Explaining the difference between Zw and Nt for the 101st time will not explain why it's used here, instead it would be an argument FOR converting to Zw, since the functions are called with kernel mode buffers, so under "normal" circumstances Zw would be correct. The reason why it can be done here, is because these are (as far as I checked) all init functions, and we are already in PreviousMode == KernelMode when we call them, so there is no difference.
The reason why it is done might be performance, since we are saving the system service overhead here.

Regarding the style guidelines: If you are referring to

-            if (Disposition) ProbeForWriteUlong(Disposition);
+            if (Disposition)
+                ProbeForWriteUlong(Disposition);
then I have to disappoint you.

Line breaking

  1. Each statement should get its own line.

    Right: 

    x++;
y++;
 
if (Condition)
    DoSomething();

    Wrong: 

    x++; y++;
 
if (Condition) DoSomething();


see: https://reactos.org/wiki/Coding_Style

Regards,
TImo

Am 08.07.2014 21:58, schrieb Alex Ionescu:
Calling Nt in those functions was by design, and is how Windows does it as well. I can explain Nt vs Zw (for the 100th time) as needed, but for now, I'd kindly ask for a revert please.

Second, the new code does not conform to formatting and style guidelines. Please fix the code before comitting.

Best regards,
Alex Ionescu