3 Copyright (c) Alex Ionescu. All rights reserved.
11 Function definitions for the Process Manager
15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
32 #ifndef NTOS_MODE_USER
35 // Win32K Process/Thread Functions
40 PsGetCurrentThreadWin32Thread(
47 PsGetCurrentProcessWin32Process(
54 PsGetProcessWin32Process(
61 PsSetProcessWin32Process(
69 PsSetThreadWin32Thread(
77 PsGetThreadWin32Thread(
98 PsGetThreadHardErrorsAreDisabled(
105 PsSetThreadHardErrorsAreDisabled(
113 PsEstablishWin32Callouts(
114 PWIN32_CALLOUTS_FPNS CalloutData
120 PsReturnProcessNonPagedPoolQuota(
121 IN PEPROCESS Process
,
126 // Process Impersonation Functions
131 PsRevertThreadToSelf(
141 PsLookupProcessThreadByCid(
143 OUT PEPROCESS
*Process OPTIONAL
,
149 PsIsProtectedProcess(
162 PsSetProcessPriorityByClass(
163 IN PEPROCESS Process
,
164 IN PSPROCESSPRIORITYMODE Type
169 PsGetProcessInheritedFromUniqueProcessId(
180 IN PEPROCESS Process
,
181 IN POOL_TYPE PoolType
,
188 PsChargeProcessNonPagedPoolQuota(
189 IN PEPROCESS Process
,
196 PsChargeProcessPagedPoolQuota(
197 IN PEPROCESS Process
,
204 PsChargeProcessPoolQuota(
205 IN PEPROCESS Process
,
206 IN POOL_TYPE PoolType
,
214 IN PEPROCESS Process
,
215 IN POOL_TYPE PoolType
,
222 PsReturnProcessNonPagedPoolQuota(
223 IN PEPROCESS Process
,
230 PsReturnProcessPagedPoolQuota(
231 IN PEPROCESS Process
,
244 IN HANDLE ThreadHandle
,
245 OUT PULONG SuspendCount
248 typedef ULONG APPHELPCACHESERVICECLASS
;
252 NtApphelpCacheControl(
253 IN APPHELPCACHESERVICECLASS Service
,
261 IN HANDLE ThreadHandle
267 NtAssignProcessToJobObject(
277 ACCESS_MASK DesiredAccess
,
278 POBJECT_ATTRIBUTES ObjectAttributes
285 IN PJOB_SET_ARRAY UserJobSet
,
293 OUT PHANDLE ProcessHandle
,
294 IN ACCESS_MASK DesiredAccess
,
295 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
296 IN HANDLE ParentProcess
,
297 IN BOOLEAN InheritObjectTable
,
298 IN HANDLE SectionHandle OPTIONAL
,
299 IN HANDLE DebugPort OPTIONAL
,
300 IN HANDLE ExceptionPort OPTIONAL
307 OUT PHANDLE ProcessHandle
,
308 IN ACCESS_MASK DesiredAccess
,
309 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
310 IN HANDLE ParentProcess
,
312 IN HANDLE SectionHandle OPTIONAL
,
313 IN HANDLE DebugPort OPTIONAL
,
314 IN HANDLE ExceptionPort OPTIONAL
,
322 OUT PHANDLE ThreadHandle
,
323 IN ACCESS_MASK DesiredAccess
,
324 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
325 IN HANDLE ProcessHandle
,
326 OUT PCLIENT_ID ClientId
,
327 IN PCONTEXT ThreadContext
,
328 IN PINITIAL_TEB UserStack
,
329 IN BOOLEAN CreateSuspended
332 #ifndef NTOS_MODE_USER
339 return (PTEB
)(ULONG_PTR
)__readfsdword(0x18);
343 __asm__
__volatile__ (
344 "movl %%fs:0x18, %0\n"
352 #elif defined (_M_AMD64)
353 FORCEINLINE
struct _TEB
* NtCurrentTeb(VOID
)
355 return (struct _TEB
*)__readgsqword(FIELD_OFFSET(NT_TIB
, Self
));
359 struct _TEB
* NtCurrentTeb(void);
366 IN HANDLE ThreadHandle
,
367 IN HANDLE ThreadToImpersonate
,
368 IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService
375 IN HANDLE ProcessHandle
,
376 IN HANDLE JobHandle OPTIONAL
383 OUT PHANDLE ProcessHandle
,
384 IN ACCESS_MASK DesiredAccess
,
385 IN POBJECT_ATTRIBUTES ObjectAttributes
,
386 IN PCLIENT_ID ClientId
393 OUT PHANDLE ThreadHandle
,
394 IN ACCESS_MASK DesiredAccess
,
395 IN POBJECT_ATTRIBUTES ObjectAttributes
,
396 IN PCLIENT_ID ClientId
403 IN HANDLE ThreadHandle
,
404 IN ACCESS_MASK DesiredAccess
,
405 IN BOOLEAN OpenAsSelf
,
406 OUT PHANDLE TokenHandle
413 IN HANDLE ThreadHandle
,
414 IN ACCESS_MASK DesiredAccess
,
415 IN BOOLEAN OpenAsSelf
,
416 IN ULONG HandleAttributes
,
417 OUT PHANDLE TokenHandle
423 NtQueryInformationJobObject(
425 JOBOBJECTINFOCLASS JobInformationClass
,
426 PVOID JobInformation
,
427 ULONG JobInformationLength
,
435 NtQueryInformationProcess(
436 IN HANDLE ProcessHandle
,
437 IN PROCESSINFOCLASS ProcessInformationClass
,
438 OUT PVOID ProcessInformation
,
439 IN ULONG ProcessInformationLength
,
440 OUT PULONG ReturnLength OPTIONAL
447 NtQueryInformationThread(
448 IN HANDLE ThreadHandle
,
449 IN THREADINFOCLASS ThreadInformationClass
,
450 OUT PVOID ThreadInformation
,
451 IN ULONG ThreadInformationLength
,
452 OUT PULONG ReturnLength
458 NtRegisterThreadTerminatePort(
459 HANDLE TerminationPort
466 IN HANDLE ThreadHandle
,
467 OUT PULONG SuspendCount
474 IN HANDLE ProcessHandle
480 NtSetInformationJobObject(
482 JOBOBJECTINFOCLASS JobInformationClass
,
483 PVOID JobInformation
,
484 ULONG JobInformationLength
490 NtSetInformationProcess(
491 IN HANDLE ProcessHandle
,
492 IN PROCESSINFOCLASS ProcessInformationClass
,
493 IN PVOID ProcessInformation
,
494 IN ULONG ProcessInformationLength
500 NtSetInformationThread(
501 IN HANDLE ThreadHandle
,
502 IN THREADINFOCLASS ThreadInformationClass
,
503 IN PVOID ThreadInformation
,
504 IN ULONG ThreadInformationLength
511 IN HANDLE ProcessHandle
518 IN HANDLE ThreadHandle
,
519 IN PULONG PreviousSuspendCount
526 IN HANDLE ProcessHandle
,
527 IN NTSTATUS ExitStatus
534 IN HANDLE ThreadHandle
,
535 IN NTSTATUS ExitStatus
541 NtTerminateJobObject(
550 IN HANDLE ThreadHandle
,
551 OUT PULONG SuspendCount
558 IN HANDLE ThreadHandle
564 ZwAssignProcessToJobObject(
574 ACCESS_MASK DesiredAccess
,
575 POBJECT_ATTRIBUTES ObjectAttributes
582 OUT PHANDLE ProcessHandle
,
583 IN ACCESS_MASK DesiredAccess
,
584 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
585 IN HANDLE ParentProcess
,
586 IN BOOLEAN InheritObjectTable
,
587 IN HANDLE SectionHandle OPTIONAL
,
588 IN HANDLE DebugPort OPTIONAL
,
589 IN HANDLE ExceptionPort OPTIONAL
596 OUT PHANDLE ThreadHandle
,
597 IN ACCESS_MASK DesiredAccess
,
598 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
599 IN HANDLE ProcessHandle
,
600 OUT PCLIENT_ID ClientId
,
601 IN PCONTEXT ThreadContext
,
602 IN PINITIAL_TEB UserStack
,
603 IN BOOLEAN CreateSuspended
610 IN HANDLE ThreadHandle
,
611 IN HANDLE ThreadToImpersonate
,
612 IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService
619 IN HANDLE ProcessHandle
,
620 IN HANDLE JobHandle OPTIONAL
627 OUT PHANDLE ProcessHandle
,
628 IN ACCESS_MASK DesiredAccess
,
629 IN POBJECT_ATTRIBUTES ObjectAttributes
,
630 IN PCLIENT_ID ClientId
637 OUT PHANDLE ThreadHandle
,
638 IN ACCESS_MASK DesiredAccess
,
639 IN POBJECT_ATTRIBUTES ObjectAttributes
,
640 IN PCLIENT_ID ClientId
647 IN HANDLE ThreadHandle
,
648 IN ACCESS_MASK DesiredAccess
,
649 IN BOOLEAN OpenAsSelf
,
650 OUT PHANDLE TokenHandle
657 IN HANDLE ThreadHandle
,
658 IN ACCESS_MASK DesiredAccess
,
659 IN BOOLEAN OpenAsSelf
,
660 IN ULONG HandleAttributes
,
661 OUT PHANDLE TokenHandle
667 ZwQueryInformationJobObject(
669 JOBOBJECTINFOCLASS JobInformationClass
,
670 PVOID JobInformation
,
671 ULONG JobInformationLength
,
679 ZwQueryInformationProcess(
680 IN HANDLE ProcessHandle
,
681 IN PROCESSINFOCLASS ProcessInformationClass
,
682 OUT PVOID ProcessInformation
,
683 IN ULONG ProcessInformationLength
,
684 OUT PULONG ReturnLength OPTIONAL
691 ZwQueryInformationThread(
692 IN HANDLE ThreadHandle
,
693 IN THREADINFOCLASS ThreadInformationClass
,
694 OUT PVOID ThreadInformation
,
695 IN ULONG ThreadInformationLength
,
696 OUT PULONG ReturnLength
702 ZwRegisterThreadTerminatePort(
703 HANDLE TerminationPort
710 IN HANDLE ThreadHandle
,
711 OUT PULONG SuspendCount
718 IN HANDLE ProcessHandle
724 ZwSetInformationJobObject(
726 JOBOBJECTINFOCLASS JobInformationClass
,
727 PVOID JobInformation
,
728 ULONG JobInformationLength
734 ZwSetInformationProcess(
735 IN HANDLE ProcessHandle
,
736 IN PROCESSINFOCLASS ProcessInformationClass
,
737 IN PVOID ProcessInformation
,
738 IN ULONG ProcessInformationLength
744 ZwSetInformationThread(
745 IN HANDLE ThreadHandle
,
746 IN THREADINFOCLASS ThreadInformationClass
,
747 IN PVOID ThreadInformation
,
748 IN ULONG ThreadInformationLength
755 IN HANDLE ProcessHandle
762 IN HANDLE ThreadHandle
,
763 IN PULONG PreviousSuspendCount
770 IN HANDLE ProcessHandle
,
771 IN NTSTATUS ExitStatus
778 IN HANDLE ThreadHandle
,
779 IN NTSTATUS ExitStatus
785 ZwTerminateJobObject(