go.mod: Bump hcsshim to v0.10.0-rc.1

This contains quite a bit (also bumps google/uuid to 1.3.0). Some HostProcess
container improvements to get ready for whenever it goes to stable in
Kubernetes, Hyper-V (windows) container support for CRI, and a plethora of
other small additions and fixes.

Signed-off-by: Daniel Canter <dcanter@microsoft.com>

vendor/github.com/Microsoft/hcsshim/internal/winapi/bindflt.go

@@ -0,0 +1,19 @@
+package winapi
+
+const (
+	BINDFLT_FLAG_READ_ONLY_MAPPING        uint32 = 0x00000001
+	BINDFLT_FLAG_MERGED_BIND_MAPPING      uint32 = 0x00000002
+	BINDFLT_FLAG_USE_CURRENT_SILO_MAPPING uint32 = 0x00000004
+)
+
+// HRESULT
+// BfSetupFilter(
+//     _In_opt_ HANDLE JobHandle,
+//     _In_ ULONG Flags,
+//     _In_ LPCWSTR VirtualizationRootPath,
+//     _In_ LPCWSTR VirtualizationTargetPath,
+//     _In_reads_opt_( VirtualizationExceptionPathCount ) LPCWSTR* VirtualizationExceptionPaths,
+//     _In_opt_ ULONG VirtualizationExceptionPathCount
+// );
+//
+//sys BfSetupFilter(jobHandle windows.Handle, flags uint32, virtRootPath *uint16, virtTargetPath *uint16, virtExceptions **uint16, virtExceptionPathCount uint32) (hr error) = bindfltapi.BfSetupFilter?

vendor/github.com/Microsoft/hcsshim/internal/winapi/console.go

@@ -1,3 +1,5 @@
+//go:build windows
+
 package winapi
 
 import (

vendor/github.com/Microsoft/hcsshim/internal/winapi/devices.go

@@ -1,3 +1,5 @@
+//go:build windows
+
 package winapi
 
 import "github.com/Microsoft/go-winio/pkg/guid"

vendor/github.com/Microsoft/hcsshim/internal/winapi/doc.go

@@ -0,0 +1,3 @@
+// Package winapi contains various low-level bindings to Windows APIs. It can
+// be thought of as an extension to golang.org/x/sys/windows.
+package winapi

vendor/github.com/Microsoft/hcsshim/internal/winapi/elevation.go

@@ -0,0 +1,11 @@
+//go:build windows
+
+package winapi
+
+import (
+	"golang.org/x/sys/windows"
+)
+
+func IsElevated() bool {
+	return windows.GetCurrentProcessToken().IsElevated()
+}

vendor/github.com/Microsoft/hcsshim/internal/winapi/errors.go

@@ -1,3 +1,5 @@
+//go:build windows
+
 package winapi
 
 import "syscall"

vendor/github.com/Microsoft/hcsshim/internal/winapi/filesystem.go

@@ -1,3 +1,5 @@
+//go:build windows
+
 package winapi
 
 //sys NtCreateFile(handle *uintptr, accessMask uint32, oa *ObjectAttributes, iosb *IOStatusBlock, allocationSize *uint64, fileAttributes uint32, shareAccess uint32, createDisposition uint32, createOptions uint32, eaBuffer *byte, eaLength uint32) (status uint32) = ntdll.NtCreateFile

vendor/github.com/Microsoft/hcsshim/internal/winapi/jobobject.go

@@ -1,3 +1,5 @@
+//go:build windows
+
 package winapi
 
 import (
@@ -55,6 +57,8 @@ const (
 	JobObjectLimitViolationInformation       uint32 = 13
 	JobObjectMemoryUsageInformation          uint32 = 28
 	JobObjectNotificationLimitInformation2   uint32 = 33
+	JobObjectCreateSilo                      uint32 = 35
+	JobObjectSiloBasicInformation            uint32 = 36
 	JobObjectIoAttribution                   uint32 = 42
 )
 
@@ -111,29 +115,27 @@ type JOBOBJECT_BASIC_ACCOUNTING_INFORMATION struct {
 	TotalTerminateProcesses   uint32
 }
 
-//https://docs.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-jobobject_basic_and_io_accounting_information
+// https://docs.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-jobobject_basic_and_io_accounting_information
 type JOBOBJECT_BASIC_AND_IO_ACCOUNTING_INFORMATION struct {
 	BasicInfo JOBOBJECT_BASIC_ACCOUNTING_INFORMATION
 	IoInfo    windows.IO_COUNTERS
 }
 
-// typedef struct _JOBOBJECT_MEMORY_USAGE_INFORMATION {
-//     ULONG64 JobMemory;
-//     ULONG64 PeakJobMemoryUsed;
-// } JOBOBJECT_MEMORY_USAGE_INFORMATION, *PJOBOBJECT_MEMORY_USAGE_INFORMATION;
-//
+//	typedef struct _JOBOBJECT_MEMORY_USAGE_INFORMATION {
+//	    ULONG64 JobMemory;
+//	    ULONG64 PeakJobMemoryUsed;
+//	} JOBOBJECT_MEMORY_USAGE_INFORMATION, *PJOBOBJECT_MEMORY_USAGE_INFORMATION;
 type JOBOBJECT_MEMORY_USAGE_INFORMATION struct {
 	JobMemory         uint64
 	PeakJobMemoryUsed uint64
 }
 
-// typedef struct _JOBOBJECT_IO_ATTRIBUTION_STATS {
-//     ULONG_PTR IoCount;
-//     ULONGLONG TotalNonOverlappedQueueTime;
-//     ULONGLONG TotalNonOverlappedServiceTime;
-//     ULONGLONG TotalSize;
-// } JOBOBJECT_IO_ATTRIBUTION_STATS, *PJOBOBJECT_IO_ATTRIBUTION_STATS;
-//
+//	typedef struct _JOBOBJECT_IO_ATTRIBUTION_STATS {
+//	    ULONG_PTR IoCount;
+//	    ULONGLONG TotalNonOverlappedQueueTime;
+//	    ULONGLONG TotalNonOverlappedServiceTime;
+//	    ULONGLONG TotalSize;
+//	} JOBOBJECT_IO_ATTRIBUTION_STATS, *PJOBOBJECT_IO_ATTRIBUTION_STATS;
 type JOBOBJECT_IO_ATTRIBUTION_STATS struct {
 	IoCount                       uintptr
 	TotalNonOverlappedQueueTime   uint64
@@ -141,12 +143,11 @@ type JOBOBJECT_IO_ATTRIBUTION_STATS struct {
 	TotalSize                     uint64
 }
 
-// typedef struct _JOBOBJECT_IO_ATTRIBUTION_INFORMATION {
-//     ULONG ControlFlags;
-//     JOBOBJECT_IO_ATTRIBUTION_STATS ReadStats;
-//     JOBOBJECT_IO_ATTRIBUTION_STATS WriteStats;
-// } JOBOBJECT_IO_ATTRIBUTION_INFORMATION, *PJOBOBJECT_IO_ATTRIBUTION_INFORMATION;
-//
+//	typedef struct _JOBOBJECT_IO_ATTRIBUTION_INFORMATION {
+//	    ULONG ControlFlags;
+//	    JOBOBJECT_IO_ATTRIBUTION_STATS ReadStats;
+//	    JOBOBJECT_IO_ATTRIBUTION_STATS WriteStats;
+//	} JOBOBJECT_IO_ATTRIBUTION_INFORMATION, *PJOBOBJECT_IO_ATTRIBUTION_INFORMATION;
 type JOBOBJECT_IO_ATTRIBUTION_INFORMATION struct {
 	ControlFlags uint32
 	ReadStats    JOBOBJECT_IO_ATTRIBUTION_STATS
@@ -183,7 +184,7 @@ type JOBOBJECT_ASSOCIATE_COMPLETION_PORT struct {
 //		LPCWSTR lpName
 // );
 //
-//sys OpenJobObject(desiredAccess uint32, inheritHandle bool, lpName *uint16) (handle windows.Handle, err error) = kernel32.OpenJobObjectW
+//sys OpenJobObject(desiredAccess uint32, inheritHandle int32, lpName *uint16) (handle windows.Handle, err error) = kernel32.OpenJobObjectW
 
 // DWORD SetIoRateControlInformationJobObject(
 //		HANDLE                                hJob,
@@ -198,6 +199,7 @@ type JOBOBJECT_ASSOCIATE_COMPLETION_PORT struct {
 //		JOBOBJECT_IO_RATE_CONTROL_INFORMATION **InfoBlocks,
 // 		ULONG                                 *InfoBlockCount
 // );
+//
 //sys QueryIoRateControlInformationJobObject(jobHandle windows.Handle, volumeName *uint16, ioRateControlInfo **JOBOBJECT_IO_RATE_CONTROL_INFORMATION, infoBlockCount *uint32) (ret uint32, err error) = kernel32.QueryIoRateControlInformationJobObject
 
 // NTSTATUS
@@ -206,6 +208,7 @@ type JOBOBJECT_ASSOCIATE_COMPLETION_PORT struct {
 //     _In_ ACCESS_MASK DesiredAccess,
 //     _In_ POBJECT_ATTRIBUTES ObjectAttributes
 // );
+//
 //sys NtOpenJobObject(jobHandle *windows.Handle, desiredAccess uint32, objAttributes *ObjectAttributes) (status uint32) = ntdll.NtOpenJobObject
 
 // NTSTATUS
@@ -215,4 +218,5 @@ type JOBOBJECT_ASSOCIATE_COMPLETION_PORT struct {
 //     _In_ ACCESS_MASK DesiredAccess,
 //     _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
 // );
+//
 //sys NtCreateJobObject(jobHandle *windows.Handle, desiredAccess uint32, objAttributes *ObjectAttributes) (status uint32) = ntdll.NtCreateJobObject

vendor/github.com/Microsoft/hcsshim/internal/winapi/path.go

@@ -8,4 +8,5 @@ package winapi
 // 	LPWSTR  lpBuffer,
 // 	LPWSTR  *lpFilePart
 // );
+//
 //sys SearchPath(lpPath *uint16, lpFileName *uint16, lpExtension *uint16, nBufferLength uint32, lpBuffer *uint16, lpFilePath *uint16) (size uint32, err error) = kernel32.SearchPathW

vendor/github.com/Microsoft/hcsshim/internal/winapi/system.go

@@ -1,3 +1,5 @@
+//go:build windows
+
 package winapi
 
 import "golang.org/x/sys/windows"

vendor/github.com/Microsoft/hcsshim/internal/winapi/thread.go

@@ -9,4 +9,5 @@ package winapi
 // 	DWORD                  dwCreationFlags,
 // 	LPDWORD                lpThreadId
 // );
+//
 //sys CreateRemoteThread(process windows.Handle, sa *windows.SecurityAttributes, stackSize uint32, startAddr uintptr, parameter uintptr, creationFlags uint32, threadID *uint32) (handle windows.Handle, err error) = kernel32.CreateRemoteThread

vendor/github.com/Microsoft/hcsshim/internal/winapi/user.go

@@ -0,0 +1,194 @@
+//go:build windows
+
+package winapi
+
+import (
+	"syscall"
+
+	"golang.org/x/sys/windows"
+)
+
+const UserNameCharLimit = 20
+
+const (
+	USER_PRIV_GUEST uint32 = iota
+	USER_PRIV_USER
+	USER_PRIV_ADMIN
+)
+
+const (
+	UF_NORMAL_ACCOUNT     = 0x00200
+	UF_DONT_EXPIRE_PASSWD = 0x10000
+)
+
+const NERR_UserNotFound = syscall.Errno(0x8AD)
+
+// typedef struct _LOCALGROUP_MEMBERS_INFO_0 {
+// 	PSID lgrmi0_sid;
+// } LOCALGROUP_MEMBERS_INFO_0, *PLOCALGROUP_MEMBERS_INFO_0, *LPLOCALGROUP_MEMBERS_INFO_0;
+type LocalGroupMembersInfo0 struct {
+	Sid *windows.SID
+}
+
+// typedef struct _LOCALGROUP_INFO_1 {
+// 	LPWSTR lgrpi1_name;
+// 	LPWSTR lgrpi1_comment;
+// } LOCALGROUP_INFO_1, *PLOCALGROUP_INFO_1, *LPLOCALGROUP_INFO_1;
+type LocalGroupInfo1 struct {
+	Name    *uint16
+	Comment *uint16
+}
+
+// typedef struct _USER_INFO_1 {
+// 	LPWSTR usri1_name;
+// 	LPWSTR usri1_password;
+// 	DWORD  usri1_password_age;
+// 	DWORD  usri1_priv;
+// 	LPWSTR usri1_home_dir;
+// 	LPWSTR usri1_comment;
+// 	DWORD  usri1_flags;
+// 	LPWSTR usri1_script_path;
+// } USER_INFO_1, *PUSER_INFO_1, *LPUSER_INFO_1;
+type UserInfo1 struct {
+	Name        *uint16
+	Password    *uint16
+	PasswordAge uint32
+	Priv        uint32
+	HomeDir     *uint16
+	Comment     *uint16
+	Flags       uint32
+	ScriptPath  *uint16
+}
+
+// NET_API_STATUS NET_API_FUNCTION NetLocalGroupGetInfo(
+// 	[in]  LPCWSTR servername,
+// 	[in]  LPCWSTR groupname,
+// 	[in]  DWORD   level,
+// 	[out] LPBYTE  *bufptr
+// );
+//
+//sys netLocalGroupGetInfo(serverName *uint16, groupName *uint16, level uint32, bufptr **byte) (status error) = netapi32.NetLocalGroupGetInfo
+
+// NetLocalGroupGetInfo is a slightly go friendlier wrapper around the NetLocalGroupGetInfo function. Instead of taking in *uint16's, it takes in
+// go strings and does the conversion internally.
+func NetLocalGroupGetInfo(serverName, groupName string, level uint32, bufPtr **byte) (err error) {
+	var (
+		serverNameUTF16 *uint16
+		groupNameUTF16  *uint16
+	)
+	if serverName != "" {
+		serverNameUTF16, err = windows.UTF16PtrFromString(serverName)
+		if err != nil {
+			return err
+		}
+	}
+	if groupName != "" {
+		groupNameUTF16, err = windows.UTF16PtrFromString(groupName)
+		if err != nil {
+			return err
+		}
+	}
+	return netLocalGroupGetInfo(
+		serverNameUTF16,
+		groupNameUTF16,
+		level,
+		bufPtr,
+	)
+}
+
+// NET_API_STATUS NET_API_FUNCTION NetUserAdd(
+// 	[in]  LPCWSTR servername,
+// 	[in]  DWORD   level,
+// 	[in]  LPBYTE  buf,
+// 	[out] LPDWORD parm_err
+// );
+//
+//sys netUserAdd(serverName *uint16, level uint32, buf *byte, parm_err *uint32) (status error) = netapi32.NetUserAdd
+
+// NetUserAdd is a slightly go friendlier wrapper around the NetUserAdd function. Instead of taking in *uint16's, it takes in
+// go strings and does the conversion internally.
+func NetUserAdd(serverName string, level uint32, buf *byte, parm_err *uint32) (err error) {
+	var serverNameUTF16 *uint16
+	if serverName != "" {
+		serverNameUTF16, err = windows.UTF16PtrFromString(serverName)
+		if err != nil {
+			return err
+		}
+	}
+	return netUserAdd(
+		serverNameUTF16,
+		level,
+		buf,
+		parm_err,
+	)
+}
+
+// NET_API_STATUS NET_API_FUNCTION NetUserDel(
+// 	[in] LPCWSTR servername,
+// 	[in] LPCWSTR username
+// );
+//
+//sys netUserDel(serverName *uint16, username *uint16) (status error) = netapi32.NetUserDel
+
+// NetUserDel is a slightly go friendlier wrapper around the NetUserDel function. Instead of taking in *uint16's, it takes in
+// go strings and does the conversion internally.
+func NetUserDel(serverName, userName string) (err error) {
+	var (
+		serverNameUTF16 *uint16
+		userNameUTF16   *uint16
+	)
+	if serverName != "" {
+		serverNameUTF16, err = windows.UTF16PtrFromString(serverName)
+		if err != nil {
+			return err
+		}
+	}
+	if userName != "" {
+		userNameUTF16, err = windows.UTF16PtrFromString(userName)
+		if err != nil {
+			return err
+		}
+	}
+	return netUserDel(
+		serverNameUTF16,
+		userNameUTF16,
+	)
+}
+
+// NET_API_STATUS NET_API_FUNCTION NetLocalGroupAddMembers(
+// 	[in] LPCWSTR servername,
+// 	[in] LPCWSTR groupname,
+// 	[in] DWORD   level,
+// 	[in] LPBYTE  buf,
+// 	[in] DWORD   totalentries
+// );
+//
+//sys netLocalGroupAddMembers(serverName *uint16, groupName *uint16, level uint32, buf *byte, totalEntries uint32) (status error) = netapi32.NetLocalGroupAddMembers
+
+// NetLocalGroupAddMembers is a slightly go friendlier wrapper around the NetLocalGroupAddMembers function. Instead of taking in *uint16's, it takes in
+// go strings and does the conversion internally.
+func NetLocalGroupAddMembers(serverName, groupName string, level uint32, buf *byte, totalEntries uint32) (err error) {
+	var (
+		serverNameUTF16 *uint16
+		groupNameUTF16  *uint16
+	)
+	if serverName != "" {
+		serverNameUTF16, err = windows.UTF16PtrFromString(serverName)
+		if err != nil {
+			return err
+		}
+	}
+	if groupName != "" {
+		groupNameUTF16, err = windows.UTF16PtrFromString(groupName)
+		if err != nil {
+			return err
+		}
+	}
+	return netLocalGroupAddMembers(
+		serverNameUTF16,
+		groupNameUTF16,
+		level,
+		buf,
+		totalEntries,
+	)
+}

vendor/github.com/Microsoft/hcsshim/internal/winapi/utils.go

@@ -1,3 +1,5 @@
+//go:build windows
+
 package winapi
 
 import (

vendor/github.com/Microsoft/hcsshim/internal/winapi/winapi.go

@@ -1,5 +1,3 @@
-// Package winapi contains various low-level bindings to Windows APIs. It can
-// be thought of as an extension to golang.org/x/sys/windows.
 package winapi
 
-//go:generate go run ..\..\mksyscall_windows.go -output zsyscall_windows.go user.go console.go system.go net.go path.go thread.go jobobject.go logon.go memory.go process.go processor.go devices.go filesystem.go errors.go
+//go:generate go run ..\..\mksyscall_windows.go -output zsyscall_windows.go bindflt.go user.go console.go system.go net.go path.go thread.go jobobject.go logon.go memory.go process.go processor.go devices.go filesystem.go errors.go

vendor/github.com/Microsoft/hcsshim/internal/winapi/zsyscall_windows.go

@@ -37,12 +37,19 @@ func errnoErr(e syscall.Errno) error {
 }
 
 var (
-	modkernel32 = windows.NewLazySystemDLL("kernel32.dll")
-	modntdll    = windows.NewLazySystemDLL("ntdll.dll")
-	modiphlpapi = windows.NewLazySystemDLL("iphlpapi.dll")
-	modadvapi32 = windows.NewLazySystemDLL("advapi32.dll")
-	modcfgmgr32 = windows.NewLazySystemDLL("cfgmgr32.dll")
+	modbindfltapi = windows.NewLazySystemDLL("bindfltapi.dll")
+	modnetapi32   = windows.NewLazySystemDLL("netapi32.dll")
+	modkernel32   = windows.NewLazySystemDLL("kernel32.dll")
+	modntdll      = windows.NewLazySystemDLL("ntdll.dll")
+	modiphlpapi   = windows.NewLazySystemDLL("iphlpapi.dll")
+	modadvapi32   = windows.NewLazySystemDLL("advapi32.dll")
+	modcfgmgr32   = windows.NewLazySystemDLL("cfgmgr32.dll")
 
+	procBfSetupFilter                          = modbindfltapi.NewProc("BfSetupFilter")
+	procNetLocalGroupGetInfo                   = modnetapi32.NewProc("NetLocalGroupGetInfo")
+	procNetUserAdd                             = modnetapi32.NewProc("NetUserAdd")
+	procNetUserDel                             = modnetapi32.NewProc("NetUserDel")
+	procNetLocalGroupAddMembers                = modnetapi32.NewProc("NetLocalGroupAddMembers")
 	procCreatePseudoConsole                    = modkernel32.NewProc("CreatePseudoConsole")
 	procClosePseudoConsole                     = modkernel32.NewProc("ClosePseudoConsole")
 	procResizePseudoConsole                    = modkernel32.NewProc("ResizePseudoConsole")
@@ -73,6 +80,52 @@ var (
 	procRtlNtStatusToDosError                  = modntdll.NewProc("RtlNtStatusToDosError")
 )
 
+func BfSetupFilter(jobHandle windows.Handle, flags uint32, virtRootPath *uint16, virtTargetPath *uint16, virtExceptions **uint16, virtExceptionPathCount uint32) (hr error) {
+	if hr = procBfSetupFilter.Find(); hr != nil {
+		return
+	}
+	r0, _, _ := syscall.Syscall6(procBfSetupFilter.Addr(), 6, uintptr(jobHandle), uintptr(flags), uintptr(unsafe.Pointer(virtRootPath)), uintptr(unsafe.Pointer(virtTargetPath)), uintptr(unsafe.Pointer(virtExceptions)), uintptr(virtExceptionPathCount))
+	if int32(r0) < 0 {
+		if r0&0x1fff0000 == 0x00070000 {
+			r0 &= 0xffff
+		}
+		hr = syscall.Errno(r0)
+	}
+	return
+}
+
+func netLocalGroupGetInfo(serverName *uint16, groupName *uint16, level uint32, bufptr **byte) (status error) {
+	r0, _, _ := syscall.Syscall6(procNetLocalGroupGetInfo.Addr(), 4, uintptr(unsafe.Pointer(serverName)), uintptr(unsafe.Pointer(groupName)), uintptr(level), uintptr(unsafe.Pointer(bufptr)), 0, 0)
+	if r0 != 0 {
+		status = syscall.Errno(r0)
+	}
+	return
+}
+
+func netUserAdd(serverName *uint16, level uint32, buf *byte, parm_err *uint32) (status error) {
+	r0, _, _ := syscall.Syscall6(procNetUserAdd.Addr(), 4, uintptr(unsafe.Pointer(serverName)), uintptr(level), uintptr(unsafe.Pointer(buf)), uintptr(unsafe.Pointer(parm_err)), 0, 0)
+	if r0 != 0 {
+		status = syscall.Errno(r0)
+	}
+	return
+}
+
+func netUserDel(serverName *uint16, username *uint16) (status error) {
+	r0, _, _ := syscall.Syscall(procNetUserDel.Addr(), 2, uintptr(unsafe.Pointer(serverName)), uintptr(unsafe.Pointer(username)), 0)
+	if r0 != 0 {
+		status = syscall.Errno(r0)
+	}
+	return
+}
+
+func netLocalGroupAddMembers(serverName *uint16, groupName *uint16, level uint32, buf *byte, totalEntries uint32) (status error) {
+	r0, _, _ := syscall.Syscall6(procNetLocalGroupAddMembers.Addr(), 5, uintptr(unsafe.Pointer(serverName)), uintptr(unsafe.Pointer(groupName)), uintptr(level), uintptr(unsafe.Pointer(buf)), uintptr(totalEntries), 0)
+	if r0 != 0 {
+		status = syscall.Errno(r0)
+	}
+	return
+}
+
 func createPseudoConsole(size uint32, hInput windows.Handle, hOutput windows.Handle, dwFlags uint32, hpcon *windows.Handle) (hr error) {
 	r0, _, _ := syscall.Syscall6(procCreatePseudoConsole.Addr(), 5, uintptr(size), uintptr(hInput), uintptr(hOutput), uintptr(dwFlags), uintptr(unsafe.Pointer(hpcon)), 0)
 	if int32(r0) < 0 {
@@ -164,14 +217,8 @@ func QueryInformationJobObject(jobHandle windows.Handle, infoClass uint32, jobOb
 	return
 }
 
-func OpenJobObject(desiredAccess uint32, inheritHandle bool, lpName *uint16) (handle windows.Handle, err error) {
-	var _p0 uint32
-	if inheritHandle {
-		_p0 = 1
-	} else {
-		_p0 = 0
-	}
-	r0, _, e1 := syscall.Syscall(procOpenJobObjectW.Addr(), 3, uintptr(desiredAccess), uintptr(_p0), uintptr(unsafe.Pointer(lpName)))
+func OpenJobObject(desiredAccess uint32, inheritHandle int32, lpName *uint16) (handle windows.Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procOpenJobObjectW.Addr(), 3, uintptr(desiredAccess), uintptr(inheritHandle), uintptr(unsafe.Pointer(lpName)))
 	handle = windows.Handle(r0)
 	if handle == 0 {
 		if e1 != 0 {