#ifndef __UNDOCNT_H__
#define __UNDOCNT_H__

#include <wdm.h>

typedef struct THREAD_BASIC_INFORMATION
{
  NTSTATUS ExitStatus;
  PVOID TebBaseAddress;
  CLIENT_ID ClientId;
  KAFFINITY AffinityMask;
  KPRIORITY Priority;
  KPRIORITY BasePriority;

} THREAD_BASIC_INFORMATION,*PTHREAD_BASIC_INFORMATION;


typedef enum THREAD_INFORMATION_CLASS
{                                               // num/query/set
  ThreadBasicInformation,                       //  0/Y/N
  ThreadTimes,                                  //  1/Y/N
  ThreadPriority,                               //  2/N/Y
  ThreadBasePriority,                           //  3/N/Y
  ThreadAffinityMask,                           //  4/N/Y
  ThreadImpersonationToken,                     //  5/N/Y
  ThreadDescriptorTableEntry,                   //  6/Y/N
  ThreadEnableAlignmentFaultFixup,              //  7/N/Y
  ThreadEventPair,                              //  8/N/Y
  ThreadQuerySetWin32StartAddress,              //  9/Y/Y
  ThreadZeroTlsCell,                            // 10/N/Y
  ThreadPerformanceCount,                       // 11/Y/N
  ThreadAmILastThread,                          // 12/Y/N
  ThreadIdealProcessor,                         // 13/N/Y
  ThreadPriorityBoost,                          // 14/Y/Y
  ThreadSetTlsArrayAddress,                     // 15/N/Y
  ThreadIsIoPending,                            // 16/Y/N
  ThreadHideFromDebugger                        // 17/N/Y
} THREAD_INFORMATION_CLASS,*PTHREAD_INFORMATION_CLASS;

NTSYSAPI NTSTATUS NTAPI ZwOpenProcess(PHANDLE ProcessHandle,ACCESS_MASK DesiredAccess,POBJECT_ATTRIBUTES ObjectAttributes,PCLIENT_ID ClientId);
NTSYSAPI NTSTATUS NTAPI ZwOpenThread(PHANDLE ThreadHandle,ACCESS_MASK DesiredAccess,POBJECT_ATTRIBUTES ObjectAttributes,PCLIENT_ID ClientId);

typedef NTSTATUS (*ZW_OPEN_PROCESS)(PHANDLE ProcessHandle,ACCESS_MASK DesiredAccess,POBJECT_ATTRIBUTES ObjectAttributes,PCLIENT_ID ClientId);
typedef NTSTATUS (*ZW_OPEN_THREAD)(PHANDLE ThreadHandle,ACCESS_MASK DesiredAccess,POBJECT_ATTRIBUTES ObjectAttributes,PCLIENT_ID ClientId);

typedef NTSTATUS (*ZW_QUERY_INFORMATION_THREAD)(HANDLE ThreadHandle,THREAD_INFORMATION_CLASS ThreadInformationClass,PVOID ThreadInformation,ULONG ThreadInformationLength,PULONG ReturnLength);


//ntoskrnl exports ZwQueryInformationThread since XP
//we need it for w2k too so we need to fill SDT_index_ZwQueryInformationThread from usermode in HOOK_START
extern ULONG SDT_index_ZwQueryInformationThread;
NTSTATUS _ZwQueryInformationThread(HANDLE ThreadHandle,THREAD_INFORMATION_CLASS ThreadInformationClass,PVOID ThreadInformation,ULONG ThreadInformationLength,PULONG ReturnLength);


#endif