1 /******************************************************************************
2 * Process Manager Functions *
3 ******************************************************************************/
10 _Inout_ PVOID
*ApcContext
,
11 _Inout_ PVOID
*ApcRoutine
);
15 * PsGetCurrentProcess(VOID)
17 #define PsGetCurrentProcess IoGetCurrentProcess
19 #if !defined(_PSGETCURRENTTHREAD_)
20 #define _PSGETCURRENTTHREAD_
21 _IRQL_requires_max_(DISPATCH_LEVEL
)
25 PsGetCurrentThread(VOID
)
27 return (PETHREAD
)KeGetCurrentThread();
29 #endif /* !_PSGETCURRENTTHREAD_ */
39 _Out_ PHANDLE ProcessHandle
,
40 _In_ ACCESS_MASK DesiredAccess
,
41 _In_ POBJECT_ATTRIBUTES ObjectAttributes
,
42 _In_opt_ PCLIENT_ID ClientId
);
47 NtQueryInformationProcess(
48 IN HANDLE ProcessHandle
,
49 IN PROCESSINFOCLASS ProcessInformationClass
,
50 OUT PVOID ProcessInformation OPTIONAL
,
51 IN ULONG ProcessInformationLength
,
52 OUT PULONG ReturnLength OPTIONAL
);
57 _IRQL_requires_max_(APC_LEVEL
)
61 PsLookupProcessByProcessId(
62 _In_ HANDLE ProcessId
,
63 _Outptr_ PEPROCESS
*Process
);
66 _IRQL_requires_max_(APC_LEVEL
)
70 PsLookupThreadByThreadId(
71 _In_ HANDLE UniqueThreadId
,
72 _Outptr_ PETHREAD
*Thread
);
75 #if (NTDDI_VERSION >= NTDDI_WIN2K)
78 _IRQL_requires_max_(APC_LEVEL
)
79 _Post_satisfies_(return <= 0)
85 _Out_ PHANDLE ThreadHandle
,
86 _In_ ULONG DesiredAccess
,
87 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
88 _In_opt_ HANDLE ProcessHandle
,
89 _Out_opt_ PCLIENT_ID ClientId
,
90 _In_ PKSTART_ROUTINE StartRoutine
,
91 _In_opt_
_When_(return==0, __drv_aliasesMem
) PVOID StartContext
);
93 _IRQL_requires_max_(PASSIVE_LEVEL
)
97 PsTerminateSystemThread(
98 _In_ NTSTATUS ExitStatus
);
103 _IRQL_requires_max_(PASSIVE_LEVEL
)
107 PsSetCreateProcessNotifyRoutine(
108 _In_ PCREATE_PROCESS_NOTIFY_ROUTINE NotifyRoutine
,
109 _In_ BOOLEAN Remove
);
111 _IRQL_requires_max_(PASSIVE_LEVEL
)
115 PsSetCreateThreadNotifyRoutine(
116 _In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine
);
118 _IRQL_requires_max_(PASSIVE_LEVEL
)
122 PsSetLoadImageNotifyRoutine(
123 _In_ PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine
);
128 PsGetCurrentProcessId(VOID
);
130 _IRQL_requires_max_(DISPATCH_LEVEL
)
134 PsGetCurrentThreadId(VOID
);
140 OUT PULONG MajorVersion OPTIONAL
,
141 OUT PULONG MinorVersion OPTIONAL
,
142 OUT PULONG BuildNumber OPTIONAL
,
143 OUT PUNICODE_STRING CSDVersion OPTIONAL
);
147 _IRQL_requires_max_(APC_LEVEL
)
151 PsReferenceImpersonationToken(
152 _Inout_ PETHREAD Thread
,
153 _Out_ PBOOLEAN CopyOnOpen
,
154 _Out_ PBOOLEAN EffectiveOnly
,
155 _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
);
157 _IRQL_requires_max_(APC_LEVEL
)
161 PsGetProcessExitTime(VOID
);
163 _IRQL_requires_max_(DISPATCH_LEVEL
)
167 PsIsThreadTerminating(
168 _In_ PETHREAD Thread
);
170 _Must_inspect_result_
171 _IRQL_requires_max_(PASSIVE_LEVEL
)
176 _Inout_ PETHREAD Thread
,
177 _In_opt_ PACCESS_TOKEN Token
,
178 _In_ BOOLEAN CopyOnOpen
,
179 _In_ BOOLEAN EffectiveOnly
,
180 _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
);
182 _IRQL_requires_max_(PASSIVE_LEVEL
)
186 PsDisableImpersonation(
187 _Inout_ PETHREAD Thread
,
188 _Inout_ PSE_IMPERSONATION_STATE ImpersonationState
);
190 _IRQL_requires_max_(PASSIVE_LEVEL
)
194 PsRestoreImpersonation(
195 _Inout_ PETHREAD Thread
,
196 _In_ PSE_IMPERSONATION_STATE ImpersonationState
);
198 _IRQL_requires_max_(PASSIVE_LEVEL
)
202 PsRevertToSelf(VOID
);
204 _IRQL_requires_max_(APC_LEVEL
)
209 _In_ PEPROCESS Process
,
210 _In_ POOL_TYPE PoolType
,
211 _In_ ULONG_PTR Amount
);
213 _IRQL_requires_max_(APC_LEVEL
)
218 _In_ PEPROCESS Process
,
219 _In_ POOL_TYPE PoolType
,
220 _In_ ULONG_PTR Amount
);
222 _IRQL_requires_max_(PASSIVE_LEVEL
)
226 PsAssignImpersonationToken(
227 _In_ PETHREAD Thread
,
228 _In_opt_ HANDLE Token
);
230 _IRQL_requires_max_(PASSIVE_LEVEL
)
234 PsReferencePrimaryToken(
235 _Inout_ PEPROCESS Process
);
237 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
238 $
if (_NTDDK_
|| _NTIFS_
)
239 #if (NTDDI_VERSION >= NTDDI_WINXP)
240 $
endif (_NTDDK_
|| _NTIFS_
)
243 _IRQL_requires_max_(DISPATCH_LEVEL
)
248 _In_ PEPROCESS Process
);
250 _IRQL_requires_max_(DISPATCH_LEVEL
)
255 _In_ PETHREAD Thread
);
260 PsRemoveCreateThreadNotifyRoutine(
261 _In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine
);
263 _IRQL_requires_max_(PASSIVE_LEVEL
)
267 PsRemoveLoadImageNotifyRoutine(
268 _In_ PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine
);
270 _IRQL_requires_max_(DISPATCH_LEVEL
)
274 PsGetProcessCreateTimeQuadPart(
275 _In_ PEPROCESS Process
);
279 _IRQL_requires_max_(PASSIVE_LEVEL
)
283 PsDereferencePrimaryToken(
284 _In_ PACCESS_TOKEN PrimaryToken
);
286 _IRQL_requires_max_(PASSIVE_LEVEL
)
290 PsDereferenceImpersonationToken(
291 _In_ PACCESS_TOKEN ImpersonationToken
);
293 _Must_inspect_result_
294 _IRQL_requires_max_(APC_LEVEL
)
298 PsChargeProcessPoolQuota(
299 _In_ PEPROCESS Process
,
300 _In_ POOL_TYPE PoolType
,
301 _In_ ULONG_PTR Amount
);
307 _In_ PETHREAD Thread
);
309 $
if (_NTDDK_
|| _NTIFS_
)
310 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
311 $
endif (_NTDDK_
|| _NTIFS_
)
314 #if (NTDDI_VERSION >= NTDDI_WS03)
318 PsGetThreadProcessId(
320 #endif /* (NTDDI_VERSION >= NTDDI_WS03) */
322 #if (NTDDI_VERSION >= NTDDI_VISTA)
327 PsSetCurrentThreadPrefetching(
328 IN BOOLEAN Prefetching
);
333 PsIsCurrentThreadPrefetching(VOID
);
335 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
337 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
341 PsSetCreateProcessNotifyRoutineEx(
342 IN PCREATE_PROCESS_NOTIFY_ROUTINE_EX NotifyRoutine
,
344 #endif /* (NTDDI_VERSION >= NTDDI_VISTASP1) */