projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[NDK]
[reactos.git] / reactos / include / ndk / pstypes.h
1 /*++ NDK Version: 0098
2
3 Copyright (c) Alex Ionescu. All rights reserved.
4
5 Header Name:
6
7 pstypes.h
8
9 Abstract:
10
11 Type definitions for the Process Manager
12
13 Author:
14
15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16
17 --*/
18
19 #ifndef _PSTYPES_H
20 #define _PSTYPES_H
21
22 //
23 // Dependencies
24 //
25 #include <umtypes.h>
26 #include <ldrtypes.h>
27 #include <mmtypes.h>
28 #include <obtypes.h>
29 #include <rtltypes.h>
30 #ifndef NTOS_MODE_USER
31 #include <extypes.h>
32 #include <setypes.h>
33 #endif
34
35 #ifdef __cplusplus
36 extern "C" {
37 #endif
38
39 #ifndef NTOS_MODE_USER
40
41 //
42 // Kernel Exported Object Types
43 //
44 extern POBJECT_TYPE NTSYSAPI PsJobType;
45
46 #endif // !NTOS_MODE_USER
47
48 //
49 // KUSER_SHARED_DATA location in User Mode
50 //
51 #define USER_SHARED_DATA (0x7FFE0000)
52
53 //
54 // Global Flags
55 //
56 #define FLG_STOP_ON_EXCEPTION 0x00000001
57 #define FLG_SHOW_LDR_SNAPS 0x00000002
58 #define FLG_DEBUG_INITIAL_COMMAND 0x00000004
59 #define FLG_STOP_ON_HUNG_GUI 0x00000008
60 #define FLG_HEAP_ENABLE_TAIL_CHECK 0x00000010
61 #define FLG_HEAP_ENABLE_FREE_CHECK 0x00000020
62 #define FLG_HEAP_VALIDATE_PARAMETERS 0x00000040
63 #define FLG_HEAP_VALIDATE_ALL 0x00000080
64 #define FLG_POOL_ENABLE_TAIL_CHECK 0x00000100
65 #define FLG_POOL_ENABLE_FREE_CHECK 0x00000200
66 #define FLG_POOL_ENABLE_TAGGING 0x00000400
67 #define FLG_HEAP_ENABLE_TAGGING 0x00000800
68 #define FLG_USER_STACK_TRACE_DB 0x00001000
69 #define FLG_KERNEL_STACK_TRACE_DB 0x00002000
70 #define FLG_MAINTAIN_OBJECT_TYPELIST 0x00004000
71 #define FLG_HEAP_ENABLE_TAG_BY_DLL 0x00008000
72 #define FLG_IGNORE_DEBUG_PRIV 0x00010000
73 #define FLG_ENABLE_CSRDEBUG 0x00020000
74 #define FLG_ENABLE_KDEBUG_SYMBOL_LOAD 0x00040000
75 #define FLG_DISABLE_PAGE_KERNEL_STACKS 0x00080000
76 #if (NTDDI_VERSION < NTDDI_WINXP)
77 #define FLG_HEAP_ENABLE_CALL_TRACING 0x00100000
78 #else
79 #define FLG_ENABLE_SYSTEM_CRIT_BREAKS 0x00100000
80 #endif
81 #define FLG_HEAP_DISABLE_COALESCING 0x00200000
82 #define FLG_ENABLE_CLOSE_EXCEPTIONS 0x00400000
83 #define FLG_ENABLE_EXCEPTION_LOGGING 0x00800000
84 #define FLG_ENABLE_HANDLE_TYPE_TAGGING 0x01000000
85 #define FLG_HEAP_PAGE_ALLOCS 0x02000000
86 #define FLG_DEBUG_INITIAL_COMMAND_EX 0x04000000
87 #define FLG_VALID_BITS 0x07FFFFFF
88
89 //
90 // Flags for NtCreateProcessEx
91 //
92 #define PROCESS_CREATE_FLAGS_BREAKAWAY 0x00000001
93 #define PROCESS_CREATE_FLAGS_NO_DEBUG_INHERIT 0x00000002
94 #define PROCESS_CREATE_FLAGS_INHERIT_HANDLES 0x00000004
95 #define PROCESS_CREATE_FLAGS_OVERRIDE_ADDRESS_SPACE 0x00000008
96 #define PROCESS_CREATE_FLAGS_LARGE_PAGES 0x00000010
97
98 //
99 // Process priority classes
100 //
101 #define PROCESS_PRIORITY_CLASS_INVALID 0
102 #define PROCESS_PRIORITY_CLASS_IDLE 1
103 #define PROCESS_PRIORITY_CLASS_NORMAL 2
104 #define PROCESS_PRIORITY_CLASS_HIGH 3
105 #define PROCESS_PRIORITY_CLASS_REALTIME 4
106 #define PROCESS_PRIORITY_CLASS_BELOW_NORMAL 5
107 #define PROCESS_PRIORITY_CLASS_ABOVE_NORMAL 6
108
109 //
110 // NtCreateProcessEx flags
111 //
112 #define PS_REQUEST_BREAKAWAY 1
113 #define PS_NO_DEBUG_INHERIT 2
114 #define PS_INHERIT_HANDLES 4
115 #define PS_LARGE_PAGES 8
116 #define PS_ALL_FLAGS (PS_REQUEST_BREAKAWAY | \
117 PS_NO_DEBUG_INHERIT | \
118 PS_INHERIT_HANDLES | \
119 PS_LARGE_PAGES)
120
121 //
122 // Process base priorities
123 //
124 #define PROCESS_PRIORITY_IDLE 3
125 #define PROCESS_PRIORITY_NORMAL 8
126 #define PROCESS_PRIORITY_NORMAL_FOREGROUND 9
127
128 //
129 // Process memory priorities
130 //
131 #define MEMORY_PRIORITY_BACKGROUND 0
132 #define MEMORY_PRIORITY_UNKNOWN 1
133 #define MEMORY_PRIORITY_FOREGROUND 2
134
135 //
136 // Process Priority Separation Values (OR)
137 //
138 #define PSP_VARIABLE_QUANTUMS 4
139 #define PSP_LONG_QUANTUMS 16
140
141 #ifndef NTOS_MODE_USER
142 //
143 // Thread Access Types
144 //
145 #define THREAD_QUERY_INFORMATION 0x0040
146 #define THREAD_SET_THREAD_TOKEN 0x0080
147 #define THREAD_IMPERSONATE 0x0100
148 #define THREAD_DIRECT_IMPERSONATION 0x0200
149
150 //
151 // Process Access Types
152 //
153 #define PROCESS_TERMINATE 0x0001
154 #define PROCESS_CREATE_THREAD 0x0002
155 #define PROCESS_SET_SESSIONID 0x0004
156 #define PROCESS_VM_OPERATION 0x0008
157 #define PROCESS_VM_READ 0x0010
158 #define PROCESS_VM_WRITE 0x0020
159 #define PROCESS_CREATE_PROCESS 0x0080
160 #define PROCESS_SET_QUOTA 0x0100
161 #define PROCESS_SET_INFORMATION 0x0200
162 #define PROCESS_QUERY_INFORMATION 0x0400
163 #define PROCESS_SUSPEND_RESUME 0x0800
164 #define PROCESS_QUERY_LIMITED_INFORMATION 0x1000
165 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
166 #define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
167 SYNCHRONIZE | \
168 0xFFFF)
169 #else
170 #define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
171 SYNCHRONIZE | \
172 0xFFF)
173 #endif
174
175 //
176 // Thread Base Priorities
177 //
178 #define THREAD_BASE_PRIORITY_LOWRT 15
179 #define THREAD_BASE_PRIORITY_MAX 2
180 #define THREAD_BASE_PRIORITY_MIN -2
181 #define THREAD_BASE_PRIORITY_IDLE -15
182
183 //
184 // TLS Slots
185 //
186 #define TLS_MINIMUM_AVAILABLE 64
187
188 //
189 // Job Access Types
190 //
191 #define JOB_OBJECT_ASSIGN_PROCESS 0x1
192 #define JOB_OBJECT_SET_ATTRIBUTES 0x2
193 #define JOB_OBJECT_QUERY 0x4
194 #define JOB_OBJECT_TERMINATE 0x8
195 #define JOB_OBJECT_SET_SECURITY_ATTRIBUTES 0x10
196 #define JOB_OBJECT_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
197 SYNCHRONIZE | \
198 31)
199
200 //
201 // Job Limit Flags
202 //
203 #define JOB_OBJECT_LIMIT_WORKINGSET 0x1
204 #define JOB_OBJECT_LIMIT_PROCESS_TIME 0x2
205 #define JOB_OBJECT_LIMIT_JOB_TIME 0x4
206 #define JOB_OBJECT_LIMIT_ACTIVE_PROCESS 0x8
207 #define JOB_OBJECT_LIMIT_AFFINITY 0x10
208 #define JOB_OBJECT_LIMIT_PRIORITY_CLASS 0x20
209 #define JOB_OBJECT_LIMIT_PRESERVE_JOB_TIME 0x40
210 #define JOB_OBJECT_LIMIT_SCHEDULING_CLASS 0x80
211 #define JOB_OBJECT_LIMIT_PROCESS_MEMORY 0x100
212 #define JOB_OBJECT_LIMIT_JOB_MEMORY 0x200
213 #define JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION 0x400
214 #define JOB_OBJECT_LIMIT_BREAKAWAY_OK 0x800
215 #define JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK 0x1000
216 #define JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE 0x2000
217
218 //
219 // Cross Thread Flags
220 //
221 #define CT_TERMINATED_BIT 0x1
222 #define CT_DEAD_THREAD_BIT 0x2
223 #define CT_HIDE_FROM_DEBUGGER_BIT 0x4
224 #define CT_ACTIVE_IMPERSONATION_INFO_BIT 0x8
225 #define CT_SYSTEM_THREAD_BIT 0x10
226 #define CT_HARD_ERRORS_ARE_DISABLED_BIT 0x20
227 #define CT_BREAK_ON_TERMINATION_BIT 0x40
228 #define CT_SKIP_CREATION_MSG_BIT 0x80
229 #define CT_SKIP_TERMINATION_MSG_BIT 0x100
230
231 //
232 // Same Thread Passive Flags
233 //
234 #define STP_ACTIVE_EX_WORKER_BIT 0x1
235 #define STP_EX_WORKER_CAN_WAIT_USER_BIT 0x2
236 #define STP_MEMORY_MAKER_BIT 0x4
237 #define STP_KEYED_EVENT_IN_USE_BIT 0x8
238
239 //
240 // Same Thread APC Flags
241 //
242 #define STA_LPC_RECEIVED_MSG_ID_VALID_BIT 0x1
243 #define STA_LPC_EXIT_THREAD_CALLED_BIT 0x2
244 #define STA_ADDRESS_SPACE_OWNER_BIT 0x4
245 #define STA_OWNS_WORKING_SET_BITS 0x1F8
246
247 //
248 // Kernel Process flags (maybe in ketypes.h?)
249 //
250 #define KPSF_AUTO_ALIGNMENT_BIT 0
251 #define KPSF_DISABLE_BOOST_BIT 1
252
253 //
254 // Process Flags
255 //
256 #define PSF_CREATE_REPORTED_BIT 0x1
257 #define PSF_NO_DEBUG_INHERIT_BIT 0x2
258 #define PSF_PROCESS_EXITING_BIT 0x4
259 #define PSF_PROCESS_DELETE_BIT 0x8
260 #define PSF_WOW64_SPLIT_PAGES_BIT 0x10
261 #define PSF_VM_DELETED_BIT 0x20
262 #define PSF_OUTSWAP_ENABLED_BIT 0x40
263 #define PSF_OUTSWAPPED_BIT 0x80
264 #define PSF_FORK_FAILED_BIT 0x100
265 #define PSF_WOW64_VA_SPACE_4GB_BIT 0x200
266 #define PSF_ADDRESS_SPACE_INITIALIZED_BIT 0x400
267 #define PSF_SET_TIMER_RESOLUTION_BIT 0x1000
268 #define PSF_BREAK_ON_TERMINATION_BIT 0x2000
269 #define PSF_SESSION_CREATION_UNDERWAY_BIT 0x4000
270 #define PSF_WRITE_WATCH_BIT 0x8000
271 #define PSF_PROCESS_IN_SESSION_BIT 0x10000
272 #define PSF_OVERRIDE_ADDRESS_SPACE_BIT 0x20000
273 #define PSF_HAS_ADDRESS_SPACE_BIT 0x40000
274 #define PSF_LAUNCH_PREFETCHED_BIT 0x80000
275 #define PSF_INJECT_INPAGE_ERRORS_BIT 0x100000
276 #define PSF_VM_TOP_DOWN_BIT 0x200000
277 #define PSF_IMAGE_NOTIFY_DONE_BIT 0x400000
278 #define PSF_PDE_UPDATE_NEEDED_BIT 0x800000
279 #define PSF_VDM_ALLOWED_BIT 0x1000000
280 #define PSF_SWAP_ALLOWED_BIT 0x2000000
281 #define PSF_CREATE_FAILED_BIT 0x4000000
282 #define PSF_DEFAULT_IO_PRIORITY_BIT 0x8000000
283
284 //
285 // Vista Process Flags
286 //
287 #define PSF2_PROTECTED_BIT 0x800
288 #endif
289
290 //
291 // TLS/FLS Defines
292 //
293 #define TLS_EXPANSION_SLOTS 1024
294
295 #ifdef NTOS_MODE_USER
296 //
297 // Thread Native Base Priorities
298 //
299 #define LOW_PRIORITY 0
300 #define LOW_REALTIME_PRIORITY 16
301 #define HIGH_PRIORITY 31
302 #define MAXIMUM_PRIORITY 32
303
304 //
305 // Current Process/Thread built-in 'special' handles
306 //
307 #define NtCurrentProcess() ((HANDLE)(LONG_PTR)-1)
308 #define ZwCurrentProcess() NtCurrentProcess()
309 #define NtCurrentThread() ((HANDLE)(LONG_PTR)-2)
310 #define ZwCurrentThread() NtCurrentThread()
311
312 //
313 // Process/Thread/Job Information Classes for NtQueryInformationProcess/Thread/Job
314 //
315 typedef enum _PROCESSINFOCLASS
316 {
317 ProcessBasicInformation,
318 ProcessQuotaLimits,
319 ProcessIoCounters,
320 ProcessVmCounters,
321 ProcessTimes,
322 ProcessBasePriority,
323 ProcessRaisePriority,
324 ProcessDebugPort,
325 ProcessExceptionPort,
326 ProcessAccessToken,
327 ProcessLdtInformation,
328 ProcessLdtSize,
329 ProcessDefaultHardErrorMode,
330 ProcessIoPortHandlers,
331 ProcessPooledUsageAndLimits,
332 ProcessWorkingSetWatch,
333 ProcessUserModeIOPL,
334 ProcessEnableAlignmentFaultFixup,
335 ProcessPriorityClass,
336 ProcessWx86Information,
337 ProcessHandleCount,
338 ProcessAffinityMask,
339 ProcessPriorityBoost,
340 ProcessDeviceMap,
341 ProcessSessionInformation,
342 ProcessForegroundInformation,
343 ProcessWow64Information,
344 ProcessImageFileName,
345 ProcessLUIDDeviceMapsEnabled,
346 ProcessBreakOnTermination,
347 ProcessDebugObjectHandle,
348 ProcessDebugFlags,
349 ProcessHandleTracing,
350 ProcessIoPriority,
351 ProcessExecuteFlags,
352 ProcessTlsInformation,
353 ProcessCookie,
354 ProcessImageInformation,
355 ProcessCycleTime,
356 ProcessPagePriority,
357 ProcessInstrumentationCallback,
358 ProcessThreadStackAllocation,
359 ProcessWorkingSetWatchEx,
360 ProcessImageFileNameWin32,
361 ProcessImageFileMapping,
362 ProcessAffinityUpdateMode,
363 ProcessMemoryAllocationMode,
364 MaxProcessInfoClass
365 } PROCESSINFOCLASS;
366
367 typedef enum _THREADINFOCLASS
368 {
369 ThreadBasicInformation,
370 ThreadTimes,
371 ThreadPriority,
372 ThreadBasePriority,
373 ThreadAffinityMask,
374 ThreadImpersonationToken,
375 ThreadDescriptorTableEntry,
376 ThreadEnableAlignmentFaultFixup,
377 ThreadEventPair_Reusable,
378 ThreadQuerySetWin32StartAddress,
379 ThreadZeroTlsCell,
380 ThreadPerformanceCount,
381 ThreadAmILastThread,
382 ThreadIdealProcessor,
383 ThreadPriorityBoost,
384 ThreadSetTlsArrayAddress,
385 ThreadIsIoPending,
386 ThreadHideFromDebugger,
387 ThreadBreakOnTermination,
388 ThreadSwitchLegacyState,
389 ThreadIsTerminated,
390 ThreadLastSystemCall,
391 ThreadIoPriority,
392 ThreadCycleTime,
393 ThreadPagePriority,
394 ThreadActualBasePriority,
395 ThreadTebInformation,
396 ThreadCSwitchMon,
397 MaxThreadInfoClass
398 } THREADINFOCLASS;
399
400 #else
401
402 typedef enum _PSPROCESSPRIORITYMODE
403 {
404 PsProcessPriorityForeground,
405 PsProcessPriorityBackground,
406 PsProcessPrioritySpinning
407 } PSPROCESSPRIORITYMODE;
408
409 typedef enum _JOBOBJECTINFOCLASS
410 {
411 JobObjectBasicAccountingInformation = 1,
412 JobObjectBasicLimitInformation,
413 JobObjectBasicProcessIdList,
414 JobObjectBasicUIRestrictions,
415 JobObjectSecurityLimitInformation,
416 JobObjectEndOfJobTimeInformation,
417 JobObjectAssociateCompletionPortInformation,
418 JobObjectBasicAndIoAccountingInformation,
419 JobObjectExtendedLimitInformation,
420 JobObjectJobSetInformation,
421 MaxJobObjectInfoClass
422 } JOBOBJECTINFOCLASS;
423
424 //
425 // Power Event Events for Win32K Power Event Callback
426 //
427 typedef enum _PSPOWEREVENTTYPE
428 {
429 PsW32FullWake = 0,
430 PsW32EventCode = 1,
431 PsW32PowerPolicyChanged = 2,
432 PsW32SystemPowerState = 3,
433 PsW32SystemTime = 4,
434 PsW32DisplayState = 5,
435 PsW32CapabilitiesChanged = 6,
436 PsW32SetStateFailed = 7,
437 PsW32GdiOff = 8,
438 PsW32GdiOn = 9,
439 PsW32GdiPrepareResumeUI = 10,
440 PsW32GdiOffRequest = 11,
441 PsW32MonitorOff = 12,
442 } PSPOWEREVENTTYPE;
443
444 //
445 // Power State Tasks for Win32K Power State Callback
446 //
447 typedef enum _POWERSTATETASK
448 {
449 PowerState_BlockSessionSwitch = 0,
450 PowerState_Init = 1,
451 PowerState_QueryApps = 2,
452 PowerState_QueryServices = 3,
453 PowerState_QueryAppsFailed = 4,
454 PowerState_QueryServicesFailed = 5,
455 PowerState_SuspendApps = 6,
456 PowerState_SuspendServices = 7,
457 PowerState_ShowUI = 8,
458 PowerState_NotifyWL = 9,
459 PowerState_ResumeApps = 10,
460 PowerState_ResumeServices = 11,
461 PowerState_UnBlockSessionSwitch = 12,
462 PowerState_End = 13,
463 PowerState_BlockInput = 14,
464 PowerState_UnblockInput = 15,
465 } POWERSTATETASK;
466
467 //
468 // Win32K Job Callback Types
469 //
470 typedef enum _PSW32JOBCALLOUTTYPE
471 {
472 PsW32JobCalloutSetInformation = 0,
473 PsW32JobCalloutAddProcess = 1,
474 PsW32JobCalloutTerminate = 2,
475 } PSW32JOBCALLOUTTYPE;
476
477 //
478 // Win32K Thread Callback Types
479 //
480 typedef enum _PSW32THREADCALLOUTTYPE
481 {
482 PsW32ThreadCalloutInitialize,
483 PsW32ThreadCalloutExit,
484 } PSW32THREADCALLOUTTYPE;
485
486 //
487 // Declare empty structure definitions so that they may be referenced by
488 // routines before they are defined
489 //
490 struct _W32THREAD;
491 struct _W32PROCESS;
492 //struct _ETHREAD;
493 struct _WIN32_POWEREVENT_PARAMETERS;
494 struct _WIN32_POWERSTATE_PARAMETERS;
495 struct _WIN32_JOBCALLOUT_PARAMETERS;
496 struct _WIN32_OPENMETHOD_PARAMETERS;
497 struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS;
498 struct _WIN32_CLOSEMETHOD_PARAMETERS;
499 struct _WIN32_DELETEMETHOD_PARAMETERS;
500 struct _WIN32_PARSEMETHOD_PARAMETERS;
501
502 //
503 // Win32K Process and Thread Callbacks
504 //
505 typedef
506 NTSTATUS
507 (NTAPI *PKWIN32_PROCESS_CALLOUT)(
508 _In_ struct _EPROCESS *Process,
509 _In_ BOOLEAN Create
510 );
511
512 typedef
513 NTSTATUS
514 (NTAPI *PKWIN32_THREAD_CALLOUT)(
515 _In_ struct _ETHREAD *Thread,
516 _In_ PSW32THREADCALLOUTTYPE Type
517 );
518
519 typedef
520 NTSTATUS
521 (NTAPI *PKWIN32_GLOBALATOMTABLE_CALLOUT)(
522 VOID
523 );
524
525 typedef
526 NTSTATUS
527 (NTAPI *PKWIN32_POWEREVENT_CALLOUT)(
528 _In_ struct _WIN32_POWEREVENT_PARAMETERS *Parameters
529 );
530
531 typedef
532 NTSTATUS
533 (NTAPI *PKWIN32_POWERSTATE_CALLOUT)(
534 _In_ struct _WIN32_POWERSTATE_PARAMETERS *Parameters
535 );
536
537 typedef
538 NTSTATUS
539 (NTAPI *PKWIN32_JOB_CALLOUT)(
540 _In_ struct _WIN32_JOBCALLOUT_PARAMETERS *Parameters
541 );
542
543 typedef
544 NTSTATUS
545 (NTAPI *PGDI_BATCHFLUSH_ROUTINE)(
546 VOID
547 );
548
549 typedef
550 NTSTATUS
551 (NTAPI *PKWIN32_OPENMETHOD_CALLOUT)(
552 _In_ struct _WIN32_OPENMETHOD_PARAMETERS *Parameters
553 );
554
555 typedef
556 NTSTATUS
557 (NTAPI *PKWIN32_OKTOCLOSEMETHOD_CALLOUT)(
558 _In_ struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS *Parameters
559 );
560
561 typedef
562 NTSTATUS
563 (NTAPI *PKWIN32_CLOSEMETHOD_CALLOUT)(
564 _In_ struct _WIN32_CLOSEMETHOD_PARAMETERS *Parameters
565 );
566
567 typedef
568 VOID
569 (NTAPI *PKWIN32_DELETEMETHOD_CALLOUT)(
570 _In_ struct _WIN32_DELETEMETHOD_PARAMETERS *Parameters
571 );
572
573 typedef
574 NTSTATUS
575 (NTAPI *PKWIN32_PARSEMETHOD_CALLOUT)(
576 _In_ struct _WIN32_PARSEMETHOD_PARAMETERS *Parameters
577 );
578
579 typedef
580 NTSTATUS
581 (NTAPI *PKWIN32_WIN32DATACOLLECTION_CALLOUT)(
582 _In_ struct _EPROCESS *Process,
583 _In_ PVOID Callback,
584 _In_ PVOID Context
585 );
586
587 //
588 // Lego Callback
589 //
590 typedef
591 VOID
592 (NTAPI *PLEGO_NOTIFY_ROUTINE)(
593 _In_ PKTHREAD Thread
594 );
595
596 #endif
597
598 typedef NTSTATUS
599 (NTAPI *PPOST_PROCESS_INIT_ROUTINE)(
600 VOID
601 );
602
603 //
604 // Descriptor Table Entry Definition
605 //
606 #if (_M_IX86)
607 #define _DESCRIPTOR_TABLE_ENTRY_DEFINED
608 typedef struct _DESCRIPTOR_TABLE_ENTRY
609 {
610 ULONG Selector;
611 LDT_ENTRY Descriptor;
612 } DESCRIPTOR_TABLE_ENTRY, *PDESCRIPTOR_TABLE_ENTRY;
613 #endif
614
615 //
616 // PEB Lock Routine
617 //
618 typedef VOID
619 (NTAPI *PPEBLOCKROUTINE)(
620 PVOID PebLock
621 );
622
623 //
624 // PEB Free Block Descriptor
625 //
626 typedef struct _PEB_FREE_BLOCK
627 {
628 struct _PEB_FREE_BLOCK* Next;
629 ULONG Size;
630 } PEB_FREE_BLOCK, *PPEB_FREE_BLOCK;
631
632 //
633 // Initial PEB
634 //
635 typedef struct _INITIAL_PEB
636 {
637 BOOLEAN InheritedAddressSpace;
638 BOOLEAN ReadImageFileExecOptions;
639 BOOLEAN BeingDebugged;
640 union
641 {
642 BOOLEAN BitField;
643 #if (NTDDI_VERSION >= NTDDI_WS03)
644 struct
645 {
646 BOOLEAN ImageUsesLargePages:1;
647 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
648 BOOLEAN IsProtectedProcess:1;
649 BOOLEAN IsLegacyProcess:1;
650 BOOLEAN SpareBits:5;
651 #else
652 BOOLEAN SpareBits:7;
653 #endif
654 };
655 #else
656 BOOLEAN SpareBool;
657 #endif
658 };
659 HANDLE Mutant;
660 } INITIAL_PEB, *PINITIAL_PEB;
661
662 //
663 // Initial TEB
664 //
665 typedef struct _INITIAL_TEB
666 {
667 PVOID PreviousStackBase;
668 PVOID PreviousStackLimit;
669 PVOID StackBase;
670 PVOID StackLimit;
671 PVOID AllocatedStackBase;
672 } INITIAL_TEB, *PINITIAL_TEB;
673
674 //
675 // TEB Active Frame Structures
676 //
677 typedef struct _TEB_ACTIVE_FRAME_CONTEXT
678 {
679 ULONG Flags;
680 LPSTR FrameName;
681 } TEB_ACTIVE_FRAME_CONTEXT, *PTEB_ACTIVE_FRAME_CONTEXT;
682
683 typedef struct _TEB_ACTIVE_FRAME
684 {
685 ULONG Flags;
686 struct _TEB_ACTIVE_FRAME *Previous;
687 PTEB_ACTIVE_FRAME_CONTEXT Context;
688 } TEB_ACTIVE_FRAME, *PTEB_ACTIVE_FRAME;
689
690 typedef struct _CLIENT_ID32
691 {
692 ULONG UniqueProcess;
693 ULONG UniqueThread;
694 } CLIENT_ID32, *PCLIENT_ID32;
695
696 typedef struct _CLIENT_ID64
697 {
698 ULONG64 UniqueProcess;
699 ULONG64 UniqueThread;
700 } CLIENT_ID64, *PCLIENT_ID64;
701
702 #if (NTDDI_VERSION < NTDDI_WS03)
703 typedef struct _Wx86ThreadState
704 {
705 PULONG CallBx86Eip;
706 PVOID DeallocationCpu;
707 BOOLEAN UseKnownWx86Dll;
708 CHAR OleStubInvoked;
709 } Wx86ThreadState, *PWx86ThreadState;
710 #endif
711
712
713 //
714 // Process Environment Block (PEB)
715 // Thread Environment Block (TEB)
716 //
717 #include "peb_teb.h"
718
719 #ifdef _WIN64
720 //
721 // Explicit 32 bit PEB/TEB
722 //
723 #define EXPLICIT_32BIT
724 #include "peb_teb.h"
725 #undef EXPLICIT_32BIT
726
727 //
728 // Explicit 64 bit PEB/TEB
729 //
730 #define EXPLICIT_64BIT
731 #include "peb_teb.h"
732 #undef EXPLICIT_64BIT
733 #endif
734
735 #ifdef NTOS_MODE_USER
736
737 //
738 // Process Information Structures for NtQueryProcessInformation
739 //
740 typedef struct _PROCESS_BASIC_INFORMATION
741 {
742 NTSTATUS ExitStatus;
743 PPEB PebBaseAddress;
744 ULONG_PTR AffinityMask;
745 KPRIORITY BasePriority;
746 ULONG_PTR UniqueProcessId;
747 ULONG_PTR InheritedFromUniqueProcessId;
748 } PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION;
749
750 typedef struct _PROCESS_ACCESS_TOKEN
751 {
752 HANDLE Token;
753 HANDLE Thread;
754 } PROCESS_ACCESS_TOKEN, *PPROCESS_ACCESS_TOKEN;
755
756 typedef struct _PROCESS_DEVICEMAP_INFORMATION
757 {
758 union
759 {
760 struct
761 {
762 HANDLE DirectoryHandle;
763 } Set;
764 struct
765 {
766 ULONG DriveMap;
767 UCHAR DriveType[32];
768 } Query;
769 };
770 } PROCESS_DEVICEMAP_INFORMATION, *PPROCESS_DEVICEMAP_INFORMATION;
771
772 typedef struct _KERNEL_USER_TIMES
773 {
774 LARGE_INTEGER CreateTime;
775 LARGE_INTEGER ExitTime;
776 LARGE_INTEGER KernelTime;
777 LARGE_INTEGER UserTime;
778 } KERNEL_USER_TIMES, *PKERNEL_USER_TIMES;
779
780 typedef struct _POOLED_USAGE_AND_LIMITS
781 {
782 SIZE_T PeakPagedPoolUsage;
783 SIZE_T PagedPoolUsage;
784 SIZE_T PagedPoolLimit;
785 SIZE_T PeakNonPagedPoolUsage;
786 SIZE_T NonPagedPoolUsage;
787 SIZE_T NonPagedPoolLimit;
788 SIZE_T PeakPagefileUsage;
789 SIZE_T PagefileUsage;
790 SIZE_T PagefileLimit;
791 } POOLED_USAGE_AND_LIMITS, *PPOOLED_USAGE_AND_LIMITS;
792
793 typedef struct _PROCESS_SESSION_INFORMATION
794 {
795 ULONG SessionId;
796 } PROCESS_SESSION_INFORMATION, *PPROCESS_SESSION_INFORMATION;
797
798 #endif
799
800 typedef struct _PROCESS_PRIORITY_CLASS
801 {
802 BOOLEAN Foreground;
803 UCHAR PriorityClass;
804 } PROCESS_PRIORITY_CLASS, *PPROCESS_PRIORITY_CLASS;
805
806 typedef struct _PROCESS_FOREGROUND_BACKGROUND
807 {
808 BOOLEAN Foreground;
809 } PROCESS_FOREGROUND_BACKGROUND, *PPROCESS_FOREGROUND_BACKGROUND;
810
811 //
812 // Thread Information Structures for NtQueryProcessInformation
813 //
814 typedef struct _THREAD_BASIC_INFORMATION
815 {
816 NTSTATUS ExitStatus;
817 PVOID TebBaseAddress;
818 CLIENT_ID ClientId;
819 KAFFINITY AffinityMask;
820 KPRIORITY Priority;
821 KPRIORITY BasePriority;
822 } THREAD_BASIC_INFORMATION, *PTHREAD_BASIC_INFORMATION;
823
824 #ifndef NTOS_MODE_USER
825
826 //
827 // Job Set Array
828 //
829 typedef struct _JOB_SET_ARRAY
830 {
831 HANDLE JobHandle;
832 ULONG MemberLevel;
833 ULONG Flags;
834 } JOB_SET_ARRAY, *PJOB_SET_ARRAY;
835
836 //
837 // EPROCESS Quota Structures
838 //
839 typedef struct _EPROCESS_QUOTA_ENTRY
840 {
841 SIZE_T Usage;
842 SIZE_T Limit;
843 SIZE_T Peak;
844 SIZE_T Return;
845 } EPROCESS_QUOTA_ENTRY, *PEPROCESS_QUOTA_ENTRY;
846
847 typedef struct _EPROCESS_QUOTA_BLOCK
848 {
849 EPROCESS_QUOTA_ENTRY QuotaEntry[3];
850 LIST_ENTRY QuotaList;
851 ULONG ReferenceCount;
852 ULONG ProcessCount;
853 } EPROCESS_QUOTA_BLOCK, *PEPROCESS_QUOTA_BLOCK;
854
855 //
856 // Process Pagefault History
857 //
858 typedef struct _PAGEFAULT_HISTORY
859 {
860 ULONG CurrentIndex;
861 ULONG MapIndex;
862 KSPIN_LOCK SpinLock;
863 PVOID Reserved;
864 PROCESS_WS_WATCH_INFORMATION WatchInfo[1];
865 } PAGEFAULT_HISTORY, *PPAGEFAULT_HISTORY;
866
867 //
868 // Process Impersonation Information
869 //
870 typedef struct _PS_IMPERSONATION_INFORMATION
871 {
872 PACCESS_TOKEN Token;
873 BOOLEAN CopyOnOpen;
874 BOOLEAN EffectiveOnly;
875 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
876 } PS_IMPERSONATION_INFORMATION, *PPS_IMPERSONATION_INFORMATION;
877
878 //
879 // Process Termination Port
880 //
881 typedef struct _TERMINATION_PORT
882 {
883 struct _TERMINATION_PORT *Next;
884 PVOID Port;
885 } TERMINATION_PORT, *PTERMINATION_PORT;
886
887 //
888 // Per-Process APC Rate Limiting
889 //
890 typedef struct _PSP_RATE_APC
891 {
892 union
893 {
894 SINGLE_LIST_ENTRY NextApc;
895 ULONGLONG ExcessCycles;
896 };
897 ULONGLONG TargetGEneration;
898 KAPC RateApc;
899 } PSP_RATE_APC, *PPSP_RATE_APC;
900
901 //
902 // Executive Thread (ETHREAD)
903 //
904 typedef struct _ETHREAD
905 {
906 KTHREAD Tcb;
907 LARGE_INTEGER CreateTime;
908 union
909 {
910 LARGE_INTEGER ExitTime;
911 LIST_ENTRY LpcReplyChain;
912 LIST_ENTRY KeyedWaitChain;
913 };
914 union
915 {
916 NTSTATUS ExitStatus;
917 PVOID OfsChain;
918 };
919 LIST_ENTRY PostBlockList;
920 union
921 {
922 struct _TERMINATION_PORT *TerminationPort;
923 struct _ETHREAD *ReaperLink;
924 PVOID KeyedWaitValue;
925 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
926 PVOID Win32StartParameter;
927 #endif
928 };
929 KSPIN_LOCK ActiveTimerListLock;
930 LIST_ENTRY ActiveTimerListHead;
931 CLIENT_ID Cid;
932 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
933 KSEMAPHORE KeyedWaitSemaphore;
934 #else
935 union
936 {
937 KSEMAPHORE LpcReplySemaphore;
938 KSEMAPHORE KeyedWaitSemaphore;
939 };
940 union
941 {
942 PVOID LpcReplyMessage;
943 PVOID LpcWaitingOnPort;
944 };
945 #endif
946 PPS_IMPERSONATION_INFORMATION ImpersonationInfo;
947 LIST_ENTRY IrpList;
948 ULONG_PTR TopLevelIrp;
949 PDEVICE_OBJECT DeviceToVerify;
950 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
951 PPSP_RATE_APC RateControlApc;
952 #else
953 struct _EPROCESS *ThreadsProcess;
954 #endif
955 PVOID Win32StartAddress;
956 union
957 {
958 PKSTART_ROUTINE StartAddress;
959 ULONG LpcReceivedMessageId;
960 };
961 LIST_ENTRY ThreadListEntry;
962 EX_RUNDOWN_REF RundownProtect;
963 EX_PUSH_LOCK ThreadLock;
964 #if (NTDDI_VERSION < NTDDI_LONGHORN)
965 ULONG LpcReplyMessageId;
966 #endif
967 ULONG ReadClusterSize;
968 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
969 ULONG SpareUlong0;
970 #else
971 ACCESS_MASK GrantedAccess;
972 #endif
973 union
974 {
975 struct
976 {
977 ULONG Terminated:1;
978 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
979 ULONG ThreadInserted:1;
980 #else
981 ULONG DeadThread:1;
982 #endif
983 ULONG HideFromDebugger:1;
984 ULONG ActiveImpersonationInfo:1;
985 ULONG SystemThread:1;
986 ULONG HardErrorsAreDisabled:1;
987 ULONG BreakOnTermination:1;
988 ULONG SkipCreationMsg:1;
989 ULONG SkipTerminationMsg:1;
990 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
991 ULONG CreateMsgSent:1;
992 ULONG ThreadIoPriority:3;
993 ULONG ThreadPagePriority:3;
994 ULONG PendingRatecontrol:1;
995 #endif
996 };
997 ULONG CrossThreadFlags;
998 };
999 union
1000 {
1001 struct
1002 {
1003 ULONG ActiveExWorker:1;
1004 ULONG ExWorkerCanWaitUser:1;
1005 ULONG MemoryMaker:1;
1006 ULONG KeyedEventInUse:1;
1007 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1008 ULONG RateApcState:2;
1009 #endif
1010 };
1011 ULONG SameThreadPassiveFlags;
1012 };
1013 union
1014 {
1015 struct
1016 {
1017 ULONG LpcReceivedMsgIdValid:1;
1018 ULONG LpcExitThreadCalled:1;
1019 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1020 ULONG Spare:1;
1021 #else
1022 ULONG AddressSpaceOwner:1;
1023 #endif
1024 ULONG OwnsProcessWorkingSetExclusive:1;
1025 ULONG OwnsProcessWorkingSetShared:1;
1026 ULONG OwnsSystemWorkingSetExclusive:1;
1027 ULONG OwnsSystemWorkingSetShared:1;
1028 ULONG OwnsSessionWorkingSetExclusive:1;
1029 ULONG OwnsSessionWorkingSetShared:1;
1030 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1031 ULONG SupressSymbolLoad:1;
1032 ULONG Spare1:3;
1033 ULONG PriorityRegionActive:4;
1034 #else
1035 ULONG ApcNeeded:1;
1036 #endif
1037 };
1038 ULONG SameThreadApcFlags;
1039 };
1040 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1041 UCHAR CacheManagerActive;
1042 #else
1043 UCHAR ForwardClusterOnly;
1044 #endif
1045 UCHAR DisablePageFaultClustering;
1046 UCHAR ActiveFaultCount;
1047 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1048 ULONG AlpcMessageId;
1049 union
1050 {
1051 PVOID AlpcMessage;
1052 ULONG AlpcReceiveAttributeSet;
1053 };
1054 LIST_ENTRY AlpcWaitListEntry;
1055 KSEMAPHORE AlpcWaitSemaphore;
1056 ULONG CacheManagerCount;
1057 #endif
1058 } ETHREAD;
1059
1060 //
1061 // Executive Process (EPROCESS)
1062 //
1063 typedef struct _EPROCESS
1064 {
1065 KPROCESS Pcb;
1066 EX_PUSH_LOCK ProcessLock;
1067 LARGE_INTEGER CreateTime;
1068 LARGE_INTEGER ExitTime;
1069 EX_RUNDOWN_REF RundownProtect;
1070 HANDLE UniqueProcessId;
1071 LIST_ENTRY ActiveProcessLinks;
1072 SIZE_T QuotaUsage[3]; /* 0=PagedPool, 1=NonPagedPool, 2=Pagefile */
1073 SIZE_T QuotaPeak[3]; /* ditto */
1074 SIZE_T CommitCharge;
1075 SIZE_T PeakVirtualSize;
1076 SIZE_T VirtualSize;
1077 LIST_ENTRY SessionProcessLinks;
1078 PVOID DebugPort;
1079 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1080 union
1081 {
1082 PVOID ExceptionPortData;
1083 ULONG ExceptionPortValue;
1084 UCHAR ExceptionPortState:3;
1085 };
1086 #else
1087 PVOID ExceptionPort;
1088 #endif
1089 PHANDLE_TABLE ObjectTable;
1090 EX_FAST_REF Token;
1091 PFN_NUMBER WorkingSetPage;
1092 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1093 EX_PUSH_LOCK AddressCreationLock;
1094 PETHREAD RotateInProgress;
1095 #else
1096 KGUARDED_MUTEX AddressCreationLock;
1097 KSPIN_LOCK HyperSpaceLock;
1098 #endif
1099 PETHREAD ForkInProgress;
1100 ULONG_PTR HardwareTrigger;
1101 PMM_AVL_TABLE PhysicalVadRoot;
1102 PVOID CloneRoot;
1103 PFN_NUMBER NumberOfPrivatePages;
1104 PFN_NUMBER NumberOfLockedPages;
1105 PVOID *Win32Process;
1106 struct _EJOB *Job;
1107 PVOID SectionObject;
1108 PVOID SectionBaseAddress;
1109 PEPROCESS_QUOTA_BLOCK QuotaBlock;
1110 PPAGEFAULT_HISTORY WorkingSetWatch;
1111 PVOID Win32WindowStation;
1112 HANDLE InheritedFromUniqueProcessId;
1113 PVOID LdtInformation;
1114 PVOID VadFreeHint;
1115 PVOID VdmObjects;
1116 PVOID DeviceMap;
1117 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1118 PVOID EtwDataSource;
1119 PVOID FreeTebHint;
1120 #else
1121 PVOID Spare0[3];
1122 #endif
1123 union
1124 {
1125 HARDWARE_PTE PageDirectoryPte;
1126 ULONGLONG Filler;
1127 };
1128 PVOID Session;
1129 CHAR ImageFileName[16];
1130 LIST_ENTRY JobLinks;
1131 PVOID LockedPagesList;
1132 LIST_ENTRY ThreadListHead;
1133 PVOID SecurityPort;
1134 #ifdef _M_AMD64
1135 struct _WOW64_PROCESS *Wow64Process;
1136 #else
1137 PVOID PaeTop;
1138 #endif
1139 ULONG ActiveThreads;
1140 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1141 ULONG ImagePathHash;
1142 #else
1143 ACCESS_MASK GrantedAccess;
1144 #endif
1145 ULONG DefaultHardErrorProcessing;
1146 NTSTATUS LastThreadExitStatus;
1147 struct _PEB* Peb;
1148 EX_FAST_REF PrefetchTrace;
1149 LARGE_INTEGER ReadOperationCount;
1150 LARGE_INTEGER WriteOperationCount;
1151 LARGE_INTEGER OtherOperationCount;
1152 LARGE_INTEGER ReadTransferCount;
1153 LARGE_INTEGER WriteTransferCount;
1154 LARGE_INTEGER OtherTransferCount;
1155 SIZE_T CommitChargeLimit;
1156 SIZE_T CommitChargePeak;
1157 PVOID AweInfo;
1158 SE_AUDIT_PROCESS_CREATION_INFO SeAuditProcessCreationInfo;
1159 MMSUPPORT Vm;
1160 #ifdef _M_AMD64
1161 ULONG Spares[2];
1162 #else
1163 LIST_ENTRY MmProcessLinks;
1164 #endif
1165 ULONG ModifiedPageCount;
1166 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1167 union
1168 {
1169 struct
1170 {
1171 ULONG JobNotReallyActive:1;
1172 ULONG AccountingFolded:1;
1173 ULONG NewProcessReported:1;
1174 ULONG ExitProcessReported:1;
1175 ULONG ReportCommitChanges:1;
1176 ULONG LastReportMemory:1;
1177 ULONG ReportPhysicalPageChanges:1;
1178 ULONG HandleTableRundown:1;
1179 ULONG NeedsHandleRundown:1;
1180 ULONG RefTraceEnabled:1;
1181 ULONG NumaAware:1;
1182 ULONG ProtectedProcess:1;
1183 ULONG DefaultPagePriority:3;
1184 ULONG ProcessDeleteSelf:1;
1185 ULONG ProcessVerifierTarget:1;
1186 };
1187 ULONG Flags2;
1188 };
1189 #else
1190 ULONG JobStatus;
1191 #endif
1192 union
1193 {
1194 struct
1195 {
1196 ULONG CreateReported:1;
1197 ULONG NoDebugInherit:1;
1198 ULONG ProcessExiting:1;
1199 ULONG ProcessDelete:1;
1200 ULONG Wow64SplitPages:1;
1201 ULONG VmDeleted:1;
1202 ULONG OutswapEnabled:1;
1203 ULONG Outswapped:1;
1204 ULONG ForkFailed:1;
1205 ULONG Wow64VaSpace4Gb:1;
1206 ULONG AddressSpaceInitialized:2;
1207 ULONG SetTimerResolution:1;
1208 ULONG BreakOnTermination:1;
1209 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1210 ULONG DeprioritizeViews:1;
1211 #else
1212 ULONG SessionCreationUnderway:1;
1213 #endif
1214 ULONG WriteWatch:1;
1215 ULONG ProcessInSession:1;
1216 ULONG OverrideAddressSpace:1;
1217 ULONG HasAddressSpace:1;
1218 ULONG LaunchPrefetched:1;
1219 ULONG InjectInpageErrors:1;
1220 ULONG VmTopDown:1;
1221 ULONG ImageNotifyDone:1;
1222 ULONG PdeUpdateNeeded:1;
1223 ULONG VdmAllowed:1;
1224 ULONG SmapAllowed:1;
1225 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1226 ULONG ProcessInserted:1;
1227 #else
1228 ULONG CreateFailed:1;
1229 #endif
1230 ULONG DefaultIoPriority:3;
1231 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1232 ULONG SparePsFlags1:2;
1233 #else
1234 ULONG Spare1:1;
1235 ULONG Spare2:1;
1236 #endif
1237 };
1238 ULONG Flags;
1239 };
1240 NTSTATUS ExitStatus;
1241 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1242 USHORT Spare7;
1243 #else
1244 USHORT NextPageColor;
1245 #endif
1246 union
1247 {
1248 struct
1249 {
1250 UCHAR SubSystemMinorVersion;
1251 UCHAR SubSystemMajorVersion;
1252 };
1253 USHORT SubSystemVersion;
1254 };
1255 UCHAR PriorityClass;
1256 MM_AVL_TABLE VadRoot;
1257 ULONG Cookie;
1258 } EPROCESS;
1259
1260 //
1261 // Job Token Filter Data
1262 //
1263 #include <pshpack1.h>
1264 typedef struct _PS_JOB_TOKEN_FILTER
1265 {
1266 ULONG CapturedSidCount;
1267 PSID_AND_ATTRIBUTES CapturedSids;
1268 ULONG CapturedSidsLength;
1269 ULONG CapturedGroupCount;
1270 PSID_AND_ATTRIBUTES CapturedGroups;
1271 ULONG CapturedGroupsLength;
1272 ULONG CapturedPrivilegeCount;
1273 PLUID_AND_ATTRIBUTES CapturedPrivileges;
1274 ULONG CapturedPrivilegesLength;
1275 } PS_JOB_TOKEN_FILTER, *PPS_JOB_TOKEN_FILTER;
1276
1277 //
1278 // Executive Job (EJOB)
1279 //
1280 typedef struct _EJOB
1281 {
1282 KEVENT Event;
1283 LIST_ENTRY JobLinks;
1284 LIST_ENTRY ProcessListHead;
1285 ERESOURCE JobLock;
1286 LARGE_INTEGER TotalUserTime;
1287 LARGE_INTEGER TotalKernelTime;
1288 LARGE_INTEGER ThisPeriodTotalUserTime;
1289 LARGE_INTEGER ThisPeriodTotalKernelTime;
1290 ULONG TotalPageFaultCount;
1291 ULONG TotalProcesses;
1292 ULONG ActiveProcesses;
1293 ULONG TotalTerminatedProcesses;
1294 LARGE_INTEGER PerProcessUserTimeLimit;
1295 LARGE_INTEGER PerJobUserTimeLimit;
1296 ULONG LimitFlags;
1297 ULONG MinimumWorkingSetSize;
1298 ULONG MaximumWorkingSetSize;
1299 ULONG ActiveProcessLimit;
1300 ULONG Affinity;
1301 UCHAR PriorityClass;
1302 ULONG UIRestrictionsClass;
1303 ULONG SecurityLimitFlags;
1304 PVOID Token;
1305 PPS_JOB_TOKEN_FILTER Filter;
1306 ULONG EndOfJobTimeAction;
1307 PVOID CompletionPort;
1308 PVOID CompletionKey;
1309 ULONG SessionId;
1310 ULONG SchedulingClass;
1311 ULONGLONG ReadOperationCount;
1312 ULONGLONG WriteOperationCount;
1313 ULONGLONG OtherOperationCount;
1314 ULONGLONG ReadTransferCount;
1315 ULONGLONG WriteTransferCount;
1316 ULONGLONG OtherTransferCount;
1317 IO_COUNTERS IoInfo;
1318 ULONG ProcessMemoryLimit;
1319 ULONG JobMemoryLimit;
1320 ULONG PeakProcessMemoryUsed;
1321 ULONG PeakJobMemoryUsed;
1322 ULONG CurrentJobMemoryUsed;
1323 #if (NTDDI_VERSION >= NTDDI_WINXP) && (NTDDI_VERSION < NTDDI_WS03)
1324 FAST_MUTEX MemoryLimitsLock;
1325 #elif (NTDDI_VERSION >= NTDDI_WS03) && (NTDDI_VERSION < NTDDI_LONGHORN)
1326 KGUARDED_MUTEX MemoryLimitsLock;
1327 #elif (NTDDI_VERSION >= NTDDI_LONGHORN)
1328 EX_PUSH_LOCK MemoryLimitsLock;
1329 #endif
1330 LIST_ENTRY JobSetLinks;
1331 ULONG MemberLevel;
1332 ULONG JobFlags;
1333 } EJOB, *PEJOB;
1334 #include <poppack.h>
1335
1336 //
1337 // Win32K Callback Registration Data
1338 //
1339 typedef struct _WIN32_POWEREVENT_PARAMETERS
1340 {
1341 PSPOWEREVENTTYPE EventNumber;
1342 ULONG Code;
1343 } WIN32_POWEREVENT_PARAMETERS, *PWIN32_POWEREVENT_PARAMETERS;
1344
1345 typedef struct _WIN32_POWERSTATE_PARAMETERS
1346 {
1347 UCHAR Promotion;
1348 POWER_ACTION SystemAction;
1349 SYSTEM_POWER_STATE MinSystemState;
1350 ULONG Flags;
1351 POWERSTATETASK PowerStateTask;
1352 } WIN32_POWERSTATE_PARAMETERS, *PWIN32_POWERSTATE_PARAMETERS;
1353
1354 typedef struct _WIN32_JOBCALLOUT_PARAMETERS
1355 {
1356 PVOID Job;
1357 PSW32JOBCALLOUTTYPE CalloutType;
1358 PVOID Data;
1359 } WIN32_JOBCALLOUT_PARAMETERS, *PWIN32_JOBCALLOUT_PARAMETERS;
1360
1361 typedef struct _WIN32_OPENMETHOD_PARAMETERS
1362 {
1363 OB_OPEN_REASON OpenReason;
1364 PEPROCESS Process;
1365 PVOID Object;
1366 ULONG GrantedAccess;
1367 ULONG HandleCount;
1368 } WIN32_OPENMETHOD_PARAMETERS, *PWIN32_OPENMETHOD_PARAMETERS;
1369
1370 typedef struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS
1371 {
1372 PEPROCESS Process;
1373 PVOID Object;
1374 HANDLE Handle;
1375 KPROCESSOR_MODE PreviousMode;
1376 } WIN32_OKAYTOCLOSEMETHOD_PARAMETERS, *PWIN32_OKAYTOCLOSEMETHOD_PARAMETERS;
1377
1378 typedef struct _WIN32_CLOSEMETHOD_PARAMETERS
1379 {
1380 PEPROCESS Process;
1381 PVOID Object;
1382 ACCESS_MASK AccessMask;
1383 ULONG ProcessHandleCount;
1384 ULONG SystemHandleCount;
1385 } WIN32_CLOSEMETHOD_PARAMETERS, *PWIN32_CLOSEMETHOD_PARAMETERS;
1386
1387 typedef struct _WIN32_DELETEMETHOD_PARAMETERS
1388 {
1389 PVOID Object;
1390 } WIN32_DELETEMETHOD_PARAMETERS, *PWIN32_DELETEMETHOD_PARAMETERS;
1391
1392 typedef struct _WIN32_PARSEMETHOD_PARAMETERS
1393 {
1394 PVOID ParseObject;
1395 PVOID ObjectType;
1396 PACCESS_STATE AccessState;
1397 KPROCESSOR_MODE AccessMode;
1398 ULONG Attributes;
1399 _Out_ PUNICODE_STRING CompleteName;
1400 PUNICODE_STRING RemainingName;
1401 PVOID Context;
1402 PSECURITY_QUALITY_OF_SERVICE SecurityQos;
1403 PVOID *Object;
1404 } WIN32_PARSEMETHOD_PARAMETERS, *PWIN32_PARSEMETHOD_PARAMETERS;
1405
1406 typedef struct _WIN32_CALLOUTS_FPNS
1407 {
1408 PKWIN32_PROCESS_CALLOUT ProcessCallout;
1409 PKWIN32_THREAD_CALLOUT ThreadCallout;
1410 PKWIN32_GLOBALATOMTABLE_CALLOUT GlobalAtomTableCallout;
1411 PKWIN32_POWEREVENT_CALLOUT PowerEventCallout;
1412 PKWIN32_POWERSTATE_CALLOUT PowerStateCallout;
1413 PKWIN32_JOB_CALLOUT JobCallout;
1414 PGDI_BATCHFLUSH_ROUTINE BatchFlushRoutine;
1415 PKWIN32_OPENMETHOD_CALLOUT DesktopOpenProcedure;
1416 PKWIN32_OKTOCLOSEMETHOD_CALLOUT DesktopOkToCloseProcedure;
1417 PKWIN32_CLOSEMETHOD_CALLOUT DesktopCloseProcedure;
1418 PKWIN32_DELETEMETHOD_CALLOUT DesktopDeleteProcedure;
1419 PKWIN32_OKTOCLOSEMETHOD_CALLOUT WindowStationOkToCloseProcedure;
1420 PKWIN32_CLOSEMETHOD_CALLOUT WindowStationCloseProcedure;
1421 PKWIN32_DELETEMETHOD_CALLOUT WindowStationDeleteProcedure;
1422 PKWIN32_PARSEMETHOD_CALLOUT WindowStationParseProcedure;
1423 PKWIN32_OPENMETHOD_CALLOUT WindowStationOpenProcedure;
1424 PKWIN32_WIN32DATACOLLECTION_CALLOUT Win32DataCollectionProcedure;
1425 } WIN32_CALLOUTS_FPNS, *PWIN32_CALLOUTS_FPNS;
1426
1427 #endif // !NTOS_MODE_USER
1428
1429 #ifdef __cplusplus
1430 }; // extern "C"
1431 #endif
1432
1433 #endif // _PSTYPES_H
A free Windows-compatible Operating System