Edit

Share via

ZwOpenKey function (wdm.h)

  • Article

The ZwOpenKey routine opens an existing registry key.

Syntax

NTSYSAPI NTSTATUS ZwOpenKey(
  [out] PHANDLE            KeyHandle,
  [in]  ACCESS_MASK        DesiredAccess,
  [in]  POBJECT_ATTRIBUTES ObjectAttributes
);

Parameters

[out] KeyHandle

Pointer to the HANDLE variable that receives the handle to the key.

[in] DesiredAccess

Specifies an ACCESS_MASK value that determines the requested access to the object. For more information, see the DesiredAccess parameter of ZwCreateKey.

[in] ObjectAttributes

Pointer to an OBJECT_ATTRIBUTES structure that specifies the object name and other attributes. Use InitializeObjectAttributes to initialize this structure. If the caller is not running in a system thread context, it must set the OBJ_KERNEL_HANDLE attribute when it calls InitializeObjectAttributes.

Return value

ZwOpenKey returns STATUS_SUCCESS if the given key was opened. Otherwise, it can return an error status, including the following:

  • STATUS_INVALID_HANDLE

  • STATUS_ACCESS_DENIED

Remarks

ZwOpenKey supplies a handle that the caller can use to manipulate a registry key. The routine provides a subset of the functionality of ZwCreateKey. For more information, see Using the Registry in a Driver.

If the specified key does not exist, ZwOpenKey returns an error status and does not return a key handle.

Once the handle pointed to by KeyHandle is no longer in use, the driver must call ZwClose to close it.

ZwOpenKey ignores the security information in the structure that the ObjectAttributes parameter points to.

If the caller is not running in a system thread context, it must ensure that any handles it creates are private handles. Otherwise, the handle can be accessed by the process in whose context the driver is running. For more information, see Object Handles.

For more information about working with registry keys, see Using the Registry in a Driver.

If the call to this function occurs in user mode, you should use the name "NtOpenKey" instead of "ZwOpenKey".

Requirements

Requirement Value
Target Platform Universal
Header wdm.h (include Wdm.h, Ntddk.h, Ntifs.h)
Library NtosKrnl.lib
DLL NtosKrnl.exe
IRQL PASSIVE_LEVEL
DDI compliance rules HwStorPortProhibitedDDIs(storport), IrqlZwPassive(wdm), PowerIrpDDis(wdm), ZwRegistryCreate(storport), ZwRegistryOpen(storport), ZwRegistryOpen(storport), ZwRegistryOpen(wdm)

See also

ACCESS_MASK

InitializeObjectAttributes

ZwCreateKey

ZwDeleteKey

ZwEnumerateKey

ZwEnumerateValueKey

ZwFlushKey

ZwQueryKey

ZwQueryValueKey

ZwSetValueKey