- NDK 0.98, now with versionned headers. Too many changes to list, see the TinyKRNL...
[reactos.git] / reactos / include / ndk / pstypes.h
1 /*++ NDK Version: 0098
2
3 Copyright (c) Alex Ionescu. All rights reserved.
4
5 Header Name:
6
7 pstypes.h
8
9 Abstract:
10
11 Type definitions for the Process Manager
12
13 Author:
14
15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16
17 --*/
18
19 #ifndef _PSTYPES_H
20 #define _PSTYPES_H
21
22 //
23 // Dependencies
24 //
25 #include <umtypes.h>
26 #include <ldrtypes.h>
27 #include <mmtypes.h>
28 #include <obtypes.h>
29 #ifndef NTOS_MODE_USER
30 #include <extypes.h>
31 #include <setypes.h>
32 #endif
33
34 //
35 // KUSER_SHARED_DATA location in User Mode
36 //
37 #define USER_SHARED_DATA (0x7FFE0000)
38
39 //
40 // Kernel Exports
41 //
42 #ifndef NTOS_MODE_USER
43
44 extern NTSYSAPI struct _EPROCESS* PsInitialSystemProcess;
45 extern NTSYSAPI POBJECT_TYPE PsProcessType;
46
47 #endif
48
49 //
50 // Global Flags
51 //
52 #define FLG_STOP_ON_EXCEPTION 0x00000001
53 #define FLG_SHOW_LDR_SNAPS 0x00000002
54 #define FLG_DEBUG_INITIAL_COMMAND 0x00000004
55 #define FLG_STOP_ON_HUNG_GUI 0x00000008
56 #define FLG_HEAP_ENABLE_TAIL_CHECK 0x00000010
57 #define FLG_HEAP_ENABLE_FREE_CHECK 0x00000020
58 #define FLG_HEAP_VALIDATE_PARAMETERS 0x00000040
59 #define FLG_HEAP_VALIDATE_ALL 0x00000080
60 #define FLG_POOL_ENABLE_TAIL_CHECK 0x00000100
61 #define FLG_POOL_ENABLE_FREE_CHECK 0x00000200
62 #define FLG_POOL_ENABLE_TAGGING 0x00000400
63 #define FLG_HEAP_ENABLE_TAGGING 0x00000800
64 #define FLG_USER_STACK_TRACE_DB 0x00001000
65 #define FLG_KERNEL_STACK_TRACE_DB 0x00002000
66 #define FLG_MAINTAIN_OBJECT_TYPELIST 0x00004000
67 #define FLG_HEAP_ENABLE_TAG_BY_DLL 0x00008000
68 #define FLG_IGNORE_DEBUG_PRIV 0x00010000
69 #define FLG_ENABLE_CSRDEBUG 0x00020000
70 #define FLG_ENABLE_KDEBUG_SYMBOL_LOAD 0x00040000
71 #define FLG_DISABLE_PAGE_KERNEL_STACKS 0x00080000
72 #define FLG_HEAP_ENABLE_CALL_TRACING 0x00100000
73 #define FLG_HEAP_DISABLE_COALESCING 0x00200000
74 #define FLG_ENABLE_CLOSE_EXCEPTIONS 0x00400000
75 #define FLG_ENABLE_EXCEPTION_LOGGING 0x00800000
76 #define FLG_ENABLE_HANDLE_TYPE_TAGGING 0x01000000
77 #define FLG_HEAP_PAGE_ALLOCS 0x02000000
78 #define FLG_DEBUG_INITIAL_COMMAND_EX 0x04000000
79 #define FLG_VALID_BITS 0x07FFFFFF
80
81 //
82 // Process priority classes
83 //
84 #define PROCESS_PRIORITY_CLASS_INVALID 0
85 #define PROCESS_PRIORITY_CLASS_IDLE 1
86 #define PROCESS_PRIORITY_CLASS_NORMAL 2
87 #define PROCESS_PRIORITY_CLASS_HIGH 3
88 #define PROCESS_PRIORITY_CLASS_REALTIME 4
89 #define PROCESS_PRIORITY_CLASS_BELOW_NORMAL 5
90 #define PROCESS_PRIORITY_CLASS_ABOVE_NORMAL 6
91
92 //
93 // NtCreateProcessEx flags
94 //
95 #define PS_REQUEST_BREAKAWAY 1
96 #define PS_NO_DEBUG_INHERIT 2
97 #define PS_INHERIT_HANDLES 4
98 #define PS_UNKNOWN_VALUE 8
99 #define PS_ALL_FLAGS (PS_REQUEST_BREAKAWAY | \
100 PS_NO_DEBUG_INHERIT | \
101 PS_INHERIT_HANDLES | \
102 PS_UNKNOWN_VALUE)
103
104 //
105 // Process base priorities
106 //
107 #define PROCESS_PRIORITY_IDLE 3
108 #define PROCESS_PRIORITY_NORMAL 8
109 #define PROCESS_PRIORITY_NORMAL_FOREGROUND 9
110
111 //
112 // Number of TLS expansion slots
113 //
114 #define TLS_EXPANSION_SLOTS 64
115
116 //
117 // Process Access Types
118 //
119 #ifndef NTOS_MODE_USER
120 #define PROCESS_TERMINATE 0x0001
121 #define PROCESS_CREATE_THREAD 0x0002
122 #define PROCESS_SET_SESSIONID 0x0004
123 #define PROCESS_VM_OPERATION 0x0008
124 #define PROCESS_VM_READ 0x0010
125 #define PROCESS_VM_WRITE 0x0020
126 #define PROCESS_CREATE_PROCESS 0x0080
127 #define PROCESS_SET_QUOTA 0x0100
128 #define PROCESS_SET_INFORMATION 0x0200
129 #define PROCESS_QUERY_INFORMATION 0x0400
130 #define PROCESS_SUSPEND_RESUME 0x0800
131 #define PROCESS_QUERY_LIMITED_INFORMATION 0x1000
132 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
133 #define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
134 SYNCHRONIZE | \
135 0xFFFF)
136 #else
137 #define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
138 SYNCHRONIZE | \
139 0xFFF)
140 #endif
141
142
143 //
144 // Job Access Types
145 //
146 #define JOB_OBJECT_ASSIGN_PROCESS 0x1
147 #define JOB_OBJECT_SET_ATTRIBUTES 0x2
148 #define JOB_OBJECT_QUERY 0x4
149 #define JOB_OBJECT_TERMINATE 0x8
150 #define JOB_OBJECT_SET_SECURITY_ATTRIBUTES 0x10
151 #define JOB_OBJECT_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
152 SYNCHRONIZE | \
153 31)
154 #endif
155
156 #ifdef NTOS_MODE_USER
157 //
158 // Current Process/Thread built-in 'special' handles
159 //
160 #define NtCurrentProcess() ((HANDLE)(LONG_PTR)-1)
161 #define ZwCurrentProcess() NtCurrentProcess()
162 #define NtCurrentThread() ((HANDLE)(LONG_PTR)-2)
163 #define ZwCurrentThread() NtCurrentThread()
164
165 //
166 // Process/Thread/Job Information Classes for NtQueryInformationProcess/Thread/Job
167 //
168 typedef enum _PROCESSINFOCLASS
169 {
170 ProcessBasicInformation,
171 ProcessQuotaLimits,
172 ProcessIoCounters,
173 ProcessVmCounters,
174 ProcessTimes,
175 ProcessBasePriority,
176 ProcessRaisePriority,
177 ProcessDebugPort,
178 ProcessExceptionPort,
179 ProcessAccessToken,
180 ProcessLdtInformation,
181 ProcessLdtSize,
182 ProcessDefaultHardErrorMode,
183 ProcessIoPortHandlers,
184 ProcessPooledUsageAndLimits,
185 ProcessWorkingSetWatch,
186 ProcessUserModeIOPL,
187 ProcessEnableAlignmentFaultFixup,
188 ProcessPriorityClass,
189 ProcessWx86Information,
190 ProcessHandleCount,
191 ProcessAffinityMask,
192 ProcessPriorityBoost,
193 ProcessDeviceMap,
194 ProcessSessionInformation,
195 ProcessForegroundInformation,
196 ProcessWow64Information,
197 ProcessImageFileName,
198 ProcessLUIDDeviceMapsEnabled,
199 ProcessBreakOnTermination,
200 ProcessDebugObjectHandle,
201 ProcessDebugFlags,
202 ProcessHandleTracing,
203 ProcessIoPriority,
204 ProcessExecuteFlags,
205 ProcessTlsInformation,
206 ProcessCookie,
207 ProcessImageInformation,
208 ProcessCycleTime,
209 ProcessPagePriority,
210 ProcessInstrumentationCallback,
211 MaxProcessInfoClass
212 } PROCESSINFOCLASS;
213
214 typedef enum _THREADINFOCLASS
215 {
216 ThreadBasicInformation,
217 ThreadTimes,
218 ThreadPriority,
219 ThreadBasePriority,
220 ThreadAffinityMask,
221 ThreadImpersonationToken,
222 ThreadDescriptorTableEntry,
223 ThreadEnableAlignmentFaultFixup,
224 ThreadEventPair_Reusable,
225 ThreadQuerySetWin32StartAddress,
226 ThreadZeroTlsCell,
227 ThreadPerformanceCount,
228 ThreadAmILastThread,
229 ThreadIdealProcessor,
230 ThreadPriorityBoost,
231 ThreadSetTlsArrayAddress,
232 ThreadIsIoPending,
233 ThreadHideFromDebugger,
234 ThreadBreakOnTermination,
235 ThreadSwitchLegacyState,
236 ThreadIsTerminated,
237 ThreadLastSystemCall,
238 ThreadIoPriority,
239 ThreadCycleTime,
240 ThreadPagePriority,
241 ThreadActualBasePriority,
242 ThreadTebInformation,
243 ThreadCSwitchMon,
244 MaxThreadInfoClass
245 } THREADINFOCLASS;
246
247 #else
248
249 typedef enum _JOBOBJECTINFOCLASS
250 {
251 JobObjectBasicAccountingInformation = 1,
252 JobObjectBasicLimitInformation,
253 JobObjectBasicProcessIdList,
254 JobObjectBasicUIRestrictions,
255 JobObjectSecurityLimitInformation,
256 JobObjectEndOfJobTimeInformation,
257 JobObjectAssociateCompletionPortInformation,
258 JobObjectBasicAndIoAccountingInformation,
259 JobObjectExtendedLimitInformation,
260 JobObjectJobSetInformation,
261 MaxJobObjectInfoClass
262 } JOBOBJECTINFOCLASS;
263
264 //
265 // Power Event Events for Win32K Power Event Callback
266 //
267 typedef enum _PSPOWEREVENTTYPE
268 {
269 PsW32FullWake = 0,
270 PsW32EventCode = 1,
271 PsW32PowerPolicyChanged = 2,
272 PsW32SystemPowerState = 3,
273 PsW32SystemTime = 4,
274 PsW32DisplayState = 5,
275 PsW32CapabilitiesChanged = 6,
276 PsW32SetStateFailed = 7,
277 PsW32GdiOff = 8,
278 PsW32GdiOn = 9,
279 PsW32GdiPrepareResumeUI = 10,
280 PsW32GdiOffRequest = 11,
281 PsW32MonitorOff = 12,
282 } PSPOWEREVENTTYPE;
283
284 //
285 // Power State Tasks for Win32K Power State Callback
286 //
287 typedef enum _POWERSTATETASK
288 {
289 PowerState_BlockSessionSwitch = 0,
290 PowerState_Init = 1,
291 PowerState_QueryApps = 2,
292 PowerState_QueryServices = 3,
293 PowerState_QueryAppsFailed = 4,
294 PowerState_QueryServicesFailed = 5,
295 PowerState_SuspendApps = 6,
296 PowerState_SuspendServices = 7,
297 PowerState_ShowUI = 8,
298 PowerState_NotifyWL = 9,
299 PowerState_ResumeApps = 10,
300 PowerState_ResumeServices = 11,
301 PowerState_UnBlockSessionSwitch = 12,
302 PowerState_End = 13,
303 PowerState_BlockInput = 14,
304 PowerState_UnblockInput = 15,
305 } POWERSTATETASK;
306
307 //
308 // Win32K Job Callback Types
309 //
310 typedef enum _PSW32JOBCALLOUTTYPE
311 {
312 PsW32JobCalloutSetInformation = 0,
313 PsW32JobCalloutAddProcess = 1,
314 PsW32JobCalloutTerminate = 2,
315 } PSW32JOBCALLOUTTYPE;
316
317 //
318 // Win32K Thread Callback Types
319 //
320 typedef enum _PSW32THREADCALLOUTTYPE
321 {
322 PsW32ThreadCalloutInitialize,
323 PsW32ThreadCalloutExit,
324 } PSW32THREADCALLOUTTYPE;
325
326 //
327 // Declare empty structure definitions so that they may be referenced by
328 // routines before they are defined
329 //
330 struct _W32THREAD;
331 struct _W32PROCESS;
332 struct _ETHREAD;
333 struct _WIN32_POWEREVENT_PARAMETERS;
334 struct _WIN32_POWERSTATE_PARAMETERS;
335 struct _WIN32_JOBCALLOUT_PARAMETERS;
336 struct _WIN32_OPENMETHOD_PARAMETERS;
337 struct _WIN32_OKTOCLOSEMETHOD_PARAMETERS;
338 struct _WIN32_CLOSEMETHOD_PARAMETERS;
339 struct _WIN32_DELETEMETHOD_PARAMETERS;
340 struct _WIN32_PARSEMETHOD_PARAMETERS;
341
342 //
343 // Win32K Process and Thread Callbacks
344 //
345 typedef NTSTATUS
346 (NTAPI *PKWIN32_PROCESS_CALLOUT)(
347 struct _EPROCESS *Process,
348 BOOLEAN Create
349 );
350
351 typedef NTSTATUS
352 (NTAPI *PKWIN32_THREAD_CALLOUT)(
353 struct _ETHREAD *Thread,
354 PSW32THREADCALLOUTTYPE Type
355 );
356
357 typedef NTSTATUS
358 (NTAPI *PKWIN32_GLOBALATOMTABLE_CALLOUT)(
359 VOID
360 );
361
362 typedef NTSTATUS
363 (NTAPI *PKWIN32_POWEREVENT_CALLOUT)(
364 struct _WIN32_POWEREVENT_PARAMETERS *Parameters
365 );
366
367 typedef NTSTATUS
368 (NTAPI *PKWIN32_POWERSTATE_CALLOUT)(
369 struct _WIN32_POWERSTATE_PARAMETERS *Parameters
370 );
371
372 typedef NTSTATUS
373 (NTAPI *PKWIN32_JOB_CALLOUT)(
374 struct _WIN32_JOBCALLOUT_PARAMETERS *Parameters
375 );
376
377 typedef NTSTATUS
378 (NTAPI *PGDI_BATCHFLUSH_ROUTINE)(
379 VOID
380 );
381
382 typedef NTSTATUS
383 (NTAPI *PKWIN32_OPENMETHOD_CALLOUT)(
384 struct _WIN32_OPENMETHOD_PARAMETERS *Parameters
385 );
386
387 typedef NTSTATUS
388 (NTAPI *PKWIN32_OKTOCLOSEMETHOD_CALLOUT)(
389 struct _WIN32_OKTOCLOSEMETHOD_PARAMETERS *Parameters
390 );
391
392 typedef NTSTATUS
393 (NTAPI *PKWIN32_CLOSEMETHOD_CALLOUT)(
394 struct _WIN32_CLOSEMETHOD_PARAMETERS *Parameters
395 );
396
397 typedef NTSTATUS
398 (NTAPI *PKWIN32_DELETEMETHOD_CALLOUT)(
399 struct _WIN32_DELETEMETHOD_PARAMETERS *Parameters
400 );
401
402 typedef NTSTATUS
403 (NTAPI *PKWIN32_PARSEMETHOD_CALLOUT)(
404 struct _WIN32_PARSEMETHOD_PARAMETERS *Parameters
405 );
406
407 typedef NTSTATUS
408 (NTAPI *PKWIN32_WIN32DATACOLLECTION_CALLOUT)(
409 struct _EPROCESS *Process,
410 PVOID Callback,
411 PVOID Context
412 );
413
414 #endif
415
416 typedef NTSTATUS
417 (NTAPI *PPOST_PROCESS_INIT_ROUTINE)(
418 VOID
419 );
420
421 #ifdef NTOS_MODE_USER
422
423 //
424 // ClientID Structure
425 //
426 typedef struct _CLIENT_ID
427 {
428 HANDLE UniqueProcess;
429 HANDLE UniqueThread;
430 } CLIENT_ID, *PCLIENT_ID;
431
432 #endif
433
434 //
435 // Descriptor Table Entry Definition
436 //
437 #define _DESCRIPTOR_TABLE_ENTRY_DEFINED
438 typedef struct _DESCRIPTOR_TABLE_ENTRY
439 {
440 ULONG Selector;
441 LDT_ENTRY Descriptor;
442 } DESCRIPTOR_TABLE_ENTRY, *PDESCRIPTOR_TABLE_ENTRY;
443
444 //
445 // PEB Lock Routine
446 //
447 typedef VOID
448 (NTAPI *PPEBLOCKROUTINE)(
449 PVOID PebLock
450 );
451
452 //
453 // PEB Free Block Descriptor
454 //
455 typedef struct _PEB_FREE_BLOCK
456 {
457 struct _PEB_FREE_BLOCK* Next;
458 ULONG Size;
459 } PEB_FREE_BLOCK, *PPEB_FREE_BLOCK;
460
461 //
462 // Process Environment Block (PEB)
463 //
464 typedef struct _PEB
465 {
466 UCHAR InheritedAddressSpace;
467 UCHAR ReadImageFileExecOptions;
468 UCHAR BeingDebugged;
469 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
470 struct
471 {
472 UCHAR ImageUsesLargePages:1;
473 UCHAR IsProtectedProcess:1;
474 UCHAR IsLegacyProcess:1;
475 UCHAR SpareBits:5;
476 };
477 #else
478 BOOLEAN SpareBool;
479 #endif
480 HANDLE Mutant;
481 PVOID ImageBaseAddress;
482 PPEB_LDR_DATA Ldr;
483 struct _RTL_USER_PROCESS_PARAMETERS *ProcessParameters;
484 PVOID SubSystemData;
485 PVOID ProcessHeap;
486 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
487 struct _RTL_CRITICAL_SECTION *FastPebLock;
488 PVOID AltThunkSListPtr;
489 PVOID IFEOKey;
490 ULONG Spare;
491 union
492 {
493 PVOID* KernelCallbackTable;
494 PVOID UserSharedInfoPtr;
495 };
496 ULONG SystemReserved[1];
497 ULONG SpareUlong;
498 #else
499 PVOID FastPebLock;
500 PPEBLOCKROUTINE FastPebLockRoutine;
501 PPEBLOCKROUTINE FastPebUnlockRoutine;
502 ULONG EnvironmentUpdateCount;
503 PVOID* KernelCallbackTable;
504 PVOID EventLogSection;
505 PVOID EventLog;
506 #endif
507 PPEB_FREE_BLOCK FreeList;
508 ULONG TlsExpansionCounter;
509 PVOID TlsBitmap;
510 ULONG TlsBitmapBits[0x2];
511 PVOID ReadOnlySharedMemoryBase;
512 PVOID ReadOnlySharedMemoryHeap;
513 PVOID* ReadOnlyStaticServerData;
514 PVOID AnsiCodePageData;
515 PVOID OemCodePageData;
516 PVOID UnicodeCaseTableData;
517 ULONG NumberOfProcessors;
518 ULONG NtGlobalFlag;
519 LARGE_INTEGER CriticalSectionTimeout;
520 ULONG HeapSegmentReserve;
521 ULONG HeapSegmentCommit;
522 ULONG HeapDeCommitTotalFreeThreshold;
523 ULONG HeapDeCommitFreeBlockThreshold;
524 ULONG NumberOfHeaps;
525 ULONG MaximumNumberOfHeaps;
526 PVOID* ProcessHeaps;
527 PVOID GdiSharedHandleTable;
528 PVOID ProcessStarterHelper;
529 PVOID GdiDCAttributeList;
530 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
531 struct _RTL_CRITICAL_SECTION *LoaderLock;
532 #else
533 PVOID LoaderLock;
534 #endif
535 ULONG OSMajorVersion;
536 ULONG OSMinorVersion;
537 USHORT OSBuildNumber;
538 USHORT OSCSDVersion;
539 ULONG OSPlatformId;
540 ULONG ImageSubSystem;
541 ULONG ImageSubSystemMajorVersion;
542 ULONG ImageSubSystemMinorVersion;
543 ULONG ImageProcessAffinityMask;
544 ULONG GdiHandleBuffer[0x22];
545 PPOST_PROCESS_INIT_ROUTINE PostProcessInitRoutine;
546 struct _RTL_BITMAP *TlsExpansionBitmap;
547 ULONG TlsExpansionBitmapBits[0x20];
548 ULONG SessionId;
549 #if (NTDDI_VERSION >= NTDDI_WINXP)
550 ULARGE_INTEGER AppCompatFlags;
551 ULARGE_INTEGER AppCompatFlagsUser;
552 PVOID pShimData;
553 PVOID AppCompatInfo;
554 UNICODE_STRING CSDVersion;
555 struct _ACTIVATION_CONTEXT_DATA *ActivationContextData;
556 struct _ASSEMBLY_STORAGE_MAP *ProcessAssemblyStorageMap;
557 struct _ACTIVATION_CONTEXT_DATA *SystemDefaultActivationContextData;
558 struct _ASSEMBLY_STORAGE_MAP *SystemAssemblyStorageMap;
559 ULONG MinimumStackCommit;
560 #endif
561 #if (NTDDI_VERSION >= NTDDI_WS03)
562 PVOID *FlsCallback;
563 LIST_ENTRY FlsListHead;
564 struct _RTL_BITMAP *FlsBitmap;
565 ULONG FlsBitmapBits[4];
566 ULONG FlsHighIndex;
567 #endif
568 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
569 PVOID WerRegistrationData;
570 PVOID WerShipAssertPtr;
571 #endif
572 } PEB, *PPEB;
573
574 //
575 // GDI Batch Descriptor
576 //
577 typedef struct _GDI_TEB_BATCH
578 {
579 ULONG Offset;
580 ULONG HDC;
581 ULONG Buffer[0x136];
582 } GDI_TEB_BATCH, *PGDI_TEB_BATCH;
583
584 //
585 // Initial TEB
586 //
587 typedef struct _INITIAL_TEB
588 {
589 PVOID PreviousStackBase;
590 PVOID PreviousStackLimit;
591 PVOID StackBase;
592 PVOID StackLimit;
593 PVOID AllocatedStackBase;
594 } INITIAL_TEB, *PINITIAL_TEB;
595
596 //
597 // TEB Active Frame Structures
598 //
599 typedef struct _TEB_ACTIVE_FRAME_CONTEXT
600 {
601 ULONG Flags;
602 LPSTR FrameName;
603 } TEB_ACTIVE_FRAME_CONTEXT, *PTEB_ACTIVE_FRAME_CONTEXT;
604
605 typedef struct _TEB_ACTIVE_FRAME
606 {
607 ULONG Flags;
608 struct _TEB_ACTIVE_FRAME *Previous;
609 PTEB_ACTIVE_FRAME_CONTEXT Context;
610 } TEB_ACTIVE_FRAME, *PTEB_ACTIVE_FRAME;
611
612 //
613 // Thread Environment Block (TEB)
614 //
615 typedef struct _TEB
616 {
617 NT_TIB Tib;
618 PVOID EnvironmentPointer;
619 CLIENT_ID Cid;
620 PVOID ActiveRpcHandle;
621 PVOID ThreadLocalStoragePointer;
622 struct _PEB *ProcessEnvironmentBlock;
623 ULONG LastErrorValue;
624 ULONG CountOfOwnedCriticalSections;
625 PVOID CsrClientThread;
626 struct _W32THREAD* Win32ThreadInfo;
627 ULONG User32Reserved[0x1A];
628 ULONG UserReserved[5];
629 PVOID WOW32Reserved;
630 LCID CurrentLocale;
631 ULONG FpSoftwareStatusRegister;
632 PVOID SystemReserved1[0x36];
633 LONG ExceptionCode;
634 struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer;
635 UCHAR SpareBytes1[0x24];
636 ULONG TxFsContext;
637 GDI_TEB_BATCH GdiTebBatch;
638 CLIENT_ID RealClientId;
639 PVOID GdiCachedProcessHandle;
640 ULONG GdiClientPID;
641 ULONG GdiClientTID;
642 PVOID GdiThreadLocalInfo;
643 ULONG Win32ClientInfo[62];
644 PVOID glDispatchTable[0xE9];
645 ULONG glReserved1[0x1D];
646 PVOID glReserved2;
647 PVOID glSectionInfo;
648 PVOID glSection;
649 PVOID glTable;
650 PVOID glCurrentRC;
651 PVOID glContext;
652 NTSTATUS LastStatusValue;
653 UNICODE_STRING StaticUnicodeString;
654 WCHAR StaticUnicodeBuffer[0x105];
655 PVOID DeallocationStack;
656 PVOID TlsSlots[0x40];
657 LIST_ENTRY TlsLinks;
658 PVOID Vdm;
659 PVOID ReservedForNtRpc;
660 PVOID DbgSsReserved[0x2];
661 ULONG HardErrorDisabled;
662 PVOID Instrumentation[9];
663 GUID ActivityId;
664 PVOID SubProcessTag;
665 PVOID EtwTraceData;
666 PVOID WinSockData;
667 ULONG GdiBatchCount;
668 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
669 BOOLEAN SpareBool0;
670 BOOLEAN SpareBool1;
671 BOOLEAN SpareBool2;
672 #else
673 BOOLEAN InDbgPrint;
674 BOOLEAN FreeStackOnTermination;
675 BOOLEAN HasFiberData;
676 #endif
677 UCHAR IdealProcessor;
678 ULONG GuaranteedStackBytes;
679 PVOID ReservedForPerf;
680 PVOID ReservedForOle;
681 ULONG WaitingOnLoaderLock;
682 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
683 PVOID SavedPriorityState;
684 #else
685 ULONG SparePointer1;
686 #endif
687 ULONG SoftPatchPtr1;
688 ULONG SoftPatchPtr2;
689 PVOID *TlsExpansionSlots;
690 ULONG ImpersionationLocale;
691 ULONG IsImpersonating;
692 PVOID NlsCache;
693 PVOID pShimData;
694 ULONG HeapVirualAffinity;
695 PVOID CurrentTransactionHandle;
696 PTEB_ACTIVE_FRAME ActiveFrame;
697 #if (NTDDI_VERSION >= NTDDI_WS03)
698 PVOID FlsData;
699 #endif
700 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
701 PVOID PreferredLangauges;
702 PVOID UserPrefLanguages;
703 PVOID MergedPrefLanguages;
704 ULONG MuiImpersonation;
705 union
706 {
707 struct
708 {
709 USHORT SpareCrossTebFlags:16;
710 };
711 USHORT CrossTebFlags;
712 };
713 union
714 {
715 struct
716 {
717 USHORT DbgSafeThunkCall:1;
718 USHORT DbgInDebugPrint:1;
719 USHORT DbgHasFiberData:1;
720 USHORT DbgSkipThreadAttach:1;
721 USHORT DbgWerInShipAssertCode:1;
722 USHORT DbgIssuedInitialBp:1;
723 USHORT DbgClonedThread:1;
724 USHORT SpareSameTebBits:9;
725 };
726 USHORT SameTebFlags;
727 };
728 PVOID TxnScopeEntercallback;
729 PVOID TxnScopeExitCAllback;
730 PVOID TxnScopeContext;
731 ULONG LockCount;
732 ULONG ProcessRundown;
733 ULONGLONG LastSwitchTime;
734 ULONGLONG TotalSwitchOutTime;
735 LARGE_INTEGER WaitReasonBitMap;
736 #else
737 UCHAR SafeThunkCall;
738 UCHAR BooleanSpare[3];
739 #endif
740 } TEB, *PTEB;
741
742 #ifdef NTOS_MODE_USER
743
744 //
745 // Process Information Structures for NtQueryProcessInformation
746 //
747 typedef struct _PROCESS_BASIC_INFORMATION
748 {
749 NTSTATUS ExitStatus;
750 PPEB PebBaseAddress;
751 ULONG_PTR AffinityMask;
752 KPRIORITY BasePriority;
753 ULONG_PTR UniqueProcessId;
754 ULONG_PTR InheritedFromUniqueProcessId;
755 } PROCESS_BASIC_INFORMATION,*PPROCESS_BASIC_INFORMATION;
756
757 typedef struct _PROCESS_ACCESS_TOKEN
758 {
759 HANDLE Token;
760 HANDLE Thread;
761 } PROCESS_ACCESS_TOKEN, *PPROCESS_ACCESS_TOKEN;
762
763 typedef struct _PROCESS_DEVICEMAP_INFORMATION
764 {
765 union
766 {
767 struct
768 {
769 HANDLE DirectoryHandle;
770 } Set;
771 struct
772 {
773 ULONG DriveMap;
774 UCHAR DriveType[32];
775 } Query;
776 };
777 } PROCESS_DEVICEMAP_INFORMATION, *PPROCESS_DEVICEMAP_INFORMATION;
778
779 typedef struct _KERNEL_USER_TIMES
780 {
781 LARGE_INTEGER CreateTime;
782 LARGE_INTEGER ExitTime;
783 LARGE_INTEGER KernelTime;
784 LARGE_INTEGER UserTime;
785 } KERNEL_USER_TIMES, *PKERNEL_USER_TIMES;
786
787 typedef struct _PROCESS_SESSION_INFORMATION
788 {
789 ULONG SessionId;
790 } PROCESS_SESSION_INFORMATION, *PPROCESS_SESSION_INFORMATION;
791
792 #endif
793
794 typedef struct _PROCESS_PRIORITY_CLASS
795 {
796 BOOLEAN Foreground;
797 UCHAR PriorityClass;
798 } PROCESS_PRIORITY_CLASS, *PPROCESS_PRIORITY_CLASS;
799
800 //
801 // Thread Information Structures for NtQueryProcessInformation
802 //
803 typedef struct _THREAD_BASIC_INFORMATION
804 {
805 NTSTATUS ExitStatus;
806 PVOID TebBaseAddress;
807 CLIENT_ID ClientId;
808 KAFFINITY AffinityMask;
809 KPRIORITY Priority;
810 KPRIORITY BasePriority;
811 } THREAD_BASIC_INFORMATION, *PTHREAD_BASIC_INFORMATION;
812
813 #ifndef NTOS_MODE_USER
814
815 //
816 // EPROCESS Quota Structures
817 //
818 typedef struct _EPROCESS_QUOTA_ENTRY
819 {
820 SIZE_T Usage;
821 SIZE_T Limit;
822 SIZE_T Peak;
823 SIZE_T Return;
824 } EPROCESS_QUOTA_ENTRY, *PEPROCESS_QUOTA_ENTRY;
825
826 typedef struct _EPROCESS_QUOTA_BLOCK
827 {
828 EPROCESS_QUOTA_ENTRY QuotaEntry[3];
829 LIST_ENTRY QuotaList;
830 ULONG ReferenceCount;
831 ULONG ProcessCount;
832 } EPROCESS_QUOTA_BLOCK, *PEPROCESS_QUOTA_BLOCK;
833
834 //
835 // Process Pagefault History
836 //
837 typedef struct _PAGEFAULT_HISTORY
838 {
839 ULONG CurrentIndex;
840 ULONG MapIndex;
841 KSPIN_LOCK SpinLock;
842 PVOID Reserved;
843 PROCESS_WS_WATCH_INFORMATION WatchInfo[1];
844 } PAGEFAULT_HISTORY, *PPAGEFAULT_HISTORY;
845
846 //
847 // Process Impersonation Information
848 //
849 typedef struct _PS_IMPERSONATION_INFORMATION
850 {
851 PACCESS_TOKEN Token;
852 BOOLEAN CopyOnOpen;
853 BOOLEAN EffectiveOnly;
854 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
855 } PS_IMPERSONATION_INFORMATION, *PPS_IMPERSONATION_INFORMATION;
856
857 //
858 // Process Termination Port
859 //
860 typedef struct _TERMINATION_PORT
861 {
862 struct _TERMINATION_PORT *Next;
863 PVOID Port;
864 } TERMINATION_PORT, *PTERMINATION_PORT;
865
866 //
867 // Per-Process APC Rate Limiting
868 //
869 typedef struct _PSP_RATE_APC
870 {
871 union
872 {
873 SINGLE_LIST_ENTRY NextApc;
874 ULONGLONG ExcessCycles;
875 };
876 ULONGLONG TargetGEneration;
877 KAPC RateApc;
878 } PSP_RATE_APC, *PPSP_RATE_APC;
879
880 //
881 // Executive Thread (ETHREAD)
882 //
883 #include <pshpack4.h>
884 typedef struct _ETHREAD
885 {
886 KTHREAD Tcb;
887 PVOID Padding;
888 LARGE_INTEGER CreateTime;
889 union
890 {
891 LARGE_INTEGER ExitTime;
892 LIST_ENTRY LpcReplyChain;
893 LIST_ENTRY KeyedWaitChain;
894 };
895 union
896 {
897 NTSTATUS ExitStatus;
898 PVOID OfsChain;
899 };
900 LIST_ENTRY PostBlockList;
901 union
902 {
903 struct _TERMINATION_PORT *TerminationPort;
904 struct _ETHREAD *ReaperLink;
905 PVOID KeyedWaitValue;
906 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
907 PVOID Win32StartParameter;
908 #endif
909 };
910 KSPIN_LOCK ActiveTimerListLock;
911 LIST_ENTRY ActiveTimerListHead;
912 CLIENT_ID Cid;
913 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
914 KSEMAPHORE KeyedWaitSemaphore;
915 #else
916 union
917 {
918 KSEMAPHORE LpcReplySemaphore;
919 KSEMAPHORE KeyedReplySemaphore;
920 };
921 union
922 {
923 PVOID LpcReplyMessage;
924 PVOID LpcWaitingOnPort;
925 };
926 #endif
927 PPS_IMPERSONATION_INFORMATION ImpersonationInfo;
928 LIST_ENTRY IrpList;
929 ULONG TopLevelIrp;
930 PDEVICE_OBJECT DeviceToVerify;
931 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
932 PPSP_RATE_APC RateControlApc;
933 #else
934 struct _EPROCESS *ThreadsProcess;
935 #endif
936 PVOID Win32StartAddress;
937 union
938 {
939 PKSTART_ROUTINE StartAddress;
940 ULONG LpcReceivedMessageId;
941 };
942 LIST_ENTRY ThreadListEntry;
943 EX_RUNDOWN_REF RundownProtect;
944 EX_PUSH_LOCK ThreadLock;
945 #if (NTDDI_VERSION < NTDDI_LONGHORN)
946 ULONG LpcReplyMessageId;
947 #endif
948 ULONG ReadClusterSize;
949 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
950 ULONG SpareUlong0;
951 #else
952 ACCESS_MASK GrantedAccess;
953 #endif
954 union
955 {
956 struct
957 {
958 ULONG Terminated:1;
959 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
960 ULONG ThreadInserted:1;
961 #else
962 ULONG DeadThread:1;
963 #endif
964 ULONG HideFromDebugger:1;
965 ULONG ActiveImpersonationInfo:1;
966 ULONG SystemThread:1;
967 ULONG HardErrorsAreDisabled:1;
968 ULONG BreakOnTermination:1;
969 ULONG SkipCreationMsg:1;
970 ULONG SkipTerminationMsg:1;
971 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
972 ULONG CreateMsgSent:1;
973 ULONG ThreadIoPriority:3;
974 ULONG ThreadPagePriority:3;
975 ULONG PendingRatecontrol:1;
976 #endif
977 };
978 ULONG CrossThreadFlags;
979 };
980 union
981 {
982 struct
983 {
984 ULONG ActiveExWorker:1;
985 ULONG ExWorkerCanWaitUser:1;
986 ULONG MemoryMaker:1;
987 ULONG KeyedEventInUse:1;
988 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
989 ULONG RateApcState:2;
990 #endif
991 };
992 ULONG SameThreadPassiveFlags;
993 };
994 union
995 {
996 struct
997 {
998 ULONG LpcReceivedMsgIdValid:1;
999 ULONG LpcExitThreadCalled:1;
1000 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1001 ULONG Spare:1;
1002 #else
1003 ULONG AddressSpaceOwner:1;
1004 #endif
1005 ULONG OwnsProcessWorkingSetExclusive:1;
1006 ULONG OwnsProcessWorkingSetShared:1;
1007 ULONG OwnsSystemWorkingSetExclusive:1;
1008 ULONG OwnsSystemWorkingSetShared:1;
1009 ULONG OwnsSessionWorkingSetExclusive:1;
1010 ULONG OwnsSessionWorkingSetShared:1;
1011 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1012 ULONG SupressSymbolLoad:1;
1013 ULONG Spare1:3;
1014 ULONG PriorityRegionActive:4;
1015 #else
1016 ULONG ApcNeeded:1;
1017 #endif
1018 };
1019 ULONG SameThreadApcFlags;
1020 };
1021 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1022 UCHAR CacheManagerActive;
1023 #else
1024 UCHAR ForwardClusterOnly;
1025 #endif
1026 UCHAR DisablePageFaultClustering;
1027 UCHAR ActiveFaultCount;
1028 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1029 ULONG AlpcMessageId;
1030 union
1031 {
1032 PVOID AlpcMessage;
1033 ULONG AlpcReceiveAttributeSet;
1034 };
1035 LIST_ENTRY AlpcWaitListEntry;
1036 KSEMAPHORE AlpcWaitSemaphore;
1037 ULONG CacheManagerCount;
1038 #endif
1039 } ETHREAD;
1040
1041 //
1042 // Executive Process (EPROCESS)
1043 //
1044 typedef struct _EPROCESS
1045 {
1046 KPROCESS Pcb;
1047 EX_PUSH_LOCK ProcessLock;
1048 LARGE_INTEGER CreateTime;
1049 LARGE_INTEGER ExitTime;
1050 EX_RUNDOWN_REF RundownProtect;
1051 HANDLE UniqueProcessId;
1052 LIST_ENTRY ActiveProcessLinks;
1053 ULONG QuotaUsage[3];
1054 ULONG QuotaPeak[3];
1055 ULONG CommitCharge;
1056 ULONG PeakVirtualSize;
1057 ULONG VirtualSize;
1058 LIST_ENTRY SessionProcessLinks;
1059 PVOID DebugPort;
1060 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1061 union
1062 {
1063 PVOID ExceptionPortData;
1064 ULONG ExceptionPortValue;
1065 UCHAR ExceptionPortState:3;
1066 };
1067 #else
1068 PVOID ExceptionPort;
1069 #endif
1070 PHANDLE_TABLE ObjectTable;
1071 EX_FAST_REF Token;
1072 ULONG WorkingSetPage;
1073 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1074 EX_PUSH_LOCK AddressCreationLock;
1075 PETHREAD RotateInProgress;
1076 #else
1077 KGUARDED_MUTEX AddressCreationLock;
1078 KSPIN_LOCK HyperSpaceLock;
1079 #endif
1080 PETHREAD ForkInProgress;
1081 ULONG HardwareTrigger;
1082 MM_AVL_TABLE PhysicalVadroot;
1083 PVOID CloneRoot;
1084 ULONG NumberOfPrivatePages;
1085 ULONG NumberOfLockedPages;
1086 PVOID *Win32Process;
1087 struct _EJOB *Job;
1088 PVOID SectionObject;
1089 PVOID SectionBaseAddress;
1090 PEPROCESS_QUOTA_BLOCK QuotaBlock;
1091 PPAGEFAULT_HISTORY WorkingSetWatch;
1092 PVOID Win32WindowStation;
1093 HANDLE InheritedFromUniqueProcessId;
1094 PVOID LdtInformation;
1095 PVOID VadFreeHint;
1096 PVOID VdmObjects;
1097 PVOID DeviceMap;
1098 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1099 ULONG AlpcPagedPoolQuotaCache;
1100 PVOID EtwDataSource;
1101 PVOID FreeTebHint;
1102 #else
1103 PVOID Spare0[3];
1104 #endif
1105 union
1106 {
1107 HARDWARE_PTE_X86 PagedirectoryPte;
1108 ULONGLONG Filler;
1109 };
1110 ULONG Session;
1111 CHAR ImageFileName[16];
1112 LIST_ENTRY JobLinks;
1113 PVOID LockedPagesList;
1114 LIST_ENTRY ThreadListHead;
1115 PVOID SecurityPort;
1116 PVOID PaeTop;
1117 ULONG ActiveThreads;
1118 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1119 ULONG ImagePathHash;
1120 #else
1121 ACCESS_MASK GrantedAccess;
1122 #endif
1123 ULONG DefaultHardErrorProcessing;
1124 NTSTATUS LastThreadExitStatus;
1125 struct _PEB* Peb;
1126 EX_FAST_REF PrefetchTrace;
1127 LARGE_INTEGER ReadOperationCount;
1128 LARGE_INTEGER WriteOperationCount;
1129 LARGE_INTEGER OtherOperationCount;
1130 LARGE_INTEGER ReadTransferCount;
1131 LARGE_INTEGER WriteTransferCount;
1132 LARGE_INTEGER OtherTransferCount;
1133 ULONG CommitChargeLimit;
1134 ULONG CommitChargePeak;
1135 PVOID AweInfo;
1136 SE_AUDIT_PROCESS_CREATION_INFO SeAuditProcessCreationInfo;
1137 MMSUPPORT Vm;
1138 LIST_ENTRY MmProcessLinks;
1139 ULONG ModifiedPageCount;
1140 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1141 union
1142 {
1143 struct
1144 {
1145 ULONG JobNotReallyActive:1;
1146 ULONG AccountingFolded:1;
1147 ULONG NewProcessReported:1;
1148 ULONG ExitProcessReported:1;
1149 ULONG ReportCommitChanges:1;
1150 ULONG LastReportMemory:1;
1151 ULONG ReportPhysicalPageChanges:1;
1152 ULONG HandleTableRundown:1;
1153 ULONG NeedsHandleRundown:1;
1154 ULONG RefTraceEnabled:1;
1155 ULONG NumaAware:1;
1156 ULONG ProtectedProcess:1;
1157 ULONG DefaultPagePriority:3;
1158 ULONG ProcessDeleteSelf:1;
1159 ULONG ProcessVerifierTarget:1;
1160 };
1161 ULONG Flags2;
1162 };
1163 #else
1164 ULONG JobStatus;
1165 #endif
1166 union
1167 {
1168 struct
1169 {
1170 ULONG CreateReported:1;
1171 ULONG NoDebugInherit:1;
1172 ULONG ProcessExiting:1;
1173 ULONG ProcessDelete:1;
1174 ULONG Wow64SplitPages:1;
1175 ULONG VmDeleted:1;
1176 ULONG OutswapEnabled:1;
1177 ULONG Outswapped:1;
1178 ULONG ForkFailed:1;
1179 ULONG Wow64VaSpace4Gb:1;
1180 ULONG AddressSpaceInitialized:2;
1181 ULONG SetTimerResolution:1;
1182 ULONG BreakOnTermination:1;
1183 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1184 ULONG DeprioritizeViews:1;
1185 #else
1186 ULONG SessionCreationUnderway:1;
1187 #endif
1188 ULONG WriteWatch:1;
1189 ULONG ProcessInSession:1;
1190 ULONG OverrideAddressSpace:1;
1191 ULONG HasAddressSpace:1;
1192 ULONG LaunchPrefetched:1;
1193 ULONG InjectInpageErrors:1;
1194 ULONG VmTopDown:1;
1195 ULONG ImageNotifyDone:1;
1196 ULONG PdeUpdateNeeded:1;
1197 ULONG VdmAllowed:1;
1198 ULONG SmapAllowed:1;
1199 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1200 ULONG ProcessInserted:1;
1201 #else
1202 ULONG CreateFailed:1;
1203 #endif
1204 ULONG DefaultIoPriority:3;
1205 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1206 ULONG SparePsFlags1:2;
1207 #else
1208 ULONG Spare1:1;
1209 ULONG Spare2:1;
1210 #endif
1211 };
1212 ULONG Flags;
1213 };
1214 NTSTATUS ExitStatus;
1215 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1216 USHORT Spare7;
1217 #else
1218 USHORT NextPageColor;
1219 #endif
1220 union
1221 {
1222 struct
1223 {
1224 UCHAR SubSystemMinorVersion;
1225 UCHAR SubSystemMajorVersion;
1226 };
1227 USHORT SubSystemVersion;
1228 };
1229 UCHAR PriorityClass;
1230 MM_AVL_TABLE VadRoot;
1231 ULONG Cookie;
1232 } EPROCESS;
1233 #include <poppack.h>
1234
1235 //
1236 // Job Token Filter Data
1237 //
1238 #include <pshpack1.h>
1239 typedef struct _PS_JOB_TOKEN_FILTER
1240 {
1241 ULONG CapturedSidCount;
1242 PSID_AND_ATTRIBUTES CapturedSids;
1243 ULONG CapturedSidsLength;
1244 ULONG CapturedGroupCount;
1245 PSID_AND_ATTRIBUTES CapturedGroups;
1246 ULONG CapturedGroupsLength;
1247 ULONG CapturedPrivilegeCount;
1248 PLUID_AND_ATTRIBUTES CapturedPrivileges;
1249 ULONG CapturedPrivilegesLength;
1250 } PS_JOB_TOKEN_FILTER, *PPS_JOB_TOKEN_FILTER;
1251
1252 //
1253 // Executive Job (EJOB)
1254 //
1255 typedef struct _EJOB
1256 {
1257 KEVENT Event;
1258 LIST_ENTRY JobLinks;
1259 LIST_ENTRY ProcessListHead;
1260 ERESOURCE JobLock;
1261 LARGE_INTEGER TotalUserTime;
1262 LARGE_INTEGER TotalKernelTime;
1263 LARGE_INTEGER ThisPeriodTotalUserTime;
1264 LARGE_INTEGER ThisPeriodTotalKernelTime;
1265 ULONG TotalPageFaultCount;
1266 ULONG TotalProcesses;
1267 ULONG ActiveProcesses;
1268 ULONG TotalTerminatedProcesses;
1269 LARGE_INTEGER PerProcessUserTimeLimit;
1270 LARGE_INTEGER PerJobUserTimeLimit;
1271 ULONG LimitFlags;
1272 ULONG MinimumWorkingSetSize;
1273 ULONG MaximumWorkingSetSize;
1274 ULONG ActiveProcessLimit;
1275 ULONG Affinity;
1276 UCHAR PriorityClass;
1277 ULONG UIRestrictionsClass;
1278 ULONG SecurityLimitFlags;
1279 PVOID Token;
1280 PPS_JOB_TOKEN_FILTER Filter;
1281 ULONG EndOfJobTimeAction;
1282 PVOID CompletionPort;
1283 PVOID CompletionKey;
1284 ULONG SessionId;
1285 ULONG SchedulingClass;
1286 ULONGLONG ReadOperationCount;
1287 ULONGLONG WriteOperationCount;
1288 ULONGLONG OtherOperationCount;
1289 ULONGLONG ReadTransferCount;
1290 ULONGLONG WriteTransferCount;
1291 ULONGLONG OtherTransferCount;
1292 IO_COUNTERS IoInfo;
1293 ULONG ProcessMemoryLimit;
1294 ULONG JobMemoryLimit;
1295 ULONG PeakProcessMemoryUsed;
1296 ULONG PeakJobMemoryUsed;
1297 ULONG CurrentJobMemoryUsed;
1298 #if (NTDDI_VERSION == NTDDI_WINXP)
1299 FAST_MUTEX MemoryLimitsLock;
1300 #elif (NTDDI_VERSION == NTDDI_WS03)
1301 KGUARDED_MUTEX MemoryLimitsLock;
1302 #elif (NTDDI_VERSION >= NTDDI_LONGHORN)
1303 EX_PUSH_LOCK MemoryLimitsLock;
1304 #endif
1305 LIST_ENTRY JobSetLinks;
1306 ULONG MemberLevel;
1307 ULONG JobFlags;
1308 } EJOB, *PEJOB;
1309 #include <poppack.h>
1310
1311 //
1312 // Win32K Callback Registration Data
1313 //
1314 typedef struct _WIN32_POWEREVENT_PARAMETERS
1315 {
1316 PSPOWEREVENTTYPE EventNumber;
1317 ULONG Code;
1318 } WIN32_POWEREVENT_PARAMETERS, *PWIN32_POWEREVENT_PARAMETERS;
1319
1320 typedef struct _WIN32_POWERSTATE_PARAMETERS
1321 {
1322 UCHAR Promotion;
1323 POWER_ACTION SystemAction;
1324 SYSTEM_POWER_STATE MinSystemState;
1325 ULONG Flags;
1326 POWERSTATETASK PowerStateTask;
1327 } WIN32_POWERSTATE_PARAMETERS, *PWIN32_POWERSTATE_PARAMETERS;
1328
1329 typedef struct _WIN32_JOBCALLOUT_PARAMETERS
1330 {
1331 PVOID Job;
1332 PSW32JOBCALLOUTTYPE CalloutType;
1333 PVOID Data;
1334 } WIN32_JOBCALLOUT_PARAMETERS, *PWIN32_JOBCALLOUT_PARAMETERS;
1335
1336 typedef struct _WIN32_OPENMETHOD_PARAMETERS
1337 {
1338 OB_OPEN_REASON OpenReason;
1339 PEPROCESS Process;
1340 PVOID Object;
1341 ULONG GrantedAccess;
1342 ULONG HandleCount;
1343 } WIN32_OPENMETHOD_PARAMETERS, *PWIN32_OPENMETHOD_PARAMETERS;
1344
1345 typedef struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS
1346 {
1347 PEPROCESS Process;
1348 PVOID Object;
1349 HANDLE Handle;
1350 KPROCESSOR_MODE PreviousMode;
1351 } WIN32_OKAYTOCLOSEMETHOD_PARAMETERS, *PWIN32_OKAYTOCLOSEMETHOD_PARAMETERS;
1352
1353 typedef struct _WIN32_CLOSEMETHOD_PARAMETERS
1354 {
1355 PEPROCESS Process;
1356 PVOID Object;
1357 ACCESS_MASK AccessMask;
1358 ULONG ProcessHandleCount;
1359 ULONG SystemHandleCount;
1360 } WIN32_CLOSEMETHOD_PARAMETERS, *PWIN32_CLOSEMETHOD_PARAMETERS;
1361
1362 typedef struct _WIN32_DELETEMETHOD_PARAMETERS
1363 {
1364 PVOID Object;
1365 } WIN32_DELETEMETHOD_PARAMETERS, *PWIN32_DELETEMETHOD_PARAMETERS;
1366
1367 typedef struct _WIN32_PARSEMETHOD_PARAMETERS
1368 {
1369 PVOID ParseObject;
1370 PVOID ObjectType;
1371 PACCESS_STATE AccessState;
1372 KPROCESSOR_MODE AccessMode;
1373 ULONG Attributes;
1374 OUT PUNICODE_STRING CompleteName;
1375 PUNICODE_STRING RemainingName;
1376 PVOID Context;
1377 PSECURITY_QUALITY_OF_SERVICE SecurityQos;
1378 PVOID *Object;
1379 } WIN32_PARSEMETHOD_PARAMETERS, *PWIN32_PARSEMETHOD_PARAMETERS;
1380
1381 typedef struct _WIN32_CALLOUTS_FPNS
1382 {
1383 PKWIN32_PROCESS_CALLOUT ProcessCallout;
1384 PKWIN32_THREAD_CALLOUT ThreadCallout;
1385 PKWIN32_GLOBALATOMTABLE_CALLOUT GlobalAtomTableCallout;
1386 PKWIN32_POWEREVENT_CALLOUT PowerEventCallout;
1387 PKWIN32_POWERSTATE_CALLOUT PowerStateCallout;
1388 PKWIN32_JOB_CALLOUT JobCallout;
1389 PGDI_BATCHFLUSH_ROUTINE BatchFlushRoutine;
1390 PKWIN32_OPENMETHOD_CALLOUT DesktopOpenProcedure;
1391 PKWIN32_OKTOCLOSEMETHOD_CALLOUT DesktopOkToCloseProcedure;
1392 PKWIN32_CLOSEMETHOD_CALLOUT DesktopCloseProcedure;
1393 PKWIN32_DELETEMETHOD_CALLOUT DesktopDeleteProcedure;
1394 PKWIN32_OKTOCLOSEMETHOD_CALLOUT WindowStationOkToCloseProcedure;
1395 PKWIN32_CLOSEMETHOD_CALLOUT WindowStationCloseProcedure;
1396 PKWIN32_DELETEMETHOD_CALLOUT WindowStationDeleteProcedure;
1397 PKWIN32_PARSEMETHOD_CALLOUT WindowStationParseProcedure;
1398 PKWIN32_OPENMETHOD_CALLOUT WindowStationOpenProcedure;
1399 PKWIN32_WIN32DATACOLLECTION_CALLOUT Win32DataCollectionProcedure;
1400 } WIN32_CALLOUTS_FPNS, *PWIN32_CALLOUTS_FPNS;
1401
1402 #endif // !NTOS_MODE_USER
1403
1404 #endif // _PSTYPES_H