3 Copyright (c) Alex Ionescu. All rights reserved.
11 Function definitions for the Process Manager
15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
32 #ifndef NTOS_MODE_USER
35 // Win32K Process/Thread Functions
40 PsGetCurrentThreadWin32Thread(
47 PsGetCurrentProcessWin32Process(
54 PsGetProcessWin32Process(
61 PsSetProcessWin32Process(
69 PsSetThreadWin32Thread(
77 PsGetThreadWin32Thread(
84 PsGetProcessWin32WindowStation(
91 PsSetProcessWindowStation(
113 PsGetThreadHardErrorsAreDisabled(
120 PsSetThreadHardErrorsAreDisabled(
128 PsEstablishWin32Callouts(
129 PWIN32_CALLOUTS_FPNS CalloutData
135 PsReturnProcessNonPagedPoolQuota(
136 IN PEPROCESS Process
,
143 PsGetCurrentProcessSessionId(
148 // Process Impersonation Functions
153 PsRevertThreadToSelf(
163 PsLookupProcessThreadByCid(
165 OUT PEPROCESS
*Process OPTIONAL
,
171 PsIsProtectedProcess(
184 PsSetProcessPriorityByClass(
185 IN PEPROCESS Process
,
186 IN PSPROCESSPRIORITYMODE Type
191 PsGetProcessInheritedFromUniqueProcessId(
198 PsGetProcessExitStatus(
204 PsGetProcessSessionId(
211 PsGetProcessExitProcessCalled(
222 IN PEPROCESS Process
,
223 IN POOL_TYPE PoolType
,
230 PsChargeProcessNonPagedPoolQuota(
231 IN PEPROCESS Process
,
238 PsChargeProcessPagedPoolQuota(
239 IN PEPROCESS Process
,
246 PsChargeProcessPoolQuota(
247 IN PEPROCESS Process
,
248 IN POOL_TYPE PoolType
,
256 IN PEPROCESS Process
,
257 IN POOL_TYPE PoolType
,
264 PsReturnProcessNonPagedPoolQuota(
265 IN PEPROCESS Process
,
272 PsReturnProcessPagedPoolQuota(
273 IN PEPROCESS Process
,
286 IN HANDLE ThreadHandle
,
287 OUT PULONG SuspendCount
290 typedef ULONG APPHELPCACHESERVICECLASS
;
294 NtApphelpCacheControl(
295 IN APPHELPCACHESERVICECLASS Service
,
303 IN HANDLE ThreadHandle
309 NtAssignProcessToJobObject(
319 ACCESS_MASK DesiredAccess
,
320 POBJECT_ATTRIBUTES ObjectAttributes
327 IN PJOB_SET_ARRAY UserJobSet
,
335 OUT PHANDLE ProcessHandle
,
336 IN ACCESS_MASK DesiredAccess
,
337 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
338 IN HANDLE ParentProcess
,
339 IN BOOLEAN InheritObjectTable
,
340 IN HANDLE SectionHandle OPTIONAL
,
341 IN HANDLE DebugPort OPTIONAL
,
342 IN HANDLE ExceptionPort OPTIONAL
349 OUT PHANDLE ProcessHandle
,
350 IN ACCESS_MASK DesiredAccess
,
351 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
352 IN HANDLE ParentProcess
,
354 IN HANDLE SectionHandle OPTIONAL
,
355 IN HANDLE DebugPort OPTIONAL
,
356 IN HANDLE ExceptionPort OPTIONAL
,
364 OUT PHANDLE ThreadHandle
,
365 IN ACCESS_MASK DesiredAccess
,
366 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
367 IN HANDLE ProcessHandle
,
368 OUT PCLIENT_ID ClientId
,
369 IN PCONTEXT ThreadContext
,
370 IN PINITIAL_TEB UserStack
,
371 IN BOOLEAN CreateSuspended
374 #ifndef NTOS_MODE_USER
375 FORCEINLINE
struct _TEB
* NtCurrentTeb(VOID
)
378 return (PTEB
)__readfsdword(0x18);
379 #elif defined (_M_AMD64)
380 return (struct _TEB
*)__readgsqword(FIELD_OFFSET(NT_TIB
, Self
));
384 struct _TEB
* NtCurrentTeb(void);
391 IN HANDLE ThreadHandle
,
392 IN HANDLE ThreadToImpersonate
,
393 IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService
400 IN HANDLE ProcessHandle
,
401 IN HANDLE JobHandle OPTIONAL
408 OUT PHANDLE ProcessHandle
,
409 IN ACCESS_MASK DesiredAccess
,
410 IN POBJECT_ATTRIBUTES ObjectAttributes
,
411 IN PCLIENT_ID ClientId
418 OUT PHANDLE ThreadHandle
,
419 IN ACCESS_MASK DesiredAccess
,
420 IN POBJECT_ATTRIBUTES ObjectAttributes
,
421 IN PCLIENT_ID ClientId
428 IN HANDLE ThreadHandle
,
429 IN ACCESS_MASK DesiredAccess
,
430 IN BOOLEAN OpenAsSelf
,
431 OUT PHANDLE TokenHandle
438 IN HANDLE ThreadHandle
,
439 IN ACCESS_MASK DesiredAccess
,
440 IN BOOLEAN OpenAsSelf
,
441 IN ULONG HandleAttributes
,
442 OUT PHANDLE TokenHandle
448 NtQueryInformationJobObject(
450 JOBOBJECTINFOCLASS JobInformationClass
,
451 PVOID JobInformation
,
452 ULONG JobInformationLength
,
460 NtQueryInformationProcess(
461 IN HANDLE ProcessHandle
,
462 IN PROCESSINFOCLASS ProcessInformationClass
,
463 OUT PVOID ProcessInformation
,
464 IN ULONG ProcessInformationLength
,
465 OUT PULONG ReturnLength OPTIONAL
472 NtQueryInformationThread(
473 IN HANDLE ThreadHandle
,
474 IN THREADINFOCLASS ThreadInformationClass
,
475 OUT PVOID ThreadInformation
,
476 IN ULONG ThreadInformationLength
,
477 OUT PULONG ReturnLength
483 NtRegisterThreadTerminatePort(
484 HANDLE TerminationPort
491 IN HANDLE ThreadHandle
,
492 OUT PULONG SuspendCount
499 IN HANDLE ProcessHandle
505 NtSetInformationJobObject(
507 JOBOBJECTINFOCLASS JobInformationClass
,
508 PVOID JobInformation
,
509 ULONG JobInformationLength
515 NtSetInformationProcess(
516 IN HANDLE ProcessHandle
,
517 IN PROCESSINFOCLASS ProcessInformationClass
,
518 IN PVOID ProcessInformation
,
519 IN ULONG ProcessInformationLength
525 NtSetInformationThread(
526 IN HANDLE ThreadHandle
,
527 IN THREADINFOCLASS ThreadInformationClass
,
528 IN PVOID ThreadInformation
,
529 IN ULONG ThreadInformationLength
536 IN HANDLE ProcessHandle
543 IN HANDLE ThreadHandle
,
544 IN PULONG PreviousSuspendCount
551 IN HANDLE ProcessHandle
,
552 IN NTSTATUS ExitStatus
559 IN HANDLE ThreadHandle
,
560 IN NTSTATUS ExitStatus
566 NtTerminateJobObject(
575 IN HANDLE ThreadHandle
,
576 OUT PULONG SuspendCount
583 IN HANDLE ThreadHandle
589 ZwAssignProcessToJobObject(
599 ACCESS_MASK DesiredAccess
,
600 POBJECT_ATTRIBUTES ObjectAttributes
607 OUT PHANDLE ProcessHandle
,
608 IN ACCESS_MASK DesiredAccess
,
609 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
610 IN HANDLE ParentProcess
,
611 IN BOOLEAN InheritObjectTable
,
612 IN HANDLE SectionHandle OPTIONAL
,
613 IN HANDLE DebugPort OPTIONAL
,
614 IN HANDLE ExceptionPort OPTIONAL
621 OUT PHANDLE ThreadHandle
,
622 IN ACCESS_MASK DesiredAccess
,
623 IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
,
624 IN HANDLE ProcessHandle
,
625 OUT PCLIENT_ID ClientId
,
626 IN PCONTEXT ThreadContext
,
627 IN PINITIAL_TEB UserStack
,
628 IN BOOLEAN CreateSuspended
635 IN HANDLE ThreadHandle
,
636 IN HANDLE ThreadToImpersonate
,
637 IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService
644 IN HANDLE ProcessHandle
,
645 IN HANDLE JobHandle OPTIONAL
652 OUT PHANDLE ProcessHandle
,
653 IN ACCESS_MASK DesiredAccess
,
654 IN POBJECT_ATTRIBUTES ObjectAttributes
,
655 IN PCLIENT_ID ClientId
662 OUT PHANDLE ThreadHandle
,
663 IN ACCESS_MASK DesiredAccess
,
664 IN POBJECT_ATTRIBUTES ObjectAttributes
,
665 IN PCLIENT_ID ClientId
672 IN HANDLE ThreadHandle
,
673 IN ACCESS_MASK DesiredAccess
,
674 IN BOOLEAN OpenAsSelf
,
675 OUT PHANDLE TokenHandle
682 IN HANDLE ThreadHandle
,
683 IN ACCESS_MASK DesiredAccess
,
684 IN BOOLEAN OpenAsSelf
,
685 IN ULONG HandleAttributes
,
686 OUT PHANDLE TokenHandle
692 ZwQueryInformationJobObject(
694 JOBOBJECTINFOCLASS JobInformationClass
,
695 PVOID JobInformation
,
696 ULONG JobInformationLength
,
704 ZwQueryInformationProcess(
705 IN HANDLE ProcessHandle
,
706 IN PROCESSINFOCLASS ProcessInformationClass
,
707 OUT PVOID ProcessInformation
,
708 IN ULONG ProcessInformationLength
,
709 OUT PULONG ReturnLength OPTIONAL
716 ZwQueryInformationThread(
717 IN HANDLE ThreadHandle
,
718 IN THREADINFOCLASS ThreadInformationClass
,
719 OUT PVOID ThreadInformation
,
720 IN ULONG ThreadInformationLength
,
721 OUT PULONG ReturnLength
727 ZwRegisterThreadTerminatePort(
728 HANDLE TerminationPort
735 IN HANDLE ThreadHandle
,
736 OUT PULONG SuspendCount
743 IN HANDLE ProcessHandle
749 ZwSetInformationJobObject(
751 JOBOBJECTINFOCLASS JobInformationClass
,
752 PVOID JobInformation
,
753 ULONG JobInformationLength
759 ZwSetInformationProcess(
760 IN HANDLE ProcessHandle
,
761 IN PROCESSINFOCLASS ProcessInformationClass
,
762 IN PVOID ProcessInformation
,
763 IN ULONG ProcessInformationLength
769 ZwSetInformationThread(
770 IN HANDLE ThreadHandle
,
771 IN THREADINFOCLASS ThreadInformationClass
,
772 IN PVOID ThreadInformation
,
773 IN ULONG ThreadInformationLength
780 IN HANDLE ProcessHandle
787 IN HANDLE ThreadHandle
,
788 IN PULONG PreviousSuspendCount
795 IN HANDLE ProcessHandle
,
796 IN NTSTATUS ExitStatus
803 IN HANDLE ThreadHandle
,
804 IN NTSTATUS ExitStatus
810 ZwTerminateJobObject(