Release 2.18.

Thanks Michael Müller.

CONTRIBUTING.md

@@ -0,0 +1,30 @@
+Contributing to Wine Staging
+----------------------------
+
+First of all, thank you for taking the time to contribute to this project.
+
+### Reporting bugs
+
+Since WineConf 2015 Wine Staging is an official part of WineHQ, which means you
+can report problems directly at [bugs.winehq.org](https://bugs.winehq.org/).
+Most of the time bugs found in Wine Staging also turn out to be present in the
+development branch, so its recommended to open your bug in the "Wine" product,
+unless you are sure its really "Wine Staging" specific. For bugs related to our
+binary packages, please open a bug report in the "Packaging" product.
+
+### Submitting patches
+
+**IMPORTANT:** Please use [dev.wine-staging.com](https://dev.wine-staging.com/patches)
+for patch submissions, we currently do not accept Pull requests on GitHub.
+
+Wine Staging mainly concentrates on experimental features and patches which are
+difficult to get into the development branch. If you have a very simple bug fix
+including tests, there is usually no need to send it to Wine Staging. You can
+directly contribute it to the
+[development branch](http://wiki.winehq.org/SubmittingPatches). However, if you
+already tried that without success, or are working on such a complex area that
+you do not really think its ready for inclusion, you might want to submit it to
+our Staging tree. Please open a patch submission request on
+[dev.wine-staging.com](https://dev.wine-staging.com/patches) including the patch.
+More information is also available in our
+[Wiki](https://wiki.winehq.org/Wine-Staging_Patches).

README.md

@@ -24,16 +24,6 @@ other wine-specific programs like `winecfg`. To learn more about how to use
 Wine Staging, please take a look at the
 [usage instructions](https://github.com/wine-compholio/wine-staging/wiki/Usage).
 
-Reporting bugs
---------------
-
-Since WineConf 2015 Wine Staging is an official part of WineHQ, which means you
-can report problems directly at https://bugs.winehq.org/. Most of the time bugs
-found in Wine Staging also turn out to be present in the development branch, so
-its recommended to open your bug in the "Wine" product, unless you are sure its
-really "Wine Staging" specific. For problems with our binary packages, please
-also open a bug report there.
-
 Building
 --------
 
@@ -88,14 +78,5 @@ in our [Wiki](https://github.com/wine-compholio/wine-staging/wiki/Packaging).
 Contributing
 ------------
 
-Wine Staging mainly concentrates on experimental features and patches which are
-difficult to get into the development branch. If you have a very simple bug fix
-including tests, there is usually no need to send it to Wine Staging. You can
-directly contribute it to the
-[development branch](http://wiki.winehq.org/SubmittingPatches). However, if you
-already tried that without success, or are working on such a complex area that
-you do not really think its ready for inclusion, you might want to submit it to
-our Staging tree. Please open a patch submission request on
-[bugs.wine-staging.com](https://bugs.wine-staging.com/) including the patch.
-More information is also available in our
-[Wiki](https://github.com/wine-compholio/wine-staging/wiki/Contributing).
+Please see CONTRIBUTING.md for more information about contributing to Wine
+Staging.

patches/Compiler_Warnings/0009-ws2_32-tests-Work-around-an-incorrect-detection-in-G.patch

@@ -0,0 +1,24 @@
+From 560a25c662f7b56d2b895759be1ea65c64d0f5af Mon Sep 17 00:00:00 2001
+From: Sebastian Lackner <sebastian@fds-team.de>
+Date: Sun, 4 Jun 2017 12:57:17 +0200
+Subject: ws2_32/tests: Work around an incorrect detection in GCC 7.
+
+---
+ dlls/ws2_32/tests/sock.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/dlls/ws2_32/tests/sock.c b/dlls/ws2_32/tests/sock.c
+index 677a750ec6b..65c82e36524 100644
+--- a/dlls/ws2_32/tests/sock.c
++++ b/dlls/ws2_32/tests/sock.c
+@@ -3601,6 +3601,7 @@ static DWORD WINAPI SelectReadThread(void *param)
+     struct sockaddr_in addr;
+     struct timeval select_timeout;
+ 
++    memset(&readfds, 0, sizeof(readfds));
+     FD_ZERO(&readfds);
+     FD_SET(par->s, &readfds);
+     select_timeout.tv_sec=5;
+-- 
+2.13.0
+

patches/Compiler_Warnings/0018-Appease-the-blessed-version-of-gcc-4.5-when-Werror-i.patch

@@ -1,15 +1,14 @@
-From b6b1e5da04ed867251253410e37d412109a4cec2 Mon Sep 17 00:00:00 2001
+From cd34de81164087b3593d0ec9416e2f157a5df40d Mon Sep 17 00:00:00 2001
 From: "Erich E. Hoover" <erich.e.hoover@gmail.com>
 Date: Fri, 8 Aug 2014 19:33:14 -0600
 Subject: Appease the blessed version of gcc (4.5) when -Werror is enabled.
 
 ---
- dlls/d3d9/tests/visual.c     | 2 +-
- dlls/netapi32/netapi32.c     | 2 +-
- dlls/winealsa.drv/mmdevdrv.c | 2 +-
- dlls/wined3d/glsl_shader.c   | 2 +-
- tools/makedep.c              | 2 +-
- 5 files changed, 5 insertions(+), 5 deletions(-)
+ dlls/d3d9/tests/visual.c   | 2 +-
+ dlls/netapi32/netapi32.c   | 2 +-
+ dlls/wined3d/glsl_shader.c | 2 +-
+ tools/makedep.c            | 2 +-
+ 4 files changed, 4 insertions(+), 4 deletions(-)
 
 diff --git a/dlls/d3d9/tests/visual.c b/dlls/d3d9/tests/visual.c
 index c8a6a1fa5a8..0261d3708e6 100644
@@ -37,24 +36,11 @@ index 278d4528b01..1c5f110b828 100644
      NET_API_STATUS status;
  
      if (servername && !(server = strdup_unixcp( servername ))) return ERROR_OUTOFMEMORY;
-diff --git a/dlls/winealsa.drv/mmdevdrv.c b/dlls/winealsa.drv/mmdevdrv.c
-index 2ecb111e218..b285705509c 100644
---- a/dlls/winealsa.drv/mmdevdrv.c
-+++ b/dlls/winealsa.drv/mmdevdrv.c
-@@ -359,7 +359,7 @@ static WCHAR *construct_device_id(EDataFlow flow, const WCHAR *chunk1, const cha
- {
-     WCHAR *ret;
-     const WCHAR *prefix;
--    DWORD len_wchars = 0, chunk1_len, copied = 0, prefix_len;
-+    DWORD len_wchars = 0, chunk1_len = 0, copied = 0, prefix_len;
- 
-     static const WCHAR dashW[] = {' ','-',' ',0};
-     static const size_t dashW_len = (sizeof(dashW) / sizeof(*dashW)) - 1;
 diff --git a/dlls/wined3d/glsl_shader.c b/dlls/wined3d/glsl_shader.c
-index ce960853362..f4275d8dd48 100644
+index f96f48d97d1..8fe3318cd78 100644
 --- a/dlls/wined3d/glsl_shader.c
 +++ b/dlls/wined3d/glsl_shader.c
-@@ -9316,7 +9316,7 @@ static void set_glsl_shader_program(const struct wined3d_context *context, const
+@@ -9721,7 +9721,7 @@ static void set_glsl_shader_program(const struct wined3d_context *context, const
      GLuint ds_id = 0;
      GLuint gs_id = 0;
      GLuint ps_id = 0;
@@ -64,7 +50,7 @@ index ce960853362..f4275d8dd48 100644
      struct wined3d_string_buffer *tmp_name;
  
 diff --git a/tools/makedep.c b/tools/makedep.c
-index add722f80a9..24b06bbfcb2 100644
+index 296356b0a57..5a2873b56f1 100644
 --- a/tools/makedep.c
 +++ b/tools/makedep.c
 @@ -1608,7 +1608,7 @@ static const char *get_make_variable( const struct makefile *make, const char *n
@@ -77,5 +63,5 @@ index add722f80a9..24b06bbfcb2 100644
      var = get_make_variable( make, name );
      if (!var) return NULL;
 -- 
-2.12.2
+2.13.1
 

patches/Compiler_Warnings/0021-d2d1-Avoid-implicit-cast-of-interface-pointer.patch

@@ -1,18 +1,18 @@
-From 929eaf5dcdca040cd82141ad5ddfdcbc6c5f4a03 Mon Sep 17 00:00:00 2001
+From 79ff79dba6d5c8008c53e4bcf5e38c3a54271091 Mon Sep 17 00:00:00 2001
 From: Sebastian Lackner <sebastian@fds-team.de>
 Date: Tue, 22 Mar 2016 21:54:26 +0100
 Subject: d2d1: Avoid implicit cast of interface pointer.
 
 ---
- dlls/d2d1/brush.c    | 6 +++---
+ dlls/d2d1/brush.c    | 8 ++++----
  dlls/d2d1/geometry.c | 6 +++---
- 2 files changed, 6 insertions(+), 6 deletions(-)
+ 2 files changed, 7 insertions(+), 7 deletions(-)
 
 diff --git a/dlls/d2d1/brush.c b/dlls/d2d1/brush.c
-index aa92318..19b0993 100644
+index 7f4c7bbb763..30d25fec4b4 100644
 --- a/dlls/d2d1/brush.c
 +++ b/dlls/d2d1/brush.c
-@@ -181,7 +181,7 @@ static void d2d_brush_init(struct d2d_brush *brush, ID2D1Factory *factory,
+@@ -251,7 +251,7 @@ static void d2d_brush_init(struct d2d_brush *brush, ID2D1Factory *factory,
  
  static inline struct d2d_brush *impl_from_ID2D1SolidColorBrush(ID2D1SolidColorBrush *iface)
  {
@@ -21,7 +21,7 @@ index aa92318..19b0993 100644
  }
  
  static HRESULT STDMETHODCALLTYPE d2d_solid_color_brush_QueryInterface(ID2D1SolidColorBrush *iface,
-@@ -318,7 +318,7 @@ void d2d_solid_color_brush_init(struct d2d_brush *brush, ID2D1Factory *factory,
+@@ -394,7 +394,7 @@ HRESULT d2d_solid_color_brush_create(ID2D1Factory *factory, const D2D1_COLOR_F *
  
  static inline struct d2d_brush *impl_from_ID2D1LinearGradientBrush(ID2D1LinearGradientBrush *iface)
  {
@@ -30,7 +30,16 @@ index aa92318..19b0993 100644
  }
  
  static HRESULT STDMETHODCALLTYPE d2d_linear_gradient_brush_QueryInterface(ID2D1LinearGradientBrush *iface,
-@@ -476,7 +476,7 @@ void d2d_linear_gradient_brush_init(struct d2d_brush *brush, ID2D1Factory *facto
+@@ -580,7 +580,7 @@ HRESULT d2d_linear_gradient_brush_create(ID2D1Factory *factory, const D2D1_LINEA
+ 
+ static inline struct d2d_brush *impl_from_ID2D1RadialGradientBrush(ID2D1RadialGradientBrush *iface)
+ {
+-    return CONTAINING_RECORD(iface, struct d2d_brush, ID2D1Brush_iface);
++    return CONTAINING_RECORD((ID2D1Brush *)iface, struct d2d_brush, ID2D1Brush_iface);
+ }
+ 
+ static HRESULT STDMETHODCALLTYPE d2d_radial_gradient_brush_QueryInterface(ID2D1RadialGradientBrush *iface,
+@@ -776,7 +776,7 @@ HRESULT d2d_radial_gradient_brush_create(ID2D1Factory *factory, const D2D1_BRUSH
  
  static inline struct d2d_brush *impl_from_ID2D1BitmapBrush(ID2D1BitmapBrush *iface)
  {
@@ -40,10 +49,10 @@ index aa92318..19b0993 100644
  
  static HRESULT STDMETHODCALLTYPE d2d_bitmap_brush_QueryInterface(ID2D1BitmapBrush *iface,
 diff --git a/dlls/d2d1/geometry.c b/dlls/d2d1/geometry.c
-index 9fa1783..125c610 100644
+index a9588985642..b8457a9e1ea 100644
 --- a/dlls/d2d1/geometry.c
 +++ b/dlls/d2d1/geometry.c
-@@ -2022,7 +2022,7 @@ static const struct ID2D1GeometrySinkVtbl d2d_geometry_sink_vtbl =
+@@ -3024,7 +3024,7 @@ static const struct ID2D1GeometrySinkVtbl d2d_geometry_sink_vtbl =
  
  static inline struct d2d_geometry *impl_from_ID2D1PathGeometry(ID2D1PathGeometry *iface)
  {
@@ -52,7 +61,7 @@ index 9fa1783..125c610 100644
  }
  
  static HRESULT STDMETHODCALLTYPE d2d_path_geometry_QueryInterface(ID2D1PathGeometry *iface, REFIID iid, void **out)
-@@ -2283,7 +2283,7 @@ void d2d_path_geometry_init(struct d2d_geometry *geometry, ID2D1Factory *factory
+@@ -3540,7 +3540,7 @@ void d2d_path_geometry_init(struct d2d_geometry *geometry, ID2D1Factory *factory
  
  static inline struct d2d_geometry *impl_from_ID2D1RectangleGeometry(ID2D1RectangleGeometry *iface)
  {
@@ -61,7 +70,7 @@ index 9fa1783..125c610 100644
  }
  
  static HRESULT STDMETHODCALLTYPE d2d_rectangle_geometry_QueryInterface(ID2D1RectangleGeometry *iface,
-@@ -2531,7 +2531,7 @@ HRESULT d2d_rectangle_geometry_init(struct d2d_geometry *geometry, ID2D1Factory
+@@ -3876,7 +3876,7 @@ fail:
  
  static inline struct d2d_geometry *impl_from_ID2D1TransformedGeometry(ID2D1TransformedGeometry *iface)
  {
@@ -71,5 +80,5 @@ index 9fa1783..125c610 100644
  
  static HRESULT STDMETHODCALLTYPE d2d_transformed_geometry_QueryInterface(ID2D1TransformedGeometry *iface,
 -- 
-2.7.1
+2.14.1
 

patches/Compiler_Warnings/0032-wsdapi-Avoid-implicit-cast-of-interface-pointer.patch

@@ -0,0 +1,25 @@
+From 814a4e7a4cad942e284a4828927dd0b67938af33 Mon Sep 17 00:00:00 2001
+From: Sebastian Lackner <sebastian@fds-team.de>
+Date: Sun, 2 Jul 2017 22:32:45 +0200
+Subject: wsdapi: Avoid implicit cast of interface pointer.
+
+---
+ dlls/wsdapi/msgparams.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/dlls/wsdapi/msgparams.c b/dlls/wsdapi/msgparams.c
+index a7a2f0a73b3..47a77138709 100644
+--- a/dlls/wsdapi/msgparams.c
++++ b/dlls/wsdapi/msgparams.c
+@@ -45,7 +45,7 @@ static inline IWSDMessageParametersImpl *impl_from_IWSDMessageParameters(IWSDMes
+ 
+ static inline IWSDUdpMessageParametersImpl *impl_from_IWSDUdpMessageParameters(IWSDUdpMessageParameters *iface)
+ {
+-    return CONTAINING_RECORD(iface, IWSDUdpMessageParametersImpl, base.IWSDMessageParameters_iface);
++    return CONTAINING_RECORD((IWSDMessageParameters *)iface, IWSDUdpMessageParametersImpl, base.IWSDMessageParameters_iface);
+ }
+ 
+ /* IWSDMessageParameters implementation */
+-- 
+2.13.1
+

patches/Compiler_Warnings/0033-evr-Avoid-implicit-cast-of-interface-pointer.patch

@@ -0,0 +1,25 @@
+From b4586e37df817f205c8bebe319b4765dea5c62d5 Mon Sep 17 00:00:00 2001
+From: Sebastian Lackner <sebastian@fds-team.de>
+Date: Sun, 24 Sep 2017 19:21:06 +0200
+Subject: evr: Avoid implicit cast of interface pointer.
+
+---
+ dlls/evr/evr.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/dlls/evr/evr.c b/dlls/evr/evr.c
+index c2d2933211e..5533f38a649 100644
+--- a/dlls/evr/evr.c
++++ b/dlls/evr/evr.c
+@@ -136,7 +136,7 @@ static const IUnknownVtbl evr_inner_vtbl =
+ 
+ static inline evr_filter *impl_from_IBaseFilter(IBaseFilter *iface)
+ {
+-    return CONTAINING_RECORD(iface, evr_filter, filter);
++    return CONTAINING_RECORD(iface, evr_filter, filter.IBaseFilter_iface);
+ }
+ 
+ static HRESULT WINAPI filter_QueryInterface(IBaseFilter *iface, REFIID riid, void **ppv)
+-- 
+2.14.1
+

patches/advapi-LsaLookupPrivilegeName/0003-advapi32-Implement-LsaLookupPrivilegeName.patch

@@ -1,31 +1,17 @@
-From bee5e0baac722c66ad8c1034a65a2cecfe74716e Mon Sep 17 00:00:00 2001
+From ca415799729a5330fc9def2df8fb9c4ffef80448 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sun, 5 Mar 2017 23:50:06 +0100
 Subject: advapi32: Implement LsaLookupPrivilegeName.
 
 ---
- dlls/advapi32/advapi32.spec   |  2 +-
  dlls/advapi32/advapi32_misc.h |  2 ++
- dlls/advapi32/lsa.c           | 38 ++++++++++++++++++++++++++++++++++++++
+ dlls/advapi32/lsa.c           | 30 ++++++++++++++++++++++++++++--
  dlls/advapi32/security.c      | 27 ++++++++++++++++++---------
  include/ntsecapi.h            |  1 +
- 5 files changed, 60 insertions(+), 10 deletions(-)
+ 4 files changed, 49 insertions(+), 11 deletions(-)
 
-diff --git a/dlls/advapi32/advapi32.spec b/dlls/advapi32/advapi32.spec
-index 078bb8fc25..124f527282 100644
---- a/dlls/advapi32/advapi32.spec
-+++ b/dlls/advapi32/advapi32.spec
-@@ -469,7 +469,7 @@
- @ stdcall LsaLookupNames(long long ptr ptr ptr)
- @ stdcall LsaLookupNames2(ptr long long ptr ptr ptr)
- @ stub LsaLookupPrivilegeDisplayName
--# @ stub LsaLookupPrivilegeName
-+@ stdcall LsaLookupPrivilegeName(long ptr ptr)
- # @ stub LsaLookupPrivilegeValue
- @ stdcall LsaLookupSids(ptr long ptr ptr ptr)
- # @ stub LsaLookupSids2
 diff --git a/dlls/advapi32/advapi32_misc.h b/dlls/advapi32/advapi32_misc.h
-index d116ecb836..ecb07f635a 100644
+index d116ecb836e..ecb07f635a6 100644
 --- a/dlls/advapi32/advapi32_misc.h
 +++ b/dlls/advapi32/advapi32_misc.h
 @@ -68,4 +68,6 @@ static inline WCHAR *strdupAW( const char *src )
@@ -36,28 +22,20 @@ index d116ecb836..ecb07f635a 100644
 +
  #endif /* __WINE_ADVAPI32MISC_H */
 diff --git a/dlls/advapi32/lsa.c b/dlls/advapi32/lsa.c
-index 479201bfc1..ceb3b05c05 100644
+index 61c91f497eb..e6f88d2fa73 100644
 --- a/dlls/advapi32/lsa.c
 +++ b/dlls/advapi32/lsa.c
-@@ -973,3 +973,41 @@ NTSTATUS WINAPI LsaUnregisterPolicyChangeNotification(
-     FIXME("(%d,%p) stub\n", class, event);
-     return STATUS_SUCCESS;
- }
-+
-+/******************************************************************************
-+ * LsaLookupPrivilegeName [ADVAPI32.@]
-+ *
-+ */
-+NTSTATUS WINAPI LsaLookupPrivilegeName(
-+    LSA_HANDLE handle,
-+    PLUID lpLuid,
-+    PUNICODE_STRING *name)
-+{
+@@ -983,6 +983,32 @@ NTSTATUS WINAPI LsaLookupPrivilegeName(
+     LUID *luid,
+     UNICODE_STRING **name)
+ {
+-    FIXME("(%p,%p,%p) stub\n", handle, luid, name);
+-    return STATUS_NO_SUCH_PRIVILEGE;
 +    UNICODE_STRING *priv_unicode;
 +    size_t priv_size;
 +    WCHAR *strW;
 +
-+    TRACE("(%p, %p, %p)\n", handle, lpLuid, name);
++    TRACE("(%p, %p, %p)\n", handle, luid, name);
 +
 +    if (!handle)
 +        return STATUS_INVALID_HANDLE;
@@ -65,24 +43,25 @@ index 479201bfc1..ceb3b05c05 100644
 +    if (!name)
 +        return STATUS_INVALID_PARAMETER;
 +
-+    if (lpLuid->HighPart ||
-+        (lpLuid->LowPart < SE_MIN_WELL_KNOWN_PRIVILEGE ||
-+         lpLuid->LowPart > SE_MAX_WELL_KNOWN_PRIVILEGE))
++    if (luid->HighPart ||
++        (luid->LowPart < SE_MIN_WELL_KNOWN_PRIVILEGE ||
++         luid->LowPart > SE_MAX_WELL_KNOWN_PRIVILEGE ||
++         !WellKnownPrivNames[luid->LowPart]))
 +        return STATUS_NO_SUCH_PRIVILEGE;
 +
-+    priv_size = (strlenW(WellKnownPrivNames[lpLuid->LowPart]) + 1) * sizeof(WCHAR);
++    priv_size = (strlenW(WellKnownPrivNames[luid->LowPart]) + 1) * sizeof(WCHAR);
 +    priv_unicode = heap_alloc(sizeof(*priv_unicode) + priv_size);
 +    if (!priv_unicode) return STATUS_NO_MEMORY;
 +
 +    strW = (WCHAR *)(priv_unicode + 1);
-+    strcpyW(strW, WellKnownPrivNames[lpLuid->LowPart]);
++    strcpyW(strW, WellKnownPrivNames[luid->LowPart]);
 +    RtlInitUnicodeString(priv_unicode, strW);
 +
 +    *name = priv_unicode;
 +    return STATUS_SUCCESS;
-+}
+ }
 diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
-index e36792cff4..3bc8f48b19 100644
+index e36792cff4b..3bc8f48b19c 100644
 --- a/dlls/advapi32/security.c
 +++ b/dlls/advapi32/security.c
 @@ -1840,7 +1840,7 @@ static const WCHAR SE_IMPERSONATE_NAME_W[] =
@@ -146,7 +125,7 @@ index e36792cff4..3bc8f48b19 100644
      }
  }
 diff --git a/include/ntsecapi.h b/include/ntsecapi.h
-index 2bb3d312e4..0bf0eca43e 100644
+index 2bb3d312e43..0bf0eca43ed 100644
 --- a/include/ntsecapi.h
 +++ b/include/ntsecapi.h
 @@ -370,6 +370,7 @@ NTSTATUS WINAPI LsaLookupNames(LSA_HANDLE,ULONG,PLSA_UNICODE_STRING,PLSA_REFEREN
@@ -158,5 +137,5 @@ index 2bb3d312e4..0bf0eca43e 100644
  ULONG WINAPI LsaNtStatusToWinError(NTSTATUS);
  NTSTATUS WINAPI LsaOpenPolicy(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,ACCESS_MASK,PLSA_HANDLE);
 -- 
-2.11.0
+2.14.1
 

patches/advapi-LsaLookupPrivilegeName/definition

@@ -1 +1 @@
-Fixes: Add LsaLookupPrivilege[Display]Name stubs
+Fixes: [43316] Add LsaLookupPrivilege[Display]Name stubs

patches/advapi32-BuildSecurityDescriptor/0002-advapi32-tests-Add-basic-tests-for-BuildSecurityDesc.patch

@@ -1,4 +1,4 @@
-From 63082c3863d8be466ed14f532653ddf35e40328a Mon Sep 17 00:00:00 2001
+From 09d62cfc4fa999eacc89af2ad414810e22c910a9 Mon Sep 17 00:00:00 2001
 From: Sebastian Lackner <sebastian@fds-team.de>
 Date: Fri, 5 May 2017 00:18:50 +0200
 Subject: advapi32/tests: Add basic tests for BuildSecurityDescriptor.
@@ -8,11 +8,11 @@ Subject: advapi32/tests: Add basic tests for BuildSecurityDescriptor.
  1 file changed, 39 insertions(+)
 
 diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
-index d6ea3a19fad..c591f7b6e5f 100644
+index ca5edffae5..db5a0f934c 100644
 --- a/dlls/advapi32/tests/security.c
 +++ b/dlls/advapi32/tests/security.c
-@@ -7489,6 +7489,44 @@ static void test_child_token_sd(void)
-     HeapFree(GetProcessHeap(), 0, sd);
+@@ -7217,6 +7217,44 @@ static void test_GetExplicitEntriesFromAclW(void)
+     HeapFree(GetProcessHeap(), 0, old_acl);
  }
  
 +static void test_BuildSecurityDescriptorW(void)
@@ -56,14 +56,14 @@ index d6ea3a19fad..c591f7b6e5f 100644
  START_TEST(security)
  {
      init();
-@@ -7542,6 +7580,7 @@ START_TEST(security)
-     test_pseudo_tokens();
+@@ -7271,6 +7309,7 @@ START_TEST(security)
      test_maximum_allowed();
+     test_token_label();
      test_GetExplicitEntriesFromAclW();
 +    test_BuildSecurityDescriptorW();
  
-     /* must be the last test, modifies process token */
+     /* Must be the last test, modifies process token */
      test_token_security_descriptor();
 -- 
-2.12.2
+2.13.1
 

patches/advapi32-BuildSecurityDescriptor/definition

@@ -1,2 +1,2 @@
 Fixes: Initial implementation of advapi32.BuildSecurityDescriptorW
-Depends: server-LABEL_SECURITY_INFORMATION
+Depends: advapi32-GetExplicitEntriesFromAclW

patches/advapi32-CreateRestrictedToken/0001-ntdll-Implement-NtFilterToken.patch

@@ -0,0 +1,315 @@
+From 3f314cc8251f62f592013abe7b1c3b977de0699a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
+Date: Fri, 4 Aug 2017 02:33:14 +0200
+Subject: ntdll: Implement NtFilterToken.
+
+---
+ dlls/ntdll/nt.c       | 59 ++++++++++++++++++++++++++++++++++++
+ dlls/ntdll/ntdll.spec |  2 +-
+ include/winnt.h       |  5 +++
+ include/winternl.h    |  1 +
+ server/process.c      |  2 +-
+ server/protocol.def   | 10 ++++++
+ server/security.h     |  4 ++-
+ server/token.c        | 84 +++++++++++++++++++++++++++++++++++++++++++++++++--
+ 8 files changed, 162 insertions(+), 5 deletions(-)
+
+diff --git a/dlls/ntdll/nt.c b/dlls/ntdll/nt.c
+index 93554e929be..5822dec9b15 100644
+--- a/dlls/ntdll/nt.c
++++ b/dlls/ntdll/nt.c
+@@ -136,6 +136,65 @@ NTSTATUS WINAPI NtDuplicateToken(
+ }
+ 
+ /******************************************************************************
++ *  NtFilterToken        [NTDLL.@]
++ *  ZwFilterToken        [NTDLL.@]
++ */
++NTSTATUS WINAPI NtFilterToken( HANDLE token, ULONG flags, TOKEN_GROUPS *disable_sids,
++                               TOKEN_PRIVILEGES *privileges, TOKEN_GROUPS *restrict_sids,
++                               HANDLE *new_token )
++{
++    data_size_t privileges_len = 0;
++    data_size_t sids_len = 0;
++    SID *sids = NULL;
++    NTSTATUS status;
++
++    TRACE( "(%p, 0x%08x, %p, %p, %p, %p)\n", token, flags, disable_sids, privileges,
++           restrict_sids, new_token );
++
++    if (flags)
++        FIXME( "flags %x unsupported\n", flags );
++
++    if (restrict_sids)
++        FIXME( "support for restricting sids not yet implemented\n" );
++
++    if (privileges)
++        privileges_len = privileges->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
++
++    if (disable_sids)
++    {
++        DWORD len, i;
++        BYTE *tmp;
++
++        for (i = 0; i < disable_sids->GroupCount; i++)
++            sids_len += RtlLengthSid( disable_sids->Groups[i].Sid );
++
++        sids = RtlAllocateHeap( GetProcessHeap(), 0, sids_len );
++        if (!sids) return STATUS_NO_MEMORY;
++
++        for (i = 0, tmp = (BYTE *)sids; i < disable_sids->GroupCount; i++, tmp += len)
++        {
++            len = RtlLengthSid( disable_sids->Groups[i].Sid );
++            memcpy( tmp, disable_sids->Groups[i].Sid, len );
++        }
++    }
++
++    SERVER_START_REQ( filter_token )
++    {
++        req->handle          = wine_server_obj_handle( token );
++        req->flags           = flags;
++        req->privileges_size = privileges_len;
++        wine_server_add_data( req, privileges->Privileges, privileges_len );
++        wine_server_add_data( req, sids, sids_len );
++        status = wine_server_call( req );
++        if (!status) *new_token = wine_server_ptr_handle( reply->new_handle );
++    }
++    SERVER_END_REQ;
++
++    RtlFreeHeap( GetProcessHeap(), 0, sids );
++    return status;
++}
++
++/******************************************************************************
+  *  NtOpenProcessToken		[NTDLL.@]
+  *  ZwOpenProcessToken		[NTDLL.@]
+  */
+diff --git a/dlls/ntdll/ntdll.spec b/dlls/ntdll/ntdll.spec
+index 4f7ee496437..275fda57970 100644
+--- a/dlls/ntdll/ntdll.spec
++++ b/dlls/ntdll/ntdll.spec
+@@ -179,7 +179,7 @@
+ # @ stub NtEnumerateSystemEnvironmentValuesEx
+ @ stdcall NtEnumerateValueKey(long long long ptr long ptr)
+ @ stub NtExtendSection
+-# @ stub NtFilterToken
++@ stdcall NtFilterToken(long long ptr ptr ptr ptr)
+ @ stdcall NtFindAtom(ptr long ptr)
+ @ stdcall NtFlushBuffersFile(long ptr)
+ @ stdcall NtFlushInstructionCache(long ptr long)
+diff --git a/include/winnt.h b/include/winnt.h
+index f91f81eb559..891c9b6d4bb 100644
+--- a/include/winnt.h
++++ b/include/winnt.h
+@@ -3844,6 +3844,11 @@ typedef enum _TOKEN_INFORMATION_CLASS {
+ 					TOKEN_ADJUST_SESSIONID | \
+ 					TOKEN_ADJUST_DEFAULT )
+ 
++#define DISABLE_MAX_PRIVILEGE 0x1
++#define SANDBOX_INERT         0x2
++#define LUA_TOKEN             0x4
++#define WRITE_RESTRICTED      0x8
++
+ #ifndef _SECURITY_DEFINED
+ #define _SECURITY_DEFINED
+ 
+diff --git a/include/winternl.h b/include/winternl.h
+index 140669b0105..899e8324d67 100644
+--- a/include/winternl.h
++++ b/include/winternl.h
+@@ -2348,6 +2348,7 @@ NTSYSAPI NTSTATUS  WINAPI NtDuplicateToken(HANDLE,ACCESS_MASK,POBJECT_ATTRIBUTES
+ NTSYSAPI NTSTATUS  WINAPI NtEnumerateKey(HANDLE,ULONG,KEY_INFORMATION_CLASS,void *,DWORD,DWORD *);
+ NTSYSAPI NTSTATUS  WINAPI NtEnumerateValueKey(HANDLE,ULONG,KEY_VALUE_INFORMATION_CLASS,PVOID,ULONG,PULONG);
+ NTSYSAPI NTSTATUS  WINAPI NtExtendSection(HANDLE,PLARGE_INTEGER);
++NTSYSAPI NTSTATUS  WINAPI NtFilterToken(HANDLE,ULONG,TOKEN_GROUPS*,TOKEN_PRIVILEGES*,TOKEN_GROUPS*,HANDLE*);
+ NTSYSAPI NTSTATUS  WINAPI NtFindAtom(const WCHAR*,ULONG,RTL_ATOM*);
+ NTSYSAPI NTSTATUS  WINAPI NtFlushBuffersFile(HANDLE,IO_STATUS_BLOCK*);
+ NTSYSAPI NTSTATUS  WINAPI NtFlushInstructionCache(HANDLE,LPCVOID,SIZE_T);
+diff --git a/server/process.c b/server/process.c
+index cbe726afe81..f0f60edcd3f 100644
+--- a/server/process.c
++++ b/server/process.c
+@@ -571,7 +571,7 @@ struct thread *create_process( int fd, struct thread *parent_thread, int inherit
+                                        : alloc_handle_table( process, 0 );
+         /* Note: for security reasons, starting a new process does not attempt
+          * to use the current impersonation token for the new process */
+-        process->token = token_duplicate( parent->token, TRUE, 0, NULL );
++        process->token = token_duplicate( parent->token, TRUE, 0, NULL, NULL, 0, NULL, 0 );
+         process->affinity = parent->affinity;
+     }
+     if (!process->handles || !process->token) goto error;
+diff --git a/server/protocol.def b/server/protocol.def
+index fc6e343af52..b3dce66eb9c 100644
+--- a/server/protocol.def
++++ b/server/protocol.def
+@@ -3391,6 +3391,16 @@ enum caret_state
+     obj_handle_t  new_handle; /* duplicated handle */
+ @END
+ 
++@REQ(filter_token)
++    obj_handle_t  handle;          /* handle to the token to duplicate */
++    unsigned int  flags;           /* flags */
++    data_size_t   privileges_size; /* size of privileges */
++    VARARG(privileges,LUID_AND_ATTRIBUTES,privileges_size); /* privileges to remove from new token */
++    VARARG(disable_sids,SID);      /* array of groups to remove from new token */
++@REPLY
++    obj_handle_t  new_handle;      /* filtered handle */
++@END
++
+ @REQ(access_check)
+     obj_handle_t    handle; /* handle to the token */
+     unsigned int    desired_access; /* desired access to the object */
+diff --git a/server/security.h b/server/security.h
+index 606dbb2ab2c..6c337143c3d 100644
+--- a/server/security.h
++++ b/server/security.h
+@@ -56,7 +56,9 @@ extern const PSID security_high_label_sid;
+ extern struct token *token_create_admin(void);
+ extern int token_assign_label( struct token *token, PSID label );
+ extern struct token *token_duplicate( struct token *src_token, unsigned primary,
+-                                      int impersonation_level, const struct security_descriptor *sd );
++                                      int impersonation_level, const struct security_descriptor *sd,
++                                      const LUID_AND_ATTRIBUTES *filter_privileges, unsigned int priv_count,
++                                      const SID *filter_groups, unsigned int group_count );
+ extern int token_check_privileges( struct token *token, int all_required,
+                                    const LUID_AND_ATTRIBUTES *reqprivs,
+                                    unsigned int count, LUID_AND_ATTRIBUTES *usedprivs);
+diff --git a/server/token.c b/server/token.c
+index 74db66e1e24..acd7a4dedb5 100644
+--- a/server/token.c
++++ b/server/token.c
+@@ -299,6 +299,19 @@ static int acl_is_valid( const ACL *acl, data_size_t size )
+     return TRUE;
+ }
+ 
++static unsigned int get_sid_count( const SID *sid, data_size_t size )
++{
++    unsigned int count;
++
++    for (count = 0; size >= sizeof(SID) && security_sid_len( sid ) <= size; count++)
++    {
++        size -= security_sid_len( sid );
++        sid = (const SID *)((char *)sid + security_sid_len( sid ));
++    }
++
++    return count;
++}
++
+ /* checks whether all members of a security descriptor fit inside the size
+  * of memory specified */
+ int sd_is_valid( const struct security_descriptor *sd, data_size_t size )
+@@ -639,8 +652,36 @@ static struct token *create_token( unsigned primary, const SID *user,
+     return token;
+ }
+ 
++static int filter_group( struct group *group, const SID *filter, unsigned int count )
++{
++    unsigned int i;
++
++    for (i = 0; i < count; i++)
++    {
++        if (security_equal_sid( &group->sid, filter )) return 1;
++        filter = (const SID *)((char *)filter + security_sid_len( filter ));
++    }
++
++    return 0;
++}
++
++static int filter_privilege( struct privilege *privilege, const LUID_AND_ATTRIBUTES *filter, unsigned int count )
++{
++    unsigned int i;
++
++    for (i = 0; i < count; i++)
++    {
++        if (!memcmp( &privilege->luid, &filter[i].Luid, sizeof(LUID) ))
++            return 1;
++    }
++
++    return 0;
++}
++
+ struct token *token_duplicate( struct token *src_token, unsigned primary,
+-                               int impersonation_level, const struct security_descriptor *sd )
++                               int impersonation_level, const struct security_descriptor *sd,
++                               const LUID_AND_ATTRIBUTES *filter_privileges, unsigned int priv_count,
++                               const SID *filter_groups, unsigned int group_count)
+ {
+     const luid_t *modified_id =
+         primary || (impersonation_level == src_token->impersonation_level) ?
+@@ -676,6 +717,12 @@ struct token *token_duplicate( struct token *src_token, unsigned primary,
+             return NULL;
+         }
+         memcpy( newgroup, group, size );
++        if (filter_group( group, filter_groups, group_count ))
++        {
++            newgroup->enabled = 0;
++            newgroup->def = 0;
++            newgroup->deny_only = 1;
++        }
+         list_add_tail( &token->groups, &newgroup->entry );
+         if (src_token->primary_group == &group->sid)
+             token->primary_group = &newgroup->sid;
+@@ -684,11 +731,14 @@ struct token *token_duplicate( struct token *src_token, unsigned primary,
+ 
+     /* copy privileges */
+     LIST_FOR_EACH_ENTRY( privilege, &src_token->privileges, struct privilege, entry )
++    {
++        if (filter_privilege( privilege, filter_privileges, priv_count )) continue;
+         if (!privilege_add( token, &privilege->luid, privilege->enabled ))
+         {
+             release_object( token );
+             return NULL;
+         }
++    }
+ 
+     if (sd) default_set_sd( &token->obj, sd, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
+                             DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION );
+@@ -1322,7 +1372,7 @@ DECL_HANDLER(duplicate_token)
+                                                      TOKEN_DUPLICATE,
+                                                      &token_ops )))
+     {
+-        struct token *token = token_duplicate( src_token, req->primary, req->impersonation_level, sd );
++        struct token *token = token_duplicate( src_token, req->primary, req->impersonation_level, sd, NULL, 0, NULL, 0 );
+         if (token)
+         {
+             reply->new_handle = alloc_handle_no_access_check( current->process, token, req->access, objattr->attributes );
+@@ -1332,6 +1382,36 @@ DECL_HANDLER(duplicate_token)
+     }
+ }
+ 
++/* creates a restricted version of a token */
++DECL_HANDLER(filter_token)
++{
++    struct token *src_token;
++
++    if ((src_token = (struct token *)get_handle_obj( current->process, req->handle,
++                                                     TOKEN_DUPLICATE,
++                                                     &token_ops )))
++    {
++        const LUID_AND_ATTRIBUTES *filter_privileges = get_req_data();
++        unsigned int priv_count, group_count;
++        const SID *filter_groups;
++        struct token *token;
++
++        priv_count = min( req->privileges_size, get_req_data_size() ) / sizeof(LUID_AND_ATTRIBUTES);
++        filter_groups = (const SID *)((char *)filter_privileges + priv_count * sizeof(LUID_AND_ATTRIBUTES));
++        group_count = get_sid_count( filter_groups, get_req_data_size() - priv_count * sizeof(LUID_AND_ATTRIBUTES) );
++
++        token = token_duplicate( src_token, src_token->primary, src_token->impersonation_level, NULL,
++                                 filter_privileges, priv_count, filter_groups, group_count );
++        if (token)
++        {
++            unsigned int access = get_handle_access( current->process, req->handle );
++            reply->new_handle = alloc_handle_no_access_check( current->process, token, access, 0 );
++            release_object( token );
++        }
++        release_object( src_token );
++    }
++}
++
+ /* checks the specified privileges are held by the token */
+ DECL_HANDLER(check_token_privileges)
+ {
+-- 
+2.13.1
+

patches/advapi32-CreateRestrictedToken/0002-advapi32-Implement-CreateRestrictedToken.patch

@@ -0,0 +1,271 @@
+From 2a1064c5f90beac2bd709ab5d1c454c90a16189b Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
+Date: Fri, 4 Aug 2017 02:51:57 +0200
+Subject: advapi32: Implement CreateRestrictedToken.
+
+---
+ dlls/advapi32/security.c       | 88 +++++++++++++++++++++++++++++++++++-------
+ dlls/advapi32/tests/security.c | 88 +++++++++++++++++++++++++++++++++++++++---
+ 2 files changed, 157 insertions(+), 19 deletions(-)
+
+diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
+index 82bb6689d43..c531e45c9a0 100644
+--- a/dlls/advapi32/security.c
++++ b/dlls/advapi32/security.c
+@@ -840,6 +840,60 @@ BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
+                                                  ThreadImpersonationToken, &token, sizeof token ));
+ }
+ 
++static BOOL allocate_groups(TOKEN_GROUPS **groups_ret, SID_AND_ATTRIBUTES *sids, DWORD count)
++{
++    TOKEN_GROUPS *groups;
++    DWORD i;
++
++    if (!count)
++    {
++        *groups_ret = NULL;
++        return TRUE;
++    }
++
++    groups = (TOKEN_GROUPS *)heap_alloc(FIELD_OFFSET(TOKEN_GROUPS, Groups) +
++                                        count * sizeof(SID_AND_ATTRIBUTES));
++    if (!groups)
++    {
++        SetLastError(ERROR_OUTOFMEMORY);
++        return FALSE;
++    }
++
++    groups->GroupCount = count;
++    for (i = 0; i < count; i++)
++        groups->Groups[i] = sids[i];
++
++    *groups_ret = groups;
++    return TRUE;
++}
++
++static BOOL allocate_privileges(TOKEN_PRIVILEGES **privileges_ret, LUID_AND_ATTRIBUTES *privs, DWORD count)
++{
++    TOKEN_PRIVILEGES *privileges;
++    DWORD i;
++
++    if (!count)
++    {
++        *privileges_ret = NULL;
++        return TRUE;
++    }
++
++    privileges = (TOKEN_PRIVILEGES *)heap_alloc(FIELD_OFFSET(TOKEN_PRIVILEGES, Privileges) +
++                                                count * sizeof(LUID_AND_ATTRIBUTES));
++    if (!privileges)
++    {
++        SetLastError(ERROR_OUTOFMEMORY);
++        return FALSE;
++    }
++
++    privileges->PrivilegeCount = count;
++    for (i = 0; i < count; i++)
++        privileges->Privileges[i] = privs[i];
++
++    *privileges_ret = privileges;
++    return TRUE;
++}
++
+ /*************************************************************************
+  * CreateRestrictedToken [ADVAPI32.@]
+  *
+@@ -871,25 +925,33 @@ BOOL WINAPI CreateRestrictedToken(
+     PSID_AND_ATTRIBUTES restrictSids,
+     PHANDLE newToken)
+ {
+-    TOKEN_TYPE type;
+-    SECURITY_IMPERSONATION_LEVEL level = SecurityAnonymous;
+-    DWORD size;
++    TOKEN_PRIVILEGES *delete_privs = NULL;
++    TOKEN_GROUPS *disable_groups = NULL;
++    TOKEN_GROUPS *restrict_sids = NULL;
++    BOOL ret = FALSE;
+ 
+-    FIXME("(%p, 0x%x, %u, %p, %u, %p, %u, %p, %p): stub\n",
++    TRACE("(%p, 0x%x, %u, %p, %u, %p, %u, %p, %p)\n",
+           baseToken, flags, nDisableSids, disableSids,
+           nDeletePrivs, deletePrivs,
+           nRestrictSids, restrictSids,
+           newToken);
+ 
+-    size = sizeof(type);
+-    if (!GetTokenInformation( baseToken, TokenType, &type, size, &size )) return FALSE;
+-    if (type == TokenImpersonation)
+-    {
+-        size = sizeof(level);
+-        if (!GetTokenInformation( baseToken, TokenImpersonationLevel, &level, size, &size ))
+-            return FALSE;
+-    }
+-    return DuplicateTokenEx( baseToken, MAXIMUM_ALLOWED, NULL, level, type, newToken );
++    if (!allocate_groups(&disable_groups, disableSids, nDisableSids))
++        goto done;
++
++    if (!allocate_privileges(&delete_privs, deletePrivs, nDeletePrivs))
++        goto done;
++
++    if (!allocate_groups(&restrict_sids, restrictSids, nRestrictSids))
++        goto done;
++
++    ret = set_ntstatus(NtFilterToken(baseToken, flags, disable_groups, delete_privs, restrict_sids, newToken));
++
++done:
++    heap_free(disable_groups);
++    heap_free(delete_privs);
++    heap_free(restrict_sids);
++    return ret;
+ }
+ 
+ /*	##############################
+diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
+index a1ecc409b73..0fd41fe82fa 100644
+--- a/dlls/advapi32/tests/security.c
++++ b/dlls/advapi32/tests/security.c
+@@ -5292,10 +5292,13 @@ static void test_GetUserNameW(void)
+ 
+ static void test_CreateRestrictedToken(void)
+ {
++    TOKEN_PRIMARY_GROUP *primary_group, *primary_group2;
+     HANDLE process_token, token, r_token;
+     PTOKEN_GROUPS token_groups, groups2;
+     SID_AND_ATTRIBUTES sattr;
+     SECURITY_IMPERSONATION_LEVEL level;
++    TOKEN_PRIVILEGES *privs;
++    PRIVILEGE_SET privset;
+     TOKEN_TYPE type;
+     BOOL is_member;
+     DWORD size;
+@@ -5311,7 +5314,7 @@ static void test_CreateRestrictedToken(void)
+     ret = OpenProcessToken(GetCurrentProcess(), TOKEN_DUPLICATE|TOKEN_QUERY, &process_token);
+     ok(ret, "got error %d\n", GetLastError());
+ 
+-    ret = DuplicateTokenEx(process_token, TOKEN_DUPLICATE|TOKEN_ADJUST_GROUPS|TOKEN_QUERY,
++    ret = DuplicateTokenEx(process_token, TOKEN_DUPLICATE|TOKEN_ADJUST_GROUPS|TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY,
+         NULL, SecurityImpersonation, TokenImpersonation, &token);
+     ok(ret, "got error %d\n", GetLastError());
+ 
+@@ -5342,11 +5345,21 @@ static void test_CreateRestrictedToken(void)
+     ok(ret, "got error %d\n", GetLastError());
+     ok(is_member, "not a member\n");
+ 
+-    /* disable a SID in new token */
++    privset.PrivilegeCount = 1;
++    privset.Control = PRIVILEGE_SET_ALL_NECESSARY;
++    ret = LookupPrivilegeValueA(NULL, "SeChangeNotifyPrivilege", &privset.Privilege[0].Luid);
++    ok(ret, "got error %d\n", GetLastError());
++
++    is_member = FALSE;
++    ret = PrivilegeCheck(token, &privset, &is_member);
++    ok(ret, "got error %d\n", GetLastError());
++    ok(is_member, "Expected SeChangeNotifyPrivilege to be enabled\n");
++
++    /* disable a SID and a privilege in new token */
+     sattr.Sid = token_groups->Groups[i].Sid;
+     sattr.Attributes = 0;
+     r_token = NULL;
+-    ret = pCreateRestrictedToken(token, 0, 1, &sattr, 0, NULL, 0, NULL, &r_token);
++    ret = pCreateRestrictedToken(token, 0, 1, &sattr, 1, &privset.Privilege[0], 0, NULL, &r_token);
+     ok(ret, "got error %d\n", GetLastError());
+ 
+     if (ret)
+@@ -5355,7 +5368,7 @@ static void test_CreateRestrictedToken(void)
+         is_member = TRUE;
+         ret = pCheckTokenMembership(r_token, token_groups->Groups[i].Sid, &is_member);
+         ok(ret, "got error %d\n", GetLastError());
+-        todo_wine ok(!is_member, "not a member\n");
++        ok(!is_member, "not a member\n");
+ 
+         ret = GetTokenInformation(r_token, TokenGroups, NULL, 0, &size);
+         ok(!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER, "got %d with error %d\n",
+@@ -5370,9 +5383,9 @@ static void test_CreateRestrictedToken(void)
+                 break;
+         }
+ 
+-        todo_wine ok(groups2->Groups[j].Attributes & SE_GROUP_USE_FOR_DENY_ONLY,
++        ok(groups2->Groups[j].Attributes & SE_GROUP_USE_FOR_DENY_ONLY,
+             "got wrong attributes\n");
+-        todo_wine ok((groups2->Groups[j].Attributes & SE_GROUP_ENABLED) == 0,
++        ok((groups2->Groups[j].Attributes & SE_GROUP_ENABLED) == 0,
+             "got wrong attributes\n");
+ 
+         HeapFree(GetProcessHeap(), 0, groups2);
+@@ -5386,10 +5399,73 @@ static void test_CreateRestrictedToken(void)
+         ret = GetTokenInformation(r_token, TokenImpersonationLevel, &level, size, &size);
+         ok(ret, "got error %d\n", GetLastError());
+         ok(level == SecurityImpersonation, "got level %u\n", type);
++
++        is_member = TRUE;
++        ret = PrivilegeCheck(r_token, &privset, &is_member);
++        ok(ret, "got error %d\n", GetLastError());
++        ok(!is_member, "Expected SeChangeNotifyPrivilege not to be enabled\n");
++
++        ret = GetTokenInformation(r_token, TokenPrivileges, NULL, 0, &size);
++        ok(!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER, "got %d with error %d\n",
++            ret, GetLastError());
++        privs = HeapAlloc(GetProcessHeap(), 0, size);
++        ret = GetTokenInformation(r_token, TokenPrivileges, privs, size, &size);
++        ok(ret, "got error %d\n", GetLastError());
++
++        is_member = FALSE;
++        for (j = 0; j < privs->PrivilegeCount; j++)
++        {
++            if (RtlEqualLuid(&privs->Privileges[j].Luid, &privset.Privilege[0].Luid))
++            {
++                is_member = TRUE;
++                break;
++            }
++        }
++
++        ok(!is_member, "Expected not to find privilege\n");
++        HeapFree(GetProcessHeap(), 0, privs);
+     }
+ 
+     HeapFree(GetProcessHeap(), 0, token_groups);
+     CloseHandle(r_token);
++
++    ret = GetTokenInformation(token, TokenPrimaryGroup, NULL, 0, &size);
++    ok(!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER, "got %d with error %d\n",
++        ret, GetLastError());
++    primary_group = HeapAlloc(GetProcessHeap(), 0, size);
++    ret = GetTokenInformation(token, TokenPrimaryGroup, primary_group, size, &size);
++    ok(ret, "got error %d\n", GetLastError());
++
++    /* disable primary group */
++    sattr.Sid = primary_group->PrimaryGroup;
++    sattr.Attributes = 0;
++    r_token = NULL;
++    ret = pCreateRestrictedToken(token, 0, 1, &sattr, 0, NULL, 0, NULL, &r_token);
++    ok(ret, "got error %d\n", GetLastError());
++
++    if (ret)
++    {
++        is_member = TRUE;
++        ret = pCheckTokenMembership(r_token, primary_group->PrimaryGroup, &is_member);
++        ok(ret, "got error %d\n", GetLastError());
++        ok(!is_member, "not a member\n");
++
++        ret = GetTokenInformation(r_token, TokenPrimaryGroup, NULL, 0, &size);
++        ok(!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER, "got %d with error %d\n",
++            ret, GetLastError());
++        primary_group2 = HeapAlloc(GetProcessHeap(), 0, size);
++        ret = GetTokenInformation(r_token, TokenPrimaryGroup, primary_group2, size, &size);
++        ok(ret, "got error %d\n", GetLastError());
++
++        ok(EqualSid(primary_group2->PrimaryGroup, primary_group->PrimaryGroup),
++           "Expected same primary group\n");
++
++        HeapFree(GetProcessHeap(), 0, primary_group2);
++    }
++
++    HeapFree(GetProcessHeap(), 0, primary_group);
++    CloseHandle(r_token);
++
+     CloseHandle(token);
+     CloseHandle(process_token);
+ }
+-- 
+2.13.1
+

patches/advapi32-CreateRestrictedToken/0003-server-Correctly-validate-SID-length-in-sd_is_valid.patch

@@ -0,0 +1,36 @@
+From 22a49dfa50cda9b1f5a5c64eabed2d17b0033896 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
+Date: Fri, 4 Aug 2017 02:52:50 +0200
+Subject: server: Correctly validate SID length in sd_is_valid.
+
+---
+ server/token.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/server/token.c b/server/token.c
+index acd7a4dedb5..7ab0f634c05 100644
+--- a/server/token.c
++++ b/server/token.c
+@@ -332,8 +332,7 @@ int sd_is_valid( const struct security_descriptor *sd, data_size_t size )
+     owner = sd_get_owner( sd );
+     if (owner)
+     {
+-        size_t needed_size = security_sid_len( owner );
+-        if ((sd->owner_len < sizeof(SID)) || (needed_size > sd->owner_len))
++        if ((sd->owner_len < sizeof(SID)) || (security_sid_len( owner ) > sd->owner_len))
+             return FALSE;
+     }
+     offset += sd->owner_len;
+@@ -344,8 +343,7 @@ int sd_is_valid( const struct security_descriptor *sd, data_size_t size )
+     group = sd_get_group( sd );
+     if (group)
+     {
+-        size_t needed_size = security_sid_len( group );
+-        if ((sd->group_len < sizeof(SID)) || (needed_size > sd->group_len))
++        if ((sd->group_len < sizeof(SID)) || (security_sid_len( group ) > sd->group_len))
+             return FALSE;
+     }
+     offset += sd->group_len;
+-- 
+2.13.1
+

patches/advapi32-CreateRestrictedToken/definition

@@ -0,0 +1 @@
+Fixes: Implement advapi32.CreateRestrictedToken

patches/advapi32-GetExplicitEntriesFromAclW/0001-advapi32-Implement-GetExplicitEntriesFromAclW.patch

@@ -1,4 +1,4 @@
-From b4469d7a12637ef2b57df3f6aebbe65c9b52ef57 Mon Sep 17 00:00:00 2001
+From 510d9f43f441bc3a9723aabfd2c1cdc8737d6dcc Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sun, 28 Aug 2016 21:56:41 +0200
 Subject: advapi32: Implement GetExplicitEntriesFromAclW.
@@ -9,10 +9,10 @@ Subject: advapi32: Implement GetExplicitEntriesFromAclW.
  2 files changed, 221 insertions(+), 2 deletions(-)
 
 diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
-index 7e41c0a7361..ccd0bf64cab 100644
+index e36792cff4..b305947347 100644
 --- a/dlls/advapi32/security.c
 +++ b/dlls/advapi32/security.c
-@@ -4202,8 +4202,85 @@ DWORD WINAPI GetExplicitEntriesFromAclA( PACL pacl, PULONG pcCountOfExplicitEntr
+@@ -4205,8 +4205,85 @@ DWORD WINAPI GetExplicitEntriesFromAclA( PACL pacl, PULONG pcCountOfExplicitEntr
  DWORD WINAPI GetExplicitEntriesFromAclW( PACL pacl, PULONG pcCountOfExplicitEntries,
          PEXPLICIT_ACCESSW* pListOfExplicitEntries)
  {
@@ -101,10 +101,10 @@ index 7e41c0a7361..ccd0bf64cab 100644
  
  /******************************************************************************
 diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
-index c31dfbeace3..23cbff58117 100644
+index 3c68205922..ca5edffae5 100644
 --- a/dlls/advapi32/tests/security.c
 +++ b/dlls/advapi32/tests/security.c
-@@ -133,6 +133,7 @@ static BOOL     (WINAPI *pGetWindowsAccountDomainSid)(PSID,PSID,DWORD*);
+@@ -134,6 +134,7 @@ static BOOL     (WINAPI *pGetWindowsAccountDomainSid)(PSID,PSID,DWORD*);
  static void     (WINAPI *pRtlInitAnsiString)(PANSI_STRING,PCSZ);
  static NTSTATUS (WINAPI *pRtlFreeUnicodeString)(PUNICODE_STRING);
  static PSID_IDENTIFIER_AUTHORITY (WINAPI *pGetSidIdentifierAuthority)(PSID);
@@ -112,16 +112,16 @@ index c31dfbeace3..23cbff58117 100644
  
  static HMODULE hmod;
  static int     myARGC;
-@@ -227,6 +228,7 @@ static void init(void)
-     pGetAce = (void *)GetProcAddress(hmod, "GetAce");
+@@ -230,6 +231,7 @@ static void init(void)
      pGetWindowsAccountDomainSid = (void *)GetProcAddress(hmod, "GetWindowsAccountDomainSid");
      pGetSidIdentifierAuthority = (void *)GetProcAddress(hmod, "GetSidIdentifierAuthority");
+     pDuplicateTokenEx = (void *)GetProcAddress(hmod, "DuplicateTokenEx");
 +    pGetExplicitEntriesFromAclW = (void *)GetProcAddress(hmod, "GetExplicitEntriesFromAclW");
  
      myARGC = winetest_get_mainargs( &myARGV );
  }
-@@ -6451,6 +6453,145 @@ static void test_maximum_allowed(void)
-     CloseHandle(handle);
+@@ -7076,6 +7078,145 @@ static void test_child_token_sd(void)
+     HeapFree(GetProcessHeap(), 0, sd);
  }
  
 +static void test_GetExplicitEntriesFromAclW(void)
@@ -266,12 +266,14 @@ index c31dfbeace3..23cbff58117 100644
  START_TEST(security)
  {
      init();
-@@ -6499,4 +6640,5 @@ START_TEST(security)
-     test_GetSidIdentifierAuthority();
+@@ -7129,6 +7270,7 @@ START_TEST(security)
      test_pseudo_tokens();
      test_maximum_allowed();
+     test_token_label();
 +    test_GetExplicitEntriesFromAclW();
- }
+ 
+     /* Must be the last test, modifies process token */
+     test_token_security_descriptor();
 -- 
-2.11.0
+2.13.1
 

patches/advapi32-Performance_Counters/0001-advapi32-tests-Add-more-tests-for-performance-counte.patch

@@ -0,0 +1,267 @@
+From e950724c38a4f81efb97bb9595dc59c5fb925da0 Mon Sep 17 00:00:00 2001
+From: Dmitry Timoshkov <dmitry@baikal.ru>
+Date: Wed, 12 Apr 2017 12:33:31 +0800
+Subject: advapi32/tests: Add more tests for performance counters.
+
+---
+ dlls/advapi32/tests/registry.c | 196 ++++++++++++++++++++++++++++++++++++++++-
+ include/winreg.h               |   2 +
+ 2 files changed, 194 insertions(+), 4 deletions(-)
+
+diff --git a/dlls/advapi32/tests/registry.c b/dlls/advapi32/tests/registry.c
+index 846f1c49628..d850f6a3aa7 100644
+--- a/dlls/advapi32/tests/registry.c
++++ b/dlls/advapi32/tests/registry.c
+@@ -3520,35 +3520,73 @@ static void test_RegNotifyChangeKeyValue(void)
+     CloseHandle(event);
+ }
+ 
++static const char *dbgstr_longlong(ULONGLONG ll)
++{
++    static char buf[16][64];
++    static int idx;
++
++    idx &= 0x0f;
++
++    if (sizeof(ll) > sizeof(unsigned long) && ll >> 32)
++        sprintf(buf[idx], "0x%lx%08lx", (unsigned long)(ll >> 32), (unsigned long)ll);
++    else
++        sprintf(buf[idx], "0x%08lx", (unsigned long)ll);
++
++    return buf[idx++];
++}
++
++#define cmp_li(a, b, c) cmp_li_real(a, b, c, __LINE__)
++static void cmp_li_real(LARGE_INTEGER *l1, LARGE_INTEGER *l2, LONGLONG slack, int line)
++{
++    LONGLONG diff = l2->QuadPart - l1->QuadPart;
++    if (diff < 0) diff = -diff;
++    ok_(__FILE__, line)(diff <= slack, "values don't match: %s/%s\n",
++        dbgstr_longlong(l1->QuadPart), dbgstr_longlong(l2->QuadPart));
++}
++
+ static void test_RegQueryValueExPerformanceData(void)
+ {
+-    DWORD cbData, len;
++    static const WCHAR globalW[] = { 'G','l','o','b','a','l',0 };
++    static const WCHAR dummyW[5] = { 'd','u','m','m','y' };
++    static const char * const names[] = { NULL, "", "Global", "2" "invalid counter name" };
++    DWORD cbData, len, i, type;
+     BYTE *value;
+     DWORD dwret;
+     LONG limit = 6;
+     PERF_DATA_BLOCK *pdb;
++    HKEY hkey;
++    BYTE buf[256 + sizeof(PERF_DATA_BLOCK)];
+ 
+     /* Test with data == NULL */
+     dwret = RegQueryValueExA( HKEY_PERFORMANCE_DATA, "Global", NULL, NULL, NULL, &cbData );
+     todo_wine ok( dwret == ERROR_MORE_DATA, "expected ERROR_MORE_DATA, got %d\n", dwret );
+ 
++    dwret = RegQueryValueExW( HKEY_PERFORMANCE_DATA, globalW, NULL, NULL, NULL, &cbData );
++    todo_wine ok( dwret == ERROR_MORE_DATA, "expected ERROR_MORE_DATA, got %d\n", dwret );
++
+     /* Test ERROR_MORE_DATA, start with small buffer */
+     len = 10;
+     value = HeapAlloc(GetProcessHeap(), 0, len);
+     cbData = len;
+-    dwret = RegQueryValueExA( HKEY_PERFORMANCE_DATA, "Global", NULL, NULL, value, &cbData );
++    type = 0xdeadbeef;
++    dwret = RegQueryValueExA( HKEY_PERFORMANCE_DATA, "Global", NULL, &type, value, &cbData );
+     todo_wine ok( dwret == ERROR_MORE_DATA, "expected ERROR_MORE_DATA, got %d\n", dwret );
++todo_wine
++    ok(type == REG_BINARY, "got %u\n", type);
+     while( dwret == ERROR_MORE_DATA && limit)
+     {
+         len = len * 10;
+         value = HeapReAlloc( GetProcessHeap(), 0, value, len );
+         cbData = len;
+-        dwret = RegQueryValueExA( HKEY_PERFORMANCE_DATA, "Global", NULL, NULL, value, &cbData );
++        type = 0xdeadbeef;
++        dwret = RegQueryValueExA( HKEY_PERFORMANCE_DATA, "Global", NULL, &type, value, &cbData );
+         limit--;
+     }
+     ok(limit > 0, "too many times ERROR_MORE_DATA returned\n");
+ 
+     todo_wine ok(dwret == ERROR_SUCCESS, "expected ERROR_SUCCESS, got %d\n", dwret);
++todo_wine
++    ok(type == REG_BINARY, "got %u\n", type);
+ 
+     /* Check returned data */
+     if (dwret == ERROR_SUCCESS)
+@@ -3565,8 +3603,158 @@ static void test_RegQueryValueExPerformanceData(void)
+     }
+ 
+     HeapFree(GetProcessHeap(), 0, value);
+-}
+ 
++    for (i = 0; i < sizeof(names)/sizeof(names[0]); i++)
++    {
++        cbData = 0xdeadbeef;
++        dwret = RegQueryValueExA(HKEY_PERFORMANCE_DATA, names[i], NULL, NULL, NULL, &cbData);
++todo_wine
++        ok(dwret == ERROR_MORE_DATA, "%u/%s: got %u\n", i, names[i], dwret);
++        ok(cbData == 0, "got %u\n", cbData);
++
++        cbData = 0;
++        dwret = RegQueryValueExA(HKEY_PERFORMANCE_DATA, names[i], NULL, NULL, NULL, &cbData);
++todo_wine
++        ok(dwret == ERROR_MORE_DATA, "%u/%s: got %u\n", i, names[i], dwret);
++        ok(cbData == 0, "got %u\n", cbData);
++
++        cbData = 0xdeadbeef;
++        dwret = RegQueryValueExA(HKEY_PERFORMANCE_TEXT, names[i], NULL, NULL, NULL, &cbData);
++todo_wine
++        ok(dwret == ERROR_MORE_DATA, "%u/%s: got %u\n", i, names[i], dwret);
++        ok(cbData == 0, "got %u\n", cbData);
++
++        cbData = 0;
++        dwret = RegQueryValueExA(HKEY_PERFORMANCE_TEXT, names[i], NULL, NULL, NULL, &cbData);
++todo_wine
++        ok(dwret == ERROR_MORE_DATA, "%u/%s: got %u\n", i, names[i], dwret);
++        ok(cbData == 0, "got %u\n", cbData);
++
++        cbData = 0xdeadbeef;
++        dwret = RegQueryValueExA(HKEY_PERFORMANCE_NLSTEXT, names[i], NULL, NULL, NULL, &cbData);
++todo_wine
++        ok(dwret == ERROR_MORE_DATA, "%u/%s: got %u\n", i, names[i], dwret);
++        ok(cbData == 0, "got %u\n", cbData);
++
++        cbData = 0;
++        dwret = RegQueryValueExA(HKEY_PERFORMANCE_NLSTEXT, names[i], NULL, NULL, NULL, &cbData);
++todo_wine
++        ok(dwret == ERROR_MORE_DATA, "%u/%s: got %u\n", i, names[i], dwret);
++        ok(cbData == 0, "got %u\n", cbData);
++    }
++
++    memset(buf, 0x77, sizeof(buf));
++    type = 0xdeadbeef;
++    cbData = sizeof(buf);
++    dwret = RegQueryValueExA(HKEY_PERFORMANCE_DATA, "invalid counter name", NULL, &type, buf, &cbData);
++todo_wine
++    ok(dwret == ERROR_SUCCESS, "got %u\n", dwret);
++todo_wine
++    ok(type == REG_BINARY, "got %u\n", type);
++    if (dwret == ERROR_SUCCESS)
++    {
++        SYSTEMTIME st;
++        WCHAR sysname[MAX_COMPUTERNAME_LENGTH + 1];
++        DWORD sysname_len;
++        LARGE_INTEGER counter, freq, ftime;
++
++        GetSystemTime(&st);
++        GetSystemTimeAsFileTime((FILETIME *)&ftime);
++        QueryPerformanceCounter(&counter);
++        QueryPerformanceFrequency(&freq);
++
++        sysname_len = MAX_COMPUTERNAME_LENGTH + 1;
++        GetComputerNameW(sysname, &sysname_len);
++
++        pdb = (PERF_DATA_BLOCK *)buf;
++        ok(pdb->Signature[0] == 'P', "got '%c'\n", pdb->Signature[0]);
++        ok(pdb->Signature[1] == 'E', "got '%c'\n", pdb->Signature[1]);
++        ok(pdb->Signature[2] == 'R', "got '%c'\n", pdb->Signature[2]);
++        ok(pdb->Signature[3] == 'F', "got '%c'\n", pdb->Signature[3]);
++
++        ok(pdb->LittleEndian == 1, "got %u\n", pdb->LittleEndian);
++        ok(pdb->Version == 1, "got %u\n", pdb->Version);
++        ok(pdb->Revision == 1, "got %u\n", pdb->Revision);
++        len = (sizeof(*pdb) + pdb->SystemNameLength + 7) & ~7;
++        ok(pdb->TotalByteLength == len, "got %u vs %u\n", pdb->TotalByteLength, len);
++        ok(pdb->HeaderLength == pdb->TotalByteLength, "got %u\n", pdb->HeaderLength);
++        ok(pdb->NumObjectTypes == 0, "got %u\n", pdb->NumObjectTypes);
++        ok(pdb->DefaultObject != 0, "got %u\n", pdb->DefaultObject);
++        ok(pdb->SystemTime.wYear == st.wYear, "got %u\n", pdb->SystemTime.wYear);
++        ok(pdb->SystemTime.wMonth == st.wMonth, "got %u\n", pdb->SystemTime.wMonth);
++        ok(pdb->SystemTime.wDayOfWeek == st.wDayOfWeek, "got %u\n", pdb->SystemTime.wDayOfWeek);
++        ok(pdb->SystemTime.wDay == st.wDay, "got %u\n", pdb->SystemTime.wDay);
++        if (U(pdb->PerfTime).LowPart != 0x77777777) /* TestBot is broken */
++            cmp_li(&pdb->PerfTime, &counter, freq.QuadPart);
++        if (U(pdb->PerfFreq).LowPart != 0x77777777) /* TestBot is broken */
++            cmp_li(&pdb->PerfFreq, &freq, 0);
++        cmp_li(&pdb->PerfTime100nSec, &ftime, 200000); /* TestBot needs huge slack value */
++        ok(pdb->SystemNameLength == (sysname_len + 1) * sizeof(WCHAR), "expected %u, got %u\n",
++           (sysname_len + 1) * sizeof(WCHAR), pdb->SystemNameLength);
++        ok(pdb->SystemNameOffset == sizeof(*pdb), "got %u\n", pdb->SystemNameOffset);
++        ok(!lstrcmpW(sysname, (LPCWSTR)(pdb + 1)), "%s != %s\n",
++           wine_dbgstr_w(sysname), wine_dbgstr_w((LPCWSTR)(pdb + 1)));
++
++        len = pdb->TotalByteLength - (sizeof(*pdb) + pdb->SystemNameLength);
++        if (len)
++        {
++            BYTE remainder[8], *p;
++
++            memset(remainder, 0x77, sizeof(remainder));
++            p = buf + sizeof(*pdb) + pdb->SystemNameLength;
++            ok(!memcmp(p, remainder, len), "remainder: %02x,%02x...\n", p[0], p[1]);
++        }
++    }
++
++    dwret = RegOpenKeyA(HKEY_PERFORMANCE_DATA, NULL, &hkey);
++todo_wine
++    ok(dwret == ERROR_INVALID_HANDLE, "got %u\n", dwret);
++
++    dwret = RegOpenKeyA(HKEY_PERFORMANCE_DATA, "Global", &hkey);
++todo_wine
++    ok(dwret == ERROR_INVALID_HANDLE, "got %u\n", dwret);
++
++    dwret = RegOpenKeyExA(HKEY_PERFORMANCE_DATA, "Global", 0, KEY_READ, &hkey);
++todo_wine
++    ok(dwret == ERROR_INVALID_HANDLE, "got %u\n", dwret);
++
++    dwret = RegQueryValueA(HKEY_PERFORMANCE_DATA, "Global", NULL, (LONG *)&cbData);
++todo_wine
++    ok(dwret == ERROR_INVALID_HANDLE, "got %u\n", dwret);
++
++    dwret = RegSetValueA(HKEY_PERFORMANCE_DATA, "Global", REG_SZ, "dummy", 4);
++todo_wine
++    ok(dwret == ERROR_INVALID_HANDLE, "got %u\n", dwret);
++
++    dwret = RegSetValueExA(HKEY_PERFORMANCE_DATA, "Global", 0, REG_SZ, (const BYTE *)"dummy", 40);
++todo_wine
++    ok(dwret == ERROR_INVALID_HANDLE, "got %u\n", dwret);
++
++    cbData = sizeof(buf);
++    dwret = RegEnumKeyA(HKEY_PERFORMANCE_DATA, 0, (LPSTR)buf, cbData);
++todo_wine
++    ok(dwret == ERROR_INVALID_HANDLE, "got %u\n", dwret);
++
++    cbData = sizeof(buf);
++    dwret = RegEnumValueA(HKEY_PERFORMANCE_DATA, 0, (LPSTR)buf, &cbData, NULL, NULL, NULL, NULL);
++todo_wine
++    ok(dwret == ERROR_MORE_DATA, "got %u\n", dwret);
++todo_wine
++    ok(cbData == sizeof(buf), "got %u\n", cbData);
++
++    dwret = RegEnumValueA(HKEY_PERFORMANCE_DATA, 0, NULL, &cbData, NULL, NULL, NULL, NULL);
++    ok(dwret == ERROR_INVALID_PARAMETER, "got %u\n", dwret);
++
++    if (pRegSetKeyValueW)
++    {
++        dwret = pRegSetKeyValueW(HKEY_PERFORMANCE_DATA, NULL, globalW, REG_SZ, dummyW, sizeof(dummyW));
++todo_wine
++        ok(dwret == ERROR_INVALID_HANDLE, "got %u\n", dwret);
++    }
++
++    dwret = RegCloseKey(HKEY_PERFORMANCE_DATA);
++    ok(dwret == ERROR_SUCCESS, "got %u\n", dwret);
++}
+ 
+ START_TEST(registry)
+ {
+diff --git a/include/winreg.h b/include/winreg.h
+index 42b77251ae4..ddbd9293783 100644
+--- a/include/winreg.h
++++ b/include/winreg.h
+@@ -32,6 +32,8 @@ extern "C" {
+ #define HKEY_PERFORMANCE_DATA   ((HKEY)(LONG_PTR)(LONG)0x80000004)
+ #define HKEY_CURRENT_CONFIG     ((HKEY)(LONG_PTR)(LONG)0x80000005)
+ #define HKEY_DYN_DATA           ((HKEY)(LONG_PTR)(LONG)0x80000006)
++#define HKEY_PERFORMANCE_TEXT   ((HKEY)(LONG_PTR)(LONG)0x80000050)
++#define HKEY_PERFORMANCE_NLSTEXT ((HKEY)(LONG_PTR)(LONG)0x80000060)
+ 
+ /*
+  *	registry provider structs
+-- 
+2.13.1
+

patches/advapi32-Performance_Counters/0002-include-Add-more-definitions-for-performance-counter.patch

@@ -0,0 +1,139 @@
+From f72de28ee3a7a3cb25165f0aaee0c7e17eb7e6d7 Mon Sep 17 00:00:00 2001
+From: Dmitry Timoshkov <dmitry@baikal.ru>
+Date: Wed, 12 Apr 2017 12:48:29 +0800
+Subject: include: Add more definitions for performance counters.
+
+---
+ include/winperf.h | 113 ++++++++++++++++++++++++++++++++++++++++++++++--------
+ 1 file changed, 97 insertions(+), 16 deletions(-)
+
+diff --git a/include/winperf.h b/include/winperf.h
+index dce1a6d648d..113bfbae40f 100644
+--- a/include/winperf.h
++++ b/include/winperf.h
+@@ -67,25 +67,106 @@
+ #define PERF_DETAIL_EXPERT      300
+ #define PERF_DETAIL_WIZARD      400
+ 
++#include <pshpack8.h>
++
+ /* Performance data structure header
+  * returned in answer to HKEY_PERFORMANCE_DATA request
+  */
+ 
+-typedef struct _PERF_DATA_BLOCK {
+-  WCHAR         Signature[4];
+-  DWORD         LittleEndian;
+-  DWORD         Version;
+-  DWORD         Revision;
+-  DWORD         TotalByteLength;
+-  DWORD         HeaderLength;
+-  DWORD         NumObjectTypes;
+-  DWORD         DefaultObject;
+-  SYSTEMTIME    SystemTime;
+-  LARGE_INTEGER PerfTime;
+-  LARGE_INTEGER PerfFreq;
+-  LARGE_INTEGER PerfTime100nSec;
+-  DWORD         SystemNameLength;
+-  DWORD         SystemNameOffset;
+-} PERF_DATA_BLOCK, *PPERF_DATA_BLOCK, *LPPERF_DATA_BLOCK;
++#define PERF_DATA_VERSION 1
++#define PERF_DATA_REVISION 1
++
++typedef struct _PERF_DATA_BLOCK
++{
++    WCHAR Signature[4];
++    DWORD LittleEndian;
++    DWORD Version;
++    DWORD Revision;
++    DWORD TotalByteLength;
++    DWORD HeaderLength;
++    DWORD NumObjectTypes;
++    DWORD DefaultObject;
++    SYSTEMTIME SystemTime;
++    LARGE_INTEGER PerfTime;
++    LARGE_INTEGER PerfFreq;
++    LARGE_INTEGER PerfTime100nSec;
++    DWORD SystemNameLength;
++    DWORD SystemNameOffset;
++} PERF_DATA_BLOCK, *PPERF_DATA_BLOCK;
++
++#define PERF_NO_INSTANCES -1
++
++typedef struct _PERF_OBJECT_TYPE
++{
++    DWORD TotalByteLength;
++    DWORD DefinitionLength;
++    DWORD HeaderLength;
++    DWORD ObjectNameTitleIndex;
++#ifdef _WIN64
++    DWORD ObjectNameTitle;
++#else
++    LPWSTR ObjectNameTitle;
++#endif
++    DWORD ObjectHelpTitleIndex;
++#ifdef _WIN64
++    DWORD ObjectHelpTitle;
++#else
++    LPWSTR ObjectHelpTitle;
++#endif
++    DWORD DetailLevel;
++    DWORD NumCounters;
++    LONG DefaultCounter;
++    LONG NumInstances;
++    DWORD CodePage;
++    LARGE_INTEGER PerfTime;
++    LARGE_INTEGER PerfFreq;
++} PERF_OBJECT_TYPE, *PPERF_OBJECT_TYPE;
++
++typedef struct _PERF_COUNTER_DEFINITION
++{
++    DWORD ByteLength;
++    DWORD CounterNameTitleIndex;
++#ifdef _WIN64
++    DWORD CounterNameTitle;
++#else
++    LPWSTR CounterNameTitle;
++#endif
++    DWORD CounterHelpTitleIndex;
++#ifdef _WIN64
++    DWORD CounterHelpTitle;
++#else
++    LPWSTR CounterHelpTitle;
++#endif
++    LONG DefaultScale;
++    DWORD DetailLevel;
++    DWORD CounterType;
++    DWORD CounterSize;
++    DWORD CounterOffset;
++} PERF_COUNTER_DEFINITION, *PPERF_COUNTER_DEFINITION;
++
++#define PERF_NO_UNIQUE_ID -1
++
++typedef struct _PERF_INSTANCE_DEFINITION
++{
++    DWORD ByteLength;
++    DWORD ParentObjectTitleIndex;
++    DWORD ParentObjectInstance;
++    LONG UniqueID;
++    DWORD NameOffset;
++    DWORD NameLength;
++} PERF_INSTANCE_DEFINITION, *PPERF_INSTANCE_DEFINITION;
++
++typedef struct _PERF_COUNTER_BLOCK
++{
++    DWORD ByteLength;
++} PERF_COUNTER_BLOCK, *PPERF_COUNTER_BLOCK;
++
++
++#include <poppack.h>
++
++typedef DWORD (APIENTRY PM_OPEN_PROC)(LPWSTR);
++typedef DWORD (APIENTRY PM_COLLECT_PROC)(LPWSTR,LPVOID *,LPDWORD,LPDWORD);
++typedef DWORD (APIENTRY PM_CLOSE_PROC)(void);
++typedef DWORD (APIENTRY PM_QUERY_PROC)(LPDWORD,LPVOID *,LPDWORD,LPDWORD);
+ 
+ #endif /* _WINPERF_ */
+-- 
+2.13.1
+

patches/advapi32-Performance_Counters/0003-advapi32-Add-initial-support-for-querying-performanc.patch

@@ -0,0 +1,380 @@
+From 4fc763b4564cf0dc7e9e27826d785255133c8187 Mon Sep 17 00:00:00 2001
+From: Dmitry Timoshkov <dmitry@baikal.ru>
+Date: Wed, 12 Apr 2017 13:59:20 +0800
+Subject: advapi32: Add initial support for querying performance counters data.
+ (v2)
+
+---
+ dlls/advapi32/registry.c       | 244 ++++++++++++++++++++++++++++++++++++++++-
+ dlls/advapi32/tests/registry.c |  17 +--
+ 2 files changed, 249 insertions(+), 12 deletions(-)
+
+diff --git a/dlls/advapi32/registry.c b/dlls/advapi32/registry.c
+index 7a26fffc55e..4dd29d3ba72 100644
+--- a/dlls/advapi32/registry.c
++++ b/dlls/advapi32/registry.c
+@@ -2,6 +2,7 @@
+  * Registry management
+  *
+  * Copyright (C) 1999 Alexandre Julliard
++ * Copyright (C) 2017 Dmitry Timoshkov
+  *
+  * Based on misc/registry.c code
+  * Copyright (C) 1996 Marcus Meissner
+@@ -36,6 +37,7 @@
+ #include "winreg.h"
+ #include "winerror.h"
+ #include "winternl.h"
++#include "winperf.h"
+ #include "winuser.h"
+ #include "sddl.h"
+ #include "advapi32_misc.h"
+@@ -1482,6 +1484,234 @@ LONG WINAPI RegSetKeyValueA( HKEY hkey, LPCSTR subkey, LPCSTR name, DWORD type,
+     return ret;
+ }
+ 
++struct perf_provider
++{
++    HMODULE perflib;
++    PM_OPEN_PROC *pOpen;
++    PM_CLOSE_PROC *pClose;
++    PM_COLLECT_PROC *pCollect;
++};
++
++static void *get_provider_entry(HKEY perf, HMODULE perflib, const char *name)
++{
++    char buf[MAX_PATH];
++    DWORD err, type, len;
++
++    len = sizeof(buf) - 1;
++    err = RegQueryValueExA(perf, name, NULL, &type, (BYTE *)buf, &len);
++    if (err != ERROR_SUCCESS || type != REG_SZ)
++        return NULL;
++
++    buf[len] = 0;
++    TRACE("Loading function pointer for %s: %s\n", name, debugstr_a(buf));
++
++    return GetProcAddress(perflib, buf);
++}
++
++static BOOL load_provider(HKEY root, const WCHAR *name, struct perf_provider *provider)
++{
++    static const WCHAR performanceW[] = { 'P','e','r','f','o','r','m','a','n','c','e',0 };
++    static const WCHAR libraryW[] = { 'L','i','b','r','a','r','y',0 };
++    WCHAR buf[MAX_PATH], buf2[MAX_PATH];
++    DWORD err, type, len;
++    HKEY service, perf;
++
++    err = RegOpenKeyExW(root, name, 0, KEY_READ, &service);
++    if (err != ERROR_SUCCESS)
++        return FALSE;
++
++    err = RegOpenKeyExW(service, performanceW, 0, KEY_READ, &perf);
++    RegCloseKey(service);
++    if (err != ERROR_SUCCESS)
++        return FALSE;
++
++    len = sizeof(buf) - sizeof(WCHAR);
++    err = RegQueryValueExW(perf, libraryW, NULL, &type, (BYTE *)buf, &len);
++    if (err != ERROR_SUCCESS || !(type == REG_SZ || type == REG_EXPAND_SZ))
++        goto error;
++
++    buf[len / sizeof(WCHAR)] = 0;
++    if (type == REG_EXPAND_SZ)
++    {
++        len = ExpandEnvironmentStringsW(buf, buf2, MAX_PATH);
++        if (!len || len > MAX_PATH) goto error;
++        strcpyW(buf, buf2);
++    }
++
++    if (!(provider->perflib = LoadLibraryW(buf)))
++    {
++        WARN("Failed to load %s\n", debugstr_w(buf));
++        goto error;
++    }
++
++    GetModuleFileNameW(provider->perflib, buf, MAX_PATH);
++    TRACE("Loaded provider %s\n", wine_dbgstr_w(buf));
++
++    provider->pOpen = get_provider_entry(perf, provider->perflib, "Open");
++    provider->pClose = get_provider_entry(perf, provider->perflib, "Close");
++    provider->pCollect = get_provider_entry(perf, provider->perflib, "Collect");
++    if (provider->pOpen && provider->pClose && provider->pCollect)
++    {
++        RegCloseKey(perf);
++        return TRUE;
++    }
++
++    TRACE("Provider is missing required exports\n");
++    FreeLibrary(provider->perflib);
++
++error:
++    RegCloseKey(perf);
++    return FALSE;
++}
++
++static DWORD collect_data(struct perf_provider *provider, const WCHAR *query, void **data, DWORD *size, DWORD *obj_count)
++{
++    DWORD err;
++
++    err = provider->pOpen(NULL);
++    if (err != ERROR_SUCCESS)
++    {
++        TRACE("Open error %u (%#x)\n", err, err);
++        return err;
++    }
++
++    *obj_count = 0;
++    err = provider->pCollect((WCHAR *)query, data, size, obj_count);
++    if (err != ERROR_SUCCESS)
++    {
++        TRACE("Collect error %u (%#x)\n", err, err);
++        *obj_count = 0;
++    }
++
++    provider->pClose();
++    return err;
++}
++
++#define MAX_SERVICE_NAME 260
++
++static DWORD query_perf_data(const WCHAR *query, DWORD *type, void *data, DWORD *ret_size)
++{
++    static const WCHAR SZ_SERVICES_KEY[] = { 'S','y','s','t','e','m','\\',
++        'C','u','r','r','e','n','t','C','o','n','t','r','o','l','S','e','t','\\',
++        'S','e','r','v','i','c','e','s',0 };
++    DWORD err, i, data_size;
++    HKEY root;
++    PERF_DATA_BLOCK *pdb;
++
++    if (!ret_size)
++        return ERROR_INVALID_PARAMETER;
++
++    data_size = *ret_size;
++    *ret_size = 0;
++
++    if (type)
++        *type = REG_BINARY;
++
++    if (!data || data_size < sizeof(*pdb))
++        return ERROR_MORE_DATA;
++
++    pdb = data;
++
++    pdb->Signature[0] = 'P';
++    pdb->Signature[1] = 'E';
++    pdb->Signature[2] = 'R';
++    pdb->Signature[3] = 'F';
++#ifdef WORDS_BIGENDIAN
++    pdb->LittleEndian = FALSE;
++#else
++    pdb->LittleEndian = TRUE;
++#endif
++    pdb->Version = PERF_DATA_VERSION;
++    pdb->Revision = PERF_DATA_REVISION;
++    pdb->TotalByteLength = 0;
++    pdb->HeaderLength = sizeof(*pdb);
++    pdb->NumObjectTypes = 0;
++    pdb->DefaultObject = 0;
++    QueryPerformanceCounter(&pdb->PerfTime);
++    QueryPerformanceFrequency(&pdb->PerfFreq);
++
++    data = pdb + 1;
++    pdb->SystemNameOffset = sizeof(*pdb);
++    pdb->SystemNameLength = (data_size - sizeof(*pdb)) / sizeof(WCHAR);
++    if (!GetComputerNameW(data, &pdb->SystemNameLength))
++        return ERROR_MORE_DATA;
++
++    pdb->SystemNameLength++;
++    pdb->SystemNameLength *= sizeof(WCHAR);
++
++    pdb->HeaderLength += pdb->SystemNameLength;
++
++    /* align to 8 bytes */
++    if (pdb->SystemNameLength & 7)
++        pdb->HeaderLength += 8 - (pdb->SystemNameLength & 7);
++
++    if (data_size < pdb->HeaderLength)
++        return ERROR_MORE_DATA;
++
++    pdb->TotalByteLength = pdb->HeaderLength;
++
++    data_size -= pdb->HeaderLength;
++    data = (char *)data + pdb->HeaderLength;
++
++    err = RegOpenKeyExW(HKEY_LOCAL_MACHINE, SZ_SERVICES_KEY, 0, KEY_READ, &root);
++    if (err != ERROR_SUCCESS)
++        return err;
++
++    i = 0;
++    for (;;)
++    {
++        DWORD collected_size = data_size, obj_count = 0;
++        struct perf_provider provider;
++        WCHAR name[MAX_SERVICE_NAME];
++        void *collected_data = data;
++
++        err = RegEnumKeyW(root, i++, name, MAX_SERVICE_NAME);
++        if (err == ERROR_NO_MORE_ITEMS)
++        {
++            err = ERROR_SUCCESS;
++            break;
++        }
++
++        if (err != ERROR_SUCCESS)
++            continue;
++
++        if (!load_provider(root, name, &provider))
++            continue;
++
++        err = collect_data(&provider, query, &collected_data, &collected_size, &obj_count);
++        FreeLibrary(provider.perflib);
++
++        if (err == ERROR_MORE_DATA)
++            break;
++
++        if (err == ERROR_SUCCESS)
++        {
++            PERF_OBJECT_TYPE *obj = (PERF_OBJECT_TYPE *)data;
++
++            TRACE("Collect: obj->TotalByteLength %u, collected_size %u\n",
++                obj->TotalByteLength, collected_size);
++
++            data_size -= collected_size;
++            data = collected_data;
++
++            pdb->TotalByteLength += collected_size;
++            pdb->NumObjectTypes += obj_count;
++        }
++    }
++
++    RegCloseKey(root);
++
++    if (err == ERROR_SUCCESS)
++    {
++        *ret_size = pdb->TotalByteLength;
++
++        GetSystemTime(&pdb->SystemTime);
++        GetSystemTimeAsFileTime((FILETIME *)&pdb->PerfTime100nSec);
++    }
++
++    return err;
++}
++
+ /******************************************************************************
+  * RegQueryValueExW   [ADVAPI32.@]
+  *
+@@ -1502,6 +1732,10 @@ LSTATUS WINAPI RegQueryValueExW( HKEY hkey, LPCWSTR name, LPDWORD reserved, LPDW
+           (count && data) ? *count : 0 );
+ 
+     if ((data && !count) || reserved) return ERROR_INVALID_PARAMETER;
++
++    if (hkey == HKEY_PERFORMANCE_DATA)
++        return query_perf_data(name, type, data, count);
++
+     if (!(hkey = get_special_root_hkey( hkey, 0 ))) return ERROR_INVALID_HANDLE;
+ 
+     RtlInitUnicodeString( &name_str, name );
+@@ -1592,7 +1826,8 @@ LSTATUS WINAPI DECLSPEC_HOTPATCH RegQueryValueExA( HKEY hkey, LPCSTR name, LPDWO
+           hkey, debugstr_a(name), reserved, type, data, count, count ? *count : 0 );
+ 
+     if ((data && !count) || reserved) return ERROR_INVALID_PARAMETER;
+-    if (!(hkey = get_special_root_hkey( hkey, 0 ))) return ERROR_INVALID_HANDLE;
++    if (hkey != HKEY_PERFORMANCE_DATA && !(hkey = get_special_root_hkey( hkey, 0 )))
++        return ERROR_INVALID_HANDLE;
+ 
+     if (count) datalen = *count;
+     if (!data && count) *count = 0;
+@@ -1604,6 +1839,13 @@ LSTATUS WINAPI DECLSPEC_HOTPATCH RegQueryValueExA( HKEY hkey, LPCSTR name, LPDWO
+     if ((status = RtlAnsiStringToUnicodeString( &nameW, &nameA, TRUE )))
+         return RtlNtStatusToDosError(status);
+ 
++    if (hkey == HKEY_PERFORMANCE_DATA)
++    {
++        DWORD ret = query_perf_data( nameW.Buffer, type, data, count );
++        RtlFreeUnicodeString( &nameW );
++        return ret;
++    }
++
+     status = NtQueryValueKey( hkey, &nameW, KeyValuePartialInformation,
+                               buffer, sizeof(buffer), &total_size );
+     if (status && status != STATUS_BUFFER_OVERFLOW) goto done;
+diff --git a/dlls/advapi32/tests/registry.c b/dlls/advapi32/tests/registry.c
+index 43599359ac6..9706478a135 100644
+--- a/dlls/advapi32/tests/registry.c
++++ b/dlls/advapi32/tests/registry.c
+@@ -3520,10 +3520,10 @@ static void test_RegQueryValueExPerformanceData(void)
+ 
+     /* Test with data == NULL */
+     dwret = RegQueryValueExA( HKEY_PERFORMANCE_DATA, "Global", NULL, NULL, NULL, &cbData );
+-    todo_wine ok( dwret == ERROR_MORE_DATA, "expected ERROR_MORE_DATA, got %d\n", dwret );
++    ok( dwret == ERROR_MORE_DATA, "expected ERROR_MORE_DATA, got %d\n", dwret );
+ 
+     dwret = RegQueryValueExW( HKEY_PERFORMANCE_DATA, globalW, NULL, NULL, NULL, &cbData );
+-    todo_wine ok( dwret == ERROR_MORE_DATA, "expected ERROR_MORE_DATA, got %d\n", dwret );
++    ok( dwret == ERROR_MORE_DATA, "expected ERROR_MORE_DATA, got %d\n", dwret );
+ 
+     /* Test ERROR_MORE_DATA, start with small buffer */
+     len = 10;
+@@ -3531,8 +3531,7 @@ static void test_RegQueryValueExPerformanceData(void)
+     cbData = len;
+     type = 0xdeadbeef;
+     dwret = RegQueryValueExA( HKEY_PERFORMANCE_DATA, "Global", NULL, &type, value, &cbData );
+-    todo_wine ok( dwret == ERROR_MORE_DATA, "expected ERROR_MORE_DATA, got %d\n", dwret );
+-todo_wine
++    ok( dwret == ERROR_MORE_DATA, "expected ERROR_MORE_DATA, got %d\n", dwret );
+     ok(type == REG_BINARY, "got %u\n", type);
+     while( dwret == ERROR_MORE_DATA && limit)
+     {
+@@ -3545,14 +3544,13 @@ todo_wine
+     }
+     ok(limit > 0, "too many times ERROR_MORE_DATA returned\n");
+ 
+-    todo_wine ok(dwret == ERROR_SUCCESS, "expected ERROR_SUCCESS, got %d\n", dwret);
+-todo_wine
++    ok(dwret == ERROR_SUCCESS, "expected ERROR_SUCCESS, got %d\n", dwret);
+     ok(type == REG_BINARY, "got %u\n", type);
+ 
+     /* Check returned data */
+     if (dwret == ERROR_SUCCESS)
+     {
+-        todo_wine ok(len >= sizeof(PERF_DATA_BLOCK), "got size %d\n", len);
++        ok(len >= sizeof(PERF_DATA_BLOCK), "got size %d\n", len);
+         if (len >= sizeof(PERF_DATA_BLOCK)) {
+             pdb = (PERF_DATA_BLOCK*) value;
+             ok(pdb->Signature[0] == 'P', "expected Signature[0] = 'P', got 0x%x\n", pdb->Signature[0]);
+@@ -3569,13 +3567,11 @@ todo_wine
+     {
+         cbData = 0xdeadbeef;
+         dwret = RegQueryValueExA(HKEY_PERFORMANCE_DATA, names[i], NULL, NULL, NULL, &cbData);
+-todo_wine
+         ok(dwret == ERROR_MORE_DATA, "%u/%s: got %u\n", i, names[i], dwret);
+         ok(cbData == 0, "got %u\n", cbData);
+ 
+         cbData = 0;
+         dwret = RegQueryValueExA(HKEY_PERFORMANCE_DATA, names[i], NULL, NULL, NULL, &cbData);
+-todo_wine
+         ok(dwret == ERROR_MORE_DATA, "%u/%s: got %u\n", i, names[i], dwret);
+         ok(cbData == 0, "got %u\n", cbData);
+ 
+@@ -3608,9 +3604,7 @@ todo_wine
+     type = 0xdeadbeef;
+     cbData = sizeof(buf);
+     dwret = RegQueryValueExA(HKEY_PERFORMANCE_DATA, "invalid counter name", NULL, &type, buf, &cbData);
+-todo_wine
+     ok(dwret == ERROR_SUCCESS, "got %u\n", dwret);
+-todo_wine
+     ok(type == REG_BINARY, "got %u\n", type);
+     if (dwret == ERROR_SUCCESS)
+     {
+@@ -3640,6 +3634,7 @@ todo_wine
+         ok(pdb->TotalByteLength == len, "got %u vs %u\n", pdb->TotalByteLength, len);
+         ok(pdb->HeaderLength == pdb->TotalByteLength, "got %u\n", pdb->HeaderLength);
+         ok(pdb->NumObjectTypes == 0, "got %u\n", pdb->NumObjectTypes);
++todo_wine
+         ok(pdb->DefaultObject != 0, "got %u\n", pdb->DefaultObject);
+         ok(pdb->SystemTime.wYear == st.wYear, "got %u\n", pdb->SystemTime.wYear);
+         ok(pdb->SystemTime.wMonth == st.wMonth, "got %u\n", pdb->SystemTime.wMonth);
+-- 
+2.13.1
+

patches/advapi32-Performance_Counters/0004-winspool.drv-Add-performance-counters-service-stubs.patch

@@ -0,0 +1,93 @@
+From efdcec40d501c6b27e3f3460ad0ad5fe26643e9d Mon Sep 17 00:00:00 2001
+From: Dmitry Timoshkov <dmitry@baikal.ru>
+Date: Wed, 12 Apr 2017 15:04:03 +0800
+Subject: winspool.drv: Add performance counters service stubs.
+
+---
+ dlls/winspool.drv/info.c            | 29 +++++++++++++++++++++++++++++
+ dlls/winspool.drv/winspool.drv.spec |  6 +++---
+ loader/wine.inf.in                  |  7 +++++++
+ 3 files changed, 39 insertions(+), 3 deletions(-)
+
+diff --git a/dlls/winspool.drv/info.c b/dlls/winspool.drv/info.c
+index f09745d1e6b..330ce236b45 100644
+--- a/dlls/winspool.drv/info.c
++++ b/dlls/winspool.drv/info.c
+@@ -8681,3 +8681,32 @@ HRESULT WINAPI UploadPrinterDriverPackageW( LPCWSTR server, LPCWSTR path, LPCWST
+           flags, hwnd, dst, dstlen);
+     return E_NOTIMPL;
+ }
++
++/*****************************************************************************
++ *          PerfOpen [WINSPOOL.@]
++ */
++DWORD WINAPI PerfOpen(LPWSTR context)
++{
++    FIXME("%s: stub\n", debugstr_w(context));
++    return ERROR_SUCCESS;
++}
++
++/*****************************************************************************
++ *          PerfClose [WINSPOOL.@]
++ */
++DWORD WINAPI PerfClose(void)
++{
++    FIXME("stub\n");
++    return ERROR_SUCCESS;
++}
++
++/*****************************************************************************
++ *          PerfCollect [WINSPOOL.@]
++ */
++DWORD WINAPI PerfCollect(LPWSTR query, LPVOID *data, LPDWORD size, LPDWORD obj_count)
++{
++    FIXME("%s,%p,%p,%p: stub\n", debugstr_w(query), data, size, obj_count);
++    *size = 0;
++    *obj_count = 0;
++    return ERROR_SUCCESS;
++}
+diff --git a/dlls/winspool.drv/winspool.drv.spec b/dlls/winspool.drv/winspool.drv.spec
+index 58dc60bcc9f..a23ea2ced99 100644
+--- a/dlls/winspool.drv/winspool.drv.spec
++++ b/dlls/winspool.drv/winspool.drv.spec
+@@ -2,9 +2,9 @@
+ 101 stub -noname ClusterSplOpen
+ 102 stub -noname ClusterSplClose
+ 103 stub -noname ClusterSplIsAlive
+-104 stub PerfClose
+-105 stub PerfCollect
+-106 stub PerfOpen
++104 stdcall PerfClose()
++105 stdcall PerfCollect(wstr ptr ptr ptr)
++106 stdcall PerfOpen(wstr)
+ 201 stdcall GetDefaultPrinterA(ptr ptr)
+ 202 stdcall SetDefaultPrinterA(str)
+ 203 stdcall GetDefaultPrinterW(ptr ptr)
+diff --git a/loader/wine.inf.in b/loader/wine.inf.in
+index 176647b8beb..a83cc209a96 100644
+--- a/loader/wine.inf.in
++++ b/loader/wine.inf.in
+@@ -3353,6 +3353,7 @@ StartType=3
+ ErrorControl=1
+ 
+ [SpoolerService]
++AddReg=SpoolerServiceKeys
+ Description="Loads files to memory for later printing"
+ DisplayName="Print Spooler"
+ ServiceBinary="%11%\spoolsv.exe"
+@@ -3361,6 +3362,12 @@ StartType=3
+ ErrorControl=1
+ LoadOrderGroup="SpoolerGroup"
+ 
++[SpoolerServiceKeys]
++HKLM,"System\CurrentControlSet\Services\Spooler\Performance","Library",,"winspool.drv"
++HKLM,"System\CurrentControlSet\Services\Spooler\Performance","Open",,"PerfOpen"
++HKLM,"System\CurrentControlSet\Services\Spooler\Performance","Close",,"PerfClose"
++HKLM,"System\CurrentControlSet\Services\Spooler\Performance","Collect",,"PerfCollect"
++
+ [TerminalServices]
+ Description="Remote desktop access"
+ DisplayName="Terminal Services"
+-- 
+2.13.1
+