80
-);
+    );
+
+/**
+ * The ETW class GUID for Intel Processor Trace (IPT) events.
+ */
+DEFINE_GUID( /* ff1fd2fd-6008-42bb-9e75-00a20051f3be */
+    IptGuid,
+    0xff1fd2fd,
+    0x6008,
+    0x42bb,
+    0x9e, 0x75, 0x00, 0xa2, 0x00, 0x51, 0xf3, 0xbe
+    );
 
 //
 // ThreadPool Events

Source/Include/KNSoft/NDK/NT/Ex/Atom.h

@@ -8,6 +8,18 @@ EXTERN_C_START
 
 typedef USHORT RTL_ATOM, *PRTL_ATOM;
 
+/**
+ * The NtAddAtom routine adds a Unicode string to the system atom table and
+ * returns the corresponding atom identifier.
+ *
+ * \param AtomName A pointer to a Unicode string containing the atom name.
+ * \param Length The length, in bytes, of the string pointed to by AtomName.
+ * \param Atom An optional pointer that receives the resulting atom identifier.
+ * \return NTSTATUS Successful or errant status.
+ * \remarks If the atom already exists, its reference count is incremented and
+ * the existing atom identifier is returned.
+ * \see https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-addatomw
+ */
 NTSYSCALLAPI
 NTSTATUS
 NTAPI
@@ -18,8 +30,33 @@ NtAddAtom(
 
 #if (NTDDI_VERSION >= NTDDI_WIN8)
 
+/**
+ * ATOM_FLAG_NONE indicates that the atom being created should be placed in
+ * the session-local atom table rather than the global atom table.
+ */
+#define ATOM_FLAG_NONE 0x0
+/**
+ * ATOM_FLAG_GLOBAL indicates that the atom being created should be placed in
+ * the global atom table rather than the session-local table.
+ * \remarks This flag is only valid starting with Windows 8 and later.
+ */
 #define ATOM_FLAG_GLOBAL 0x2
 
+// rev
+/**
+ * The NtAddAtomEx routine adds a Unicode string to the system atom table with
+ * additional creation flags.
+ *
+ * \param AtomName A pointer to a Unicode string containing the atom name.
+ * \param Length The length, in bytes, of the string pointed to by AtomName.
+ * \param Atom An optional pointer that receives the resulting atom identifier.
+ * \param Flags A set of flags that control atom creation behavior.
+ * \return NTSTATUS Successful or errant status.
+ * \remarks ATOM_FLAG_GLOBAL may be used to create a global atom.
+ * Only ATOM_FLAG_GLOBAL and ATOM_FLAG_NONE are currently supported.
+ * Any other flag value results in STATUS_INVALID_PARAMETER.
+ * \see https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-addatomw
+ */
 NTSYSCALLAPI
 NTSTATUS
 NTAPI
@@ -31,6 +68,16 @@ NtAddAtomEx(
 
 #endif
 
+/**
+ * The NtFindAtom routine retrieves the atom identifier associated with a
+ * Unicode string in the system atom table.
+ *
+ * \param AtomName A pointer to a Unicode string containing the atom name.
+ * \param Length The length, in bytes, of the string pointed to by AtomName.
+ * \param Atom An optional pointer that receives the atom identifier if found.
+ * \return NTSTATUS Successful or errant status.
+ * \see https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-findatomw
+ */
 NTSYSCALLAPI
 NTSTATUS
 NTAPI
@@ -39,12 +86,26 @@ NtFindAtom(
     _In_ ULONG Length,
     _Out_opt_ PRTL_ATOM Atom);
 
+/**
+ * The NtDeleteAtom routine decrements the reference count of an atom and
+ * removes it from the system atom table when the count reaches zero.
+ *
+ * \param Atom The atom identifier to delete.
+ * \return NTSTATUS Successful or errant status.
+ * \remarks If the atom is still referenced elsewhere, it is not removed until
+ * its reference count reaches zero.
+ * \see https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-deleteatom
+ */
 NTSYSCALLAPI
 NTSTATUS
 NTAPI
 NtDeleteAtom(
     _In_ RTL_ATOM Atom);
 
+/**
+ * The ATOM_INFORMATION_CLASS enumeration specifies the type of information
+ * returned when querying atom table data.
+ */
 typedef enum _ATOM_INFORMATION_CLASS
 {
     AtomBasicInformation,

Source/Include/KNSoft/NDK/NT/Ex/Boot.h

@@ -444,6 +444,9 @@ NtFilterBootOption(
     _In_ ULONG DataSize);
 #endif
 
+/**
+ * The SHUTDOWN_ACTION enumeration specifies the type of system shutdown to perform.
+ */
 typedef enum _SHUTDOWN_ACTION
 {
     ShutdownNoReboot,
@@ -452,6 +455,15 @@ typedef enum _SHUTDOWN_ACTION
     ShutdownRebootForRecovery // since WIN11
 } SHUTDOWN_ACTION;
 
+/**
+ * The NtShutdownSystem routine initiates a system shutdown using the specified
+ * shutdown action.
+ *
+ * \param Action A SHUTDOWN_ACTION value that specifies whether the system
+ * should halt, reboot, power off, or reboot for recovery.
+ * \return NTSTATUS Successful or errant status.
+ * \remarks The calling process must have the SE_SHUTDOWN_NAME privilege.
+ */
 NTSYSCALLAPI
 NTSTATUS
 NTAPI
@@ -460,12 +472,26 @@ NtShutdownSystem(
 
 #pragma region Boot Display
 
+/**
+ * The NtDisplayString routine displays a Unicode string on the system display
+ * during early boot or in environments where a console is not yet available.
+ *
+ * \param String A pointer to a UNICODE_STRING structure that contains the text to display.
+ * \return NTSTATUS Successful or errant status.
+ */
 NTSYSCALLAPI
 NTSTATUS
 NTAPI
 NtDisplayString(
     _In_ PUNICODE_STRING String);
 
+/**
+ * The NtDrawText routine displays a Unicode string on the system display during
+ * early boot or in environments where a standard console is not yet available.
+ *
+ * \param Text A pointer to a UNICODE_STRING structure that contains the text to draw on the screen.
+ * \return NTSTATUS Successful or errant status.
+ */
 NTSYSCALLAPI
 NTSTATUS
 NTAPI

Source/Include/KNSoft/NDK/NT/Ex/Misc.h

@@ -31,6 +31,10 @@ NtAllocateUuids(
 
 #pragma region Hard Error
 
+/**
+ * The HARDERROR_RESPONSE_OPTION enumeration specifies the type of user
+ * interface prompt that may be displayed when a hard error occurs.
+ */
 typedef enum _HARDERROR_RESPONSE_OPTION
 {
     OptionAbortRetryIgnore,
@@ -44,6 +48,10 @@ typedef enum _HARDERROR_RESPONSE_OPTION
     OptionCancelTryContinue
 } HARDERROR_RESPONSE_OPTION;
 
+/**
+ * The HARDERROR_RESPONSE enumeration specifies the response returned by the
+ * caller or user when handling a hard error condition.
+ */
 typedef enum _HARDERROR_RESPONSE
 {
     ResponseReturnToCaller,
@@ -59,6 +67,10 @@ typedef enum _HARDERROR_RESPONSE
     ResponseContinue
 } HARDERROR_RESPONSE;
 
+/**
+ * HARDERROR_OVERRIDE_ERRORMODE indicates that the system should ignore the
+ * calling process's error mode when processing a hard error.
+ */
 #define HARDERROR_OVERRIDE_ERRORMODE 0x10000000
 
 /**
@@ -85,6 +97,15 @@ NtRaiseHardError(
     _In_ ULONG ValidResponseOptions,
     _Out_ PULONG Response);
 
+/**
+ * The NtSetDefaultHardErrorPort routine sets the system's default hard error
+ * port, which is used by the kernel to deliver hard error notifications to a
+ * user-mode process.
+ *
+ * \param DefaultHardErrorPort A handle to a port object that will receive
+ * hard error messages generated by the system.
+ * \return NTSTATUS Successful or errant status.
+ */
 NTSYSCALLAPI
 NTSTATUS
 NTAPI
@@ -175,6 +196,10 @@ NtSetDefaultHardErrorPort(
 
 #pragma endregion
 
+/**
+ * MAX_WOW64_SHARED_ENTRIES defines the number of shared entries available to
+ * the WOW64 (Windows-on-Windows 64-bit) subsystem.
+ */
 #define MAX_WOW64_SHARED_ENTRIES 16
 
 /**

Source/Include/KNSoft/NDK/NT/Ex/Processor.h

@@ -4,15 +4,26 @@
 
 EXTERN_C_START
 
-/* wdm.h */
+/* wdm.h & phnt */
 
+/**
+ * The ALTERNATIVE_ARCHITECTURE_TYPE enumeration specifies the hardware
+ * architecture variant used by the system.
+ *
+ * \remarks NEC98x86 represents the NEC PC-98 architecture,
+ * supported only on very early Windows releases.
+ */
 typedef enum _ALTERNATIVE_ARCHITECTURE_TYPE
 {
     StandardDesign,                 // None == 0 == standard design
     NEC98x86,                       // NEC PC98xx series on X86
     EndAlternatives                 // past end of known alternatives
 } ALTERNATIVE_ARCHITECTURE_TYPE;
 
+/**
+ * PROCESSOR_FEATURE_MAX defines the maximum number of processor feature flags
+ * that may be reported by the system.
+ */
 #define PROCESSOR_FEATURE_MAX 64
 
 EXTERN_C_END