projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
- ImperstionationLocale -> ImpersonationLocale.
[reactos.git] / reactos / include / ndk / pstypes.h
1 /*++ NDK Version: 0098
2
3 Copyright (c) Alex Ionescu. All rights reserved.
4
5 Header Name:
6
7 pstypes.h
8
9 Abstract:
10
11 Type definitions for the Process Manager
12
13 Author:
14
15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16
17 --*/
18
19 #ifndef _PSTYPES_H
20 #define _PSTYPES_H
21
22 //
23 // Dependencies
24 //
25 #include <umtypes.h>
26 #include <ldrtypes.h>
27 #include <mmtypes.h>
28 #include <obtypes.h>
29 #ifndef NTOS_MODE_USER
30 #include <extypes.h>
31 #include <setypes.h>
32 #endif
33
34 //
35 // KUSER_SHARED_DATA location in User Mode
36 //
37 #define USER_SHARED_DATA (0x7FFE0000)
38
39 //
40 // Kernel Exports
41 //
42 #ifndef NTOS_MODE_USER
43
44 extern NTSYSAPI struct _EPROCESS* PsInitialSystemProcess;
45 extern NTSYSAPI POBJECT_TYPE PsProcessType;
46
47 #endif
48
49 //
50 // Global Flags
51 //
52 #define FLG_STOP_ON_EXCEPTION 0x00000001
53 #define FLG_SHOW_LDR_SNAPS 0x00000002
54 #define FLG_DEBUG_INITIAL_COMMAND 0x00000004
55 #define FLG_STOP_ON_HUNG_GUI 0x00000008
56 #define FLG_HEAP_ENABLE_TAIL_CHECK 0x00000010
57 #define FLG_HEAP_ENABLE_FREE_CHECK 0x00000020
58 #define FLG_HEAP_VALIDATE_PARAMETERS 0x00000040
59 #define FLG_HEAP_VALIDATE_ALL 0x00000080
60 #define FLG_POOL_ENABLE_TAIL_CHECK 0x00000100
61 #define FLG_POOL_ENABLE_FREE_CHECK 0x00000200
62 #define FLG_POOL_ENABLE_TAGGING 0x00000400
63 #define FLG_HEAP_ENABLE_TAGGING 0x00000800
64 #define FLG_USER_STACK_TRACE_DB 0x00001000
65 #define FLG_KERNEL_STACK_TRACE_DB 0x00002000
66 #define FLG_MAINTAIN_OBJECT_TYPELIST 0x00004000
67 #define FLG_HEAP_ENABLE_TAG_BY_DLL 0x00008000
68 #define FLG_IGNORE_DEBUG_PRIV 0x00010000
69 #define FLG_ENABLE_CSRDEBUG 0x00020000
70 #define FLG_ENABLE_KDEBUG_SYMBOL_LOAD 0x00040000
71 #define FLG_DISABLE_PAGE_KERNEL_STACKS 0x00080000
72 #define FLG_HEAP_ENABLE_CALL_TRACING 0x00100000
73 #define FLG_HEAP_DISABLE_COALESCING 0x00200000
74 #define FLG_ENABLE_CLOSE_EXCEPTIONS 0x00400000
75 #define FLG_ENABLE_EXCEPTION_LOGGING 0x00800000
76 #define FLG_ENABLE_HANDLE_TYPE_TAGGING 0x01000000
77 #define FLG_HEAP_PAGE_ALLOCS 0x02000000
78 #define FLG_DEBUG_INITIAL_COMMAND_EX 0x04000000
79 #define FLG_VALID_BITS 0x07FFFFFF
80
81 //
82 // Process priority classes
83 //
84 #define PROCESS_PRIORITY_CLASS_INVALID 0
85 #define PROCESS_PRIORITY_CLASS_IDLE 1
86 #define PROCESS_PRIORITY_CLASS_NORMAL 2
87 #define PROCESS_PRIORITY_CLASS_HIGH 3
88 #define PROCESS_PRIORITY_CLASS_REALTIME 4
89 #define PROCESS_PRIORITY_CLASS_BELOW_NORMAL 5
90 #define PROCESS_PRIORITY_CLASS_ABOVE_NORMAL 6
91
92 //
93 // NtCreateProcessEx flags
94 //
95 #define PS_REQUEST_BREAKAWAY 1
96 #define PS_NO_DEBUG_INHERIT 2
97 #define PS_INHERIT_HANDLES 4
98 #define PS_UNKNOWN_VALUE 8
99 #define PS_ALL_FLAGS (PS_REQUEST_BREAKAWAY | \
100 PS_NO_DEBUG_INHERIT | \
101 PS_INHERIT_HANDLES | \
102 PS_UNKNOWN_VALUE)
103
104 //
105 // Process base priorities
106 //
107 #define PROCESS_PRIORITY_IDLE 3
108 #define PROCESS_PRIORITY_NORMAL 8
109 #define PROCESS_PRIORITY_NORMAL_FOREGROUND 9
110
111 //
112 // Process Priority Separation Values (OR)
113 //
114 #define PSP_VARIABLE_QUANTUMS 4
115 #define PSP_LONG_QUANTUMS 16
116
117 //
118 // Number of TLS expansion slots
119 //
120 #define TLS_EXPANSION_SLOTS 64
121
122 //
123 // Process Access Types
124 //
125 #ifndef NTOS_MODE_USER
126 #define PROCESS_TERMINATE 0x0001
127 #define PROCESS_CREATE_THREAD 0x0002
128 #define PROCESS_SET_SESSIONID 0x0004
129 #define PROCESS_VM_OPERATION 0x0008
130 #define PROCESS_VM_READ 0x0010
131 #define PROCESS_VM_WRITE 0x0020
132 #define PROCESS_CREATE_PROCESS 0x0080
133 #define PROCESS_SET_QUOTA 0x0100
134 #define PROCESS_SET_INFORMATION 0x0200
135 #define PROCESS_QUERY_INFORMATION 0x0400
136 #define PROCESS_SUSPEND_RESUME 0x0800
137 #define PROCESS_QUERY_LIMITED_INFORMATION 0x1000
138 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
139 #define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
140 SYNCHRONIZE | \
141 0xFFFF)
142 #else
143 #define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
144 SYNCHRONIZE | \
145 0xFFF)
146 #endif
147
148 //
149 // Job Access Types
150 //
151 #define JOB_OBJECT_ASSIGN_PROCESS 0x1
152 #define JOB_OBJECT_SET_ATTRIBUTES 0x2
153 #define JOB_OBJECT_QUERY 0x4
154 #define JOB_OBJECT_TERMINATE 0x8
155 #define JOB_OBJECT_SET_SECURITY_ATTRIBUTES 0x10
156 #define JOB_OBJECT_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
157 SYNCHRONIZE | \
158 31)
159
160 //
161 // Cross Thread Flags
162 //
163 #define CT_TERMINATED_BIT 0x1
164 #define CT_DEAD_THREAD_BIT 0x2
165 #define CT_HIDE_FROM_DEBUGGER_BIT 0x4
166 #define CT_ACTIVE_IMPERSONATION_INFO_BIT 0x8
167 #define CT_SYSTEM_THREAD_BIT 0x10
168 #define CT_HARD_ERRORS_ARE_DISABLED_BIT 0x20
169 #define CT_BREAK_ON_TERMINATION_BIT 0x40
170 #define CT_SKIP_CREATION_MSG_BIT 0x80
171 #define CT_SKIP_TERMINATION_MSG_BIT 0x100
172
173 //
174 // Same Thread Passive Flags
175 //
176 #define STP_ACTIVE_EX_WORKER_BIT 0x1
177 #define STP_EX_WORKER_CAN_WAIT_USER_BIT 0x2
178 #define STP_MEMORY_MAKER_BIT 0x4
179 #define STP_KEYED_EVENT_IN_USE_BIT 0x8
180
181 //
182 // Same Thread APC Flags
183 //
184 #define STA_LPC_RECEIVED_MSG_ID_VALID_BIT 0x1
185 #define STA_LPC_EXIT_THREAD_CALLED_BIT 0x2
186 #define STA_ADDRESS_SPACE_OWNER_BIT 0x4
187 #endif
188
189 //
190 // Process Flags
191 //
192 #define PSF_CREATE_REPORTED_BIT 0x1
193 #define PSF_NO_DEBUG_INHERIT_BIT 0x2
194 #define PSF_PROCESS_EXITING_BIT 0x4
195 #define PSF_PROCESS_DELETE_BIT 0x8
196 #define PSF_WOW64_SPLIT_PAGES_BIT 0x10
197 #define PSF_VM_DELETED_BIT 0x20
198 #define PSF_OUTSWAP_ENABLED_BIT 0x40
199 #define PSF_OUTSWAPPED_BIT 0x80
200 #define PSF_FORK_FAILED_BIT 0x100
201 #define PSF_WOW64_VA_SPACE_4GB_BIT 0x200
202 #define PSF_ADDRESS_SPACE_INITIALIZED_BIT 0x400
203 #define PSF_SET_TIMER_RESOLUTION_BIT 0x1000
204 #define PSF_BREAK_ON_TERMINATION_BIT 0x2000
205 #define PSF_SESSION_CREATION_UNDERWAY_BIT 0x4000
206 #define PSF_WRITE_WATCH_BIT 0x8000
207 #define PSF_PROCESS_IN_SESSION_BIT 0x10000
208 #define PSF_OVERRIDE_ADDRESS_SPACE_BIT 0x20000
209 #define PSF_HAS_ADDRESS_SPACE_BIT 0x40000
210 #define PSF_LAUNCH_PREFETCHED_BIT 0x80000
211 #define PSF_INJECT_INPAGE_ERRORS_BIT 0x100000
212 #define PSF_VM_TOP_DOWN_BIT 0x200000
213 #define PSF_IMAGE_NOTIFY_DONE_BIT 0x400000
214 #define PSF_PDE_UPDATE_NEEDED_BIT 0x800000
215 #define PSF_VDM_ALLOWED_BIT 0x1000000
216 #define PSF_SWAP_ALLOWED_BIT 0x2000000
217 #define PSF_CREATE_FAILED_BIT 0x4000000
218 #define PSF_DEFAULT_IO_PRIORITY_BIT 0x8000000
219
220 #ifdef NTOS_MODE_USER
221 //
222 // Current Process/Thread built-in 'special' handles
223 //
224 #define NtCurrentProcess() ((HANDLE)(LONG_PTR)-1)
225 #define ZwCurrentProcess() NtCurrentProcess()
226 #define NtCurrentThread() ((HANDLE)(LONG_PTR)-2)
227 #define ZwCurrentThread() NtCurrentThread()
228
229 //
230 // Process/Thread/Job Information Classes for NtQueryInformationProcess/Thread/Job
231 //
232 typedef enum _PROCESSINFOCLASS
233 {
234 ProcessBasicInformation,
235 ProcessQuotaLimits,
236 ProcessIoCounters,
237 ProcessVmCounters,
238 ProcessTimes,
239 ProcessBasePriority,
240 ProcessRaisePriority,
241 ProcessDebugPort,
242 ProcessExceptionPort,
243 ProcessAccessToken,
244 ProcessLdtInformation,
245 ProcessLdtSize,
246 ProcessDefaultHardErrorMode,
247 ProcessIoPortHandlers,
248 ProcessPooledUsageAndLimits,
249 ProcessWorkingSetWatch,
250 ProcessUserModeIOPL,
251 ProcessEnableAlignmentFaultFixup,
252 ProcessPriorityClass,
253 ProcessWx86Information,
254 ProcessHandleCount,
255 ProcessAffinityMask,
256 ProcessPriorityBoost,
257 ProcessDeviceMap,
258 ProcessSessionInformation,
259 ProcessForegroundInformation,
260 ProcessWow64Information,
261 ProcessImageFileName,
262 ProcessLUIDDeviceMapsEnabled,
263 ProcessBreakOnTermination,
264 ProcessDebugObjectHandle,
265 ProcessDebugFlags,
266 ProcessHandleTracing,
267 ProcessIoPriority,
268 ProcessExecuteFlags,
269 ProcessTlsInformation,
270 ProcessCookie,
271 ProcessImageInformation,
272 ProcessCycleTime,
273 ProcessPagePriority,
274 ProcessInstrumentationCallback,
275 MaxProcessInfoClass
276 } PROCESSINFOCLASS;
277
278 typedef enum _THREADINFOCLASS
279 {
280 ThreadBasicInformation,
281 ThreadTimes,
282 ThreadPriority,
283 ThreadBasePriority,
284 ThreadAffinityMask,
285 ThreadImpersonationToken,
286 ThreadDescriptorTableEntry,
287 ThreadEnableAlignmentFaultFixup,
288 ThreadEventPair_Reusable,
289 ThreadQuerySetWin32StartAddress,
290 ThreadZeroTlsCell,
291 ThreadPerformanceCount,
292 ThreadAmILastThread,
293 ThreadIdealProcessor,
294 ThreadPriorityBoost,
295 ThreadSetTlsArrayAddress,
296 ThreadIsIoPending,
297 ThreadHideFromDebugger,
298 ThreadBreakOnTermination,
299 ThreadSwitchLegacyState,
300 ThreadIsTerminated,
301 ThreadLastSystemCall,
302 ThreadIoPriority,
303 ThreadCycleTime,
304 ThreadPagePriority,
305 ThreadActualBasePriority,
306 ThreadTebInformation,
307 ThreadCSwitchMon,
308 MaxThreadInfoClass
309 } THREADINFOCLASS;
310
311 #else
312
313 typedef enum _PSPROCESSPRIORITYMODE
314 {
315 PsProcessPriorityForeground,
316 PsProcessPriorityBackground,
317 PsProcessPrioritySpinning
318 } PSPROCESSPRIORITYMODE;
319
320 typedef enum _JOBOBJECTINFOCLASS
321 {
322 JobObjectBasicAccountingInformation = 1,
323 JobObjectBasicLimitInformation,
324 JobObjectBasicProcessIdList,
325 JobObjectBasicUIRestrictions,
326 JobObjectSecurityLimitInformation,
327 JobObjectEndOfJobTimeInformation,
328 JobObjectAssociateCompletionPortInformation,
329 JobObjectBasicAndIoAccountingInformation,
330 JobObjectExtendedLimitInformation,
331 JobObjectJobSetInformation,
332 MaxJobObjectInfoClass
333 } JOBOBJECTINFOCLASS;
334
335 //
336 // Power Event Events for Win32K Power Event Callback
337 //
338 typedef enum _PSPOWEREVENTTYPE
339 {
340 PsW32FullWake = 0,
341 PsW32EventCode = 1,
342 PsW32PowerPolicyChanged = 2,
343 PsW32SystemPowerState = 3,
344 PsW32SystemTime = 4,
345 PsW32DisplayState = 5,
346 PsW32CapabilitiesChanged = 6,
347 PsW32SetStateFailed = 7,
348 PsW32GdiOff = 8,
349 PsW32GdiOn = 9,
350 PsW32GdiPrepareResumeUI = 10,
351 PsW32GdiOffRequest = 11,
352 PsW32MonitorOff = 12,
353 } PSPOWEREVENTTYPE;
354
355 //
356 // Power State Tasks for Win32K Power State Callback
357 //
358 typedef enum _POWERSTATETASK
359 {
360 PowerState_BlockSessionSwitch = 0,
361 PowerState_Init = 1,
362 PowerState_QueryApps = 2,
363 PowerState_QueryServices = 3,
364 PowerState_QueryAppsFailed = 4,
365 PowerState_QueryServicesFailed = 5,
366 PowerState_SuspendApps = 6,
367 PowerState_SuspendServices = 7,
368 PowerState_ShowUI = 8,
369 PowerState_NotifyWL = 9,
370 PowerState_ResumeApps = 10,
371 PowerState_ResumeServices = 11,
372 PowerState_UnBlockSessionSwitch = 12,
373 PowerState_End = 13,
374 PowerState_BlockInput = 14,
375 PowerState_UnblockInput = 15,
376 } POWERSTATETASK;
377
378 //
379 // Win32K Job Callback Types
380 //
381 typedef enum _PSW32JOBCALLOUTTYPE
382 {
383 PsW32JobCalloutSetInformation = 0,
384 PsW32JobCalloutAddProcess = 1,
385 PsW32JobCalloutTerminate = 2,
386 } PSW32JOBCALLOUTTYPE;
387
388 //
389 // Win32K Thread Callback Types
390 //
391 typedef enum _PSW32THREADCALLOUTTYPE
392 {
393 PsW32ThreadCalloutInitialize,
394 PsW32ThreadCalloutExit,
395 } PSW32THREADCALLOUTTYPE;
396
397 //
398 // Declare empty structure definitions so that they may be referenced by
399 // routines before they are defined
400 //
401 struct _W32THREAD;
402 struct _W32PROCESS;
403 struct _ETHREAD;
404 struct _WIN32_POWEREVENT_PARAMETERS;
405 struct _WIN32_POWERSTATE_PARAMETERS;
406 struct _WIN32_JOBCALLOUT_PARAMETERS;
407 struct _WIN32_OPENMETHOD_PARAMETERS;
408 struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS;
409 struct _WIN32_CLOSEMETHOD_PARAMETERS;
410 struct _WIN32_DELETEMETHOD_PARAMETERS;
411 struct _WIN32_PARSEMETHOD_PARAMETERS;
412
413 //
414 // Win32K Process and Thread Callbacks
415 //
416 typedef
417 NTSTATUS
418 (NTAPI *PKWIN32_PROCESS_CALLOUT)(
419 struct _EPROCESS *Process,
420 BOOLEAN Create
421 );
422
423 typedef
424 NTSTATUS
425 (NTAPI *PKWIN32_THREAD_CALLOUT)(
426 struct _ETHREAD *Thread,
427 PSW32THREADCALLOUTTYPE Type
428 );
429
430 typedef
431 NTSTATUS
432 (NTAPI *PKWIN32_GLOBALATOMTABLE_CALLOUT)(
433 VOID
434 );
435
436 typedef
437 NTSTATUS
438 (NTAPI *PKWIN32_POWEREVENT_CALLOUT)(
439 struct _WIN32_POWEREVENT_PARAMETERS *Parameters
440 );
441
442 typedef
443 NTSTATUS
444 (NTAPI *PKWIN32_POWERSTATE_CALLOUT)(
445 struct _WIN32_POWERSTATE_PARAMETERS *Parameters
446 );
447
448 typedef
449 NTSTATUS
450 (NTAPI *PKWIN32_JOB_CALLOUT)(
451 struct _WIN32_JOBCALLOUT_PARAMETERS *Parameters
452 );
453
454 typedef
455 NTSTATUS
456 (NTAPI *PGDI_BATCHFLUSH_ROUTINE)(
457 VOID
458 );
459
460 typedef
461 NTSTATUS
462 (NTAPI *PKWIN32_OPENMETHOD_CALLOUT)(
463 struct _WIN32_OPENMETHOD_PARAMETERS *Parameters
464 );
465
466 typedef
467 NTSTATUS
468 (NTAPI *PKWIN32_OKTOCLOSEMETHOD_CALLOUT)(
469 struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS *Parameters
470 );
471
472 typedef
473 NTSTATUS
474 (NTAPI *PKWIN32_CLOSEMETHOD_CALLOUT)(
475 struct _WIN32_CLOSEMETHOD_PARAMETERS *Parameters
476 );
477
478 typedef
479 VOID
480 (NTAPI *PKWIN32_DELETEMETHOD_CALLOUT)(
481 struct _WIN32_DELETEMETHOD_PARAMETERS *Parameters
482 );
483
484 typedef
485 NTSTATUS
486 (NTAPI *PKWIN32_PARSEMETHOD_CALLOUT)(
487 struct _WIN32_PARSEMETHOD_PARAMETERS *Parameters
488 );
489
490 typedef
491 NTSTATUS
492 (NTAPI *PKWIN32_WIN32DATACOLLECTION_CALLOUT)(
493 struct _EPROCESS *Process,
494 PVOID Callback,
495 PVOID Context
496 );
497
498 //
499 // Lego Callback
500 //
501 typedef
502 VOID
503 (NTAPI *PLEGO_NOTIFY_ROUTINE)(
504 IN PKTHREAD Thread
505 );
506
507 #endif
508
509 typedef NTSTATUS
510 (NTAPI *PPOST_PROCESS_INIT_ROUTINE)(
511 VOID
512 );
513
514 #ifdef NTOS_MODE_USER
515
516 //
517 // ClientID Structure
518 //
519 typedef struct _CLIENT_ID
520 {
521 HANDLE UniqueProcess;
522 HANDLE UniqueThread;
523 } CLIENT_ID, *PCLIENT_ID;
524
525 #endif
526
527 //
528 // Descriptor Table Entry Definition
529 //
530 #define _DESCRIPTOR_TABLE_ENTRY_DEFINED
531 typedef struct _DESCRIPTOR_TABLE_ENTRY
532 {
533 ULONG Selector;
534 LDT_ENTRY Descriptor;
535 } DESCRIPTOR_TABLE_ENTRY, *PDESCRIPTOR_TABLE_ENTRY;
536
537 //
538 // PEB Lock Routine
539 //
540 typedef VOID
541 (NTAPI *PPEBLOCKROUTINE)(
542 PVOID PebLock
543 );
544
545 //
546 // PEB Free Block Descriptor
547 //
548 typedef struct _PEB_FREE_BLOCK
549 {
550 struct _PEB_FREE_BLOCK* Next;
551 ULONG Size;
552 } PEB_FREE_BLOCK, *PPEB_FREE_BLOCK;
553
554 //
555 // Process Environment Block (PEB)
556 //
557 typedef struct _PEB
558 {
559 UCHAR InheritedAddressSpace;
560 UCHAR ReadImageFileExecOptions;
561 UCHAR BeingDebugged;
562 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
563 struct
564 {
565 UCHAR ImageUsesLargePages:1;
566 UCHAR IsProtectedProcess:1;
567 UCHAR IsLegacyProcess:1;
568 UCHAR SpareBits:5;
569 };
570 #else
571 BOOLEAN SpareBool;
572 #endif
573 HANDLE Mutant;
574 PVOID ImageBaseAddress;
575 PPEB_LDR_DATA Ldr;
576 struct _RTL_USER_PROCESS_PARAMETERS *ProcessParameters;
577 PVOID SubSystemData;
578 PVOID ProcessHeap;
579 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
580 struct _RTL_CRITICAL_SECTION *FastPebLock;
581 PVOID AltThunkSListPtr;
582 PVOID IFEOKey;
583 ULONG Spare;
584 union
585 {
586 PVOID* KernelCallbackTable;
587 PVOID UserSharedInfoPtr;
588 };
589 ULONG SystemReserved[1];
590 ULONG SpareUlong;
591 #else
592 PVOID FastPebLock;
593 PPEBLOCKROUTINE FastPebLockRoutine;
594 PPEBLOCKROUTINE FastPebUnlockRoutine;
595 ULONG EnvironmentUpdateCount;
596 PVOID* KernelCallbackTable;
597 PVOID EventLogSection;
598 PVOID EventLog;
599 #endif
600 PPEB_FREE_BLOCK FreeList;
601 ULONG TlsExpansionCounter;
602 PVOID TlsBitmap;
603 ULONG TlsBitmapBits[0x2];
604 PVOID ReadOnlySharedMemoryBase;
605 PVOID ReadOnlySharedMemoryHeap;
606 PVOID* ReadOnlyStaticServerData;
607 PVOID AnsiCodePageData;
608 PVOID OemCodePageData;
609 PVOID UnicodeCaseTableData;
610 ULONG NumberOfProcessors;
611 ULONG NtGlobalFlag;
612 LARGE_INTEGER CriticalSectionTimeout;
613 ULONG HeapSegmentReserve;
614 ULONG HeapSegmentCommit;
615 ULONG HeapDeCommitTotalFreeThreshold;
616 ULONG HeapDeCommitFreeBlockThreshold;
617 ULONG NumberOfHeaps;
618 ULONG MaximumNumberOfHeaps;
619 PVOID* ProcessHeaps;
620 PVOID GdiSharedHandleTable;
621 PVOID ProcessStarterHelper;
622 PVOID GdiDCAttributeList;
623 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
624 struct _RTL_CRITICAL_SECTION *LoaderLock;
625 #else
626 PVOID LoaderLock;
627 #endif
628 ULONG OSMajorVersion;
629 ULONG OSMinorVersion;
630 USHORT OSBuildNumber;
631 USHORT OSCSDVersion;
632 ULONG OSPlatformId;
633 ULONG ImageSubSystem;
634 ULONG ImageSubSystemMajorVersion;
635 ULONG ImageSubSystemMinorVersion;
636 ULONG ImageProcessAffinityMask;
637 ULONG GdiHandleBuffer[0x22];
638 PPOST_PROCESS_INIT_ROUTINE PostProcessInitRoutine;
639 struct _RTL_BITMAP *TlsExpansionBitmap;
640 ULONG TlsExpansionBitmapBits[0x20];
641 ULONG SessionId;
642 #if (NTDDI_VERSION >= NTDDI_WINXP)
643 ULARGE_INTEGER AppCompatFlags;
644 ULARGE_INTEGER AppCompatFlagsUser;
645 PVOID pShimData;
646 PVOID AppCompatInfo;
647 UNICODE_STRING CSDVersion;
648 struct _ACTIVATION_CONTEXT_DATA *ActivationContextData;
649 struct _ASSEMBLY_STORAGE_MAP *ProcessAssemblyStorageMap;
650 struct _ACTIVATION_CONTEXT_DATA *SystemDefaultActivationContextData;
651 struct _ASSEMBLY_STORAGE_MAP *SystemAssemblyStorageMap;
652 ULONG MinimumStackCommit;
653 #endif
654 #if (NTDDI_VERSION >= NTDDI_WS03)
655 PVOID *FlsCallback;
656 LIST_ENTRY FlsListHead;
657 struct _RTL_BITMAP *FlsBitmap;
658 ULONG FlsBitmapBits[4];
659 ULONG FlsHighIndex;
660 #endif
661 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
662 PVOID WerRegistrationData;
663 PVOID WerShipAssertPtr;
664 #endif
665 } PEB, *PPEB;
666
667 //
668 // GDI Batch Descriptor
669 //
670 typedef struct _GDI_TEB_BATCH
671 {
672 ULONG Offset;
673 ULONG HDC;
674 ULONG Buffer[0x136];
675 } GDI_TEB_BATCH, *PGDI_TEB_BATCH;
676
677 //
678 // Initial TEB
679 //
680 typedef struct _INITIAL_TEB
681 {
682 PVOID PreviousStackBase;
683 PVOID PreviousStackLimit;
684 PVOID StackBase;
685 PVOID StackLimit;
686 PVOID AllocatedStackBase;
687 } INITIAL_TEB, *PINITIAL_TEB;
688
689 //
690 // TEB Active Frame Structures
691 //
692 typedef struct _TEB_ACTIVE_FRAME_CONTEXT
693 {
694 ULONG Flags;
695 LPSTR FrameName;
696 } TEB_ACTIVE_FRAME_CONTEXT, *PTEB_ACTIVE_FRAME_CONTEXT;
697
698 typedef struct _TEB_ACTIVE_FRAME
699 {
700 ULONG Flags;
701 struct _TEB_ACTIVE_FRAME *Previous;
702 PTEB_ACTIVE_FRAME_CONTEXT Context;
703 } TEB_ACTIVE_FRAME, *PTEB_ACTIVE_FRAME;
704
705 //
706 // Thread Environment Block (TEB)
707 //
708 typedef struct _TEB
709 {
710 NT_TIB Tib;
711 PVOID EnvironmentPointer;
712 CLIENT_ID Cid;
713 PVOID ActiveRpcHandle;
714 PVOID ThreadLocalStoragePointer;
715 struct _PEB *ProcessEnvironmentBlock;
716 ULONG LastErrorValue;
717 ULONG CountOfOwnedCriticalSections;
718 PVOID CsrClientThread;
719 struct _W32THREAD* Win32ThreadInfo;
720 ULONG User32Reserved[0x1A];
721 ULONG UserReserved[5];
722 PVOID WOW32Reserved;
723 LCID CurrentLocale;
724 ULONG FpSoftwareStatusRegister;
725 PVOID SystemReserved1[0x36];
726 LONG ExceptionCode;
727 struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer;
728 UCHAR SpareBytes1[0x24];
729 ULONG TxFsContext;
730 GDI_TEB_BATCH GdiTebBatch;
731 CLIENT_ID RealClientId;
732 PVOID GdiCachedProcessHandle;
733 ULONG GdiClientPID;
734 ULONG GdiClientTID;
735 PVOID GdiThreadLocalInfo;
736 ULONG Win32ClientInfo[62];
737 PVOID glDispatchTable[0xE9];
738 ULONG glReserved1[0x1D];
739 PVOID glReserved2;
740 PVOID glSectionInfo;
741 PVOID glSection;
742 PVOID glTable;
743 PVOID glCurrentRC;
744 PVOID glContext;
745 NTSTATUS LastStatusValue;
746 UNICODE_STRING StaticUnicodeString;
747 WCHAR StaticUnicodeBuffer[0x105];
748 PVOID DeallocationStack;
749 PVOID TlsSlots[0x40];
750 LIST_ENTRY TlsLinks;
751 PVOID Vdm;
752 PVOID ReservedForNtRpc;
753 PVOID DbgSsReserved[0x2];
754 ULONG HardErrorDisabled;
755 PVOID Instrumentation[9];
756 GUID ActivityId;
757 PVOID SubProcessTag;
758 PVOID EtwTraceData;
759 PVOID WinSockData;
760 ULONG GdiBatchCount;
761 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
762 BOOLEAN SpareBool0;
763 BOOLEAN SpareBool1;
764 BOOLEAN SpareBool2;
765 #else
766 BOOLEAN InDbgPrint;
767 BOOLEAN FreeStackOnTermination;
768 BOOLEAN HasFiberData;
769 #endif
770 UCHAR IdealProcessor;
771 ULONG GuaranteedStackBytes;
772 PVOID ReservedForPerf;
773 PVOID ReservedForOle;
774 ULONG WaitingOnLoaderLock;
775 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
776 PVOID SavedPriorityState;
777 #else
778 ULONG SparePointer1;
779 #endif
780 ULONG SoftPatchPtr1;
781 ULONG SoftPatchPtr2;
782 PVOID *TlsExpansionSlots;
783 ULONG ImpersonationLocale;
784 ULONG IsImpersonating;
785 PVOID NlsCache;
786 PVOID pShimData;
787 ULONG HeapVirualAffinity;
788 PVOID CurrentTransactionHandle;
789 PTEB_ACTIVE_FRAME ActiveFrame;
790 #if (NTDDI_VERSION >= NTDDI_WS03)
791 PVOID FlsData;
792 #endif
793 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
794 PVOID PreferredLangauges;
795 PVOID UserPrefLanguages;
796 PVOID MergedPrefLanguages;
797 ULONG MuiImpersonation;
798 union
799 {
800 struct
801 {
802 USHORT SpareCrossTebFlags:16;
803 };
804 USHORT CrossTebFlags;
805 };
806 union
807 {
808 struct
809 {
810 USHORT DbgSafeThunkCall:1;
811 USHORT DbgInDebugPrint:1;
812 USHORT DbgHasFiberData:1;
813 USHORT DbgSkipThreadAttach:1;
814 USHORT DbgWerInShipAssertCode:1;
815 USHORT DbgIssuedInitialBp:1;
816 USHORT DbgClonedThread:1;
817 USHORT SpareSameTebBits:9;
818 };
819 USHORT SameTebFlags;
820 };
821 PVOID TxnScopeEntercallback;
822 PVOID TxnScopeExitCAllback;
823 PVOID TxnScopeContext;
824 ULONG LockCount;
825 ULONG ProcessRundown;
826 ULONGLONG LastSwitchTime;
827 ULONGLONG TotalSwitchOutTime;
828 LARGE_INTEGER WaitReasonBitMap;
829 #else
830 UCHAR SafeThunkCall;
831 UCHAR BooleanSpare[3];
832 #endif
833 } TEB, *PTEB;
834
835 #ifdef NTOS_MODE_USER
836
837 //
838 // Process Information Structures for NtQueryProcessInformation
839 //
840 typedef struct _PROCESS_BASIC_INFORMATION
841 {
842 NTSTATUS ExitStatus;
843 PPEB PebBaseAddress;
844 ULONG_PTR AffinityMask;
845 KPRIORITY BasePriority;
846 ULONG_PTR UniqueProcessId;
847 ULONG_PTR InheritedFromUniqueProcessId;
848 } PROCESS_BASIC_INFORMATION,*PPROCESS_BASIC_INFORMATION;
849
850 typedef struct _PROCESS_ACCESS_TOKEN
851 {
852 HANDLE Token;
853 HANDLE Thread;
854 } PROCESS_ACCESS_TOKEN, *PPROCESS_ACCESS_TOKEN;
855
856 typedef struct _PROCESS_DEVICEMAP_INFORMATION
857 {
858 union
859 {
860 struct
861 {
862 HANDLE DirectoryHandle;
863 } Set;
864 struct
865 {
866 ULONG DriveMap;
867 UCHAR DriveType[32];
868 } Query;
869 };
870 } PROCESS_DEVICEMAP_INFORMATION, *PPROCESS_DEVICEMAP_INFORMATION;
871
872 typedef struct _KERNEL_USER_TIMES
873 {
874 LARGE_INTEGER CreateTime;
875 LARGE_INTEGER ExitTime;
876 LARGE_INTEGER KernelTime;
877 LARGE_INTEGER UserTime;
878 } KERNEL_USER_TIMES, *PKERNEL_USER_TIMES;
879
880 typedef struct _PROCESS_SESSION_INFORMATION
881 {
882 ULONG SessionId;
883 } PROCESS_SESSION_INFORMATION, *PPROCESS_SESSION_INFORMATION;
884
885 #endif
886
887 typedef struct _PROCESS_PRIORITY_CLASS
888 {
889 BOOLEAN Foreground;
890 UCHAR PriorityClass;
891 } PROCESS_PRIORITY_CLASS, *PPROCESS_PRIORITY_CLASS;
892
893 //
894 // Thread Information Structures for NtQueryProcessInformation
895 //
896 typedef struct _THREAD_BASIC_INFORMATION
897 {
898 NTSTATUS ExitStatus;
899 PVOID TebBaseAddress;
900 CLIENT_ID ClientId;
901 KAFFINITY AffinityMask;
902 KPRIORITY Priority;
903 KPRIORITY BasePriority;
904 } THREAD_BASIC_INFORMATION, *PTHREAD_BASIC_INFORMATION;
905
906 #ifndef NTOS_MODE_USER
907
908 //
909 // EPROCESS Quota Structures
910 //
911 typedef struct _EPROCESS_QUOTA_ENTRY
912 {
913 SIZE_T Usage;
914 SIZE_T Limit;
915 SIZE_T Peak;
916 SIZE_T Return;
917 } EPROCESS_QUOTA_ENTRY, *PEPROCESS_QUOTA_ENTRY;
918
919 typedef struct _EPROCESS_QUOTA_BLOCK
920 {
921 EPROCESS_QUOTA_ENTRY QuotaEntry[3];
922 LIST_ENTRY QuotaList;
923 ULONG ReferenceCount;
924 ULONG ProcessCount;
925 } EPROCESS_QUOTA_BLOCK, *PEPROCESS_QUOTA_BLOCK;
926
927 //
928 // Process Pagefault History
929 //
930 typedef struct _PAGEFAULT_HISTORY
931 {
932 ULONG CurrentIndex;
933 ULONG MapIndex;
934 KSPIN_LOCK SpinLock;
935 PVOID Reserved;
936 PROCESS_WS_WATCH_INFORMATION WatchInfo[1];
937 } PAGEFAULT_HISTORY, *PPAGEFAULT_HISTORY;
938
939 //
940 // Process Impersonation Information
941 //
942 typedef struct _PS_IMPERSONATION_INFORMATION
943 {
944 PACCESS_TOKEN Token;
945 BOOLEAN CopyOnOpen;
946 BOOLEAN EffectiveOnly;
947 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
948 } PS_IMPERSONATION_INFORMATION, *PPS_IMPERSONATION_INFORMATION;
949
950 //
951 // Process Termination Port
952 //
953 typedef struct _TERMINATION_PORT
954 {
955 struct _TERMINATION_PORT *Next;
956 PVOID Port;
957 } TERMINATION_PORT, *PTERMINATION_PORT;
958
959 //
960 // Per-Process APC Rate Limiting
961 //
962 typedef struct _PSP_RATE_APC
963 {
964 union
965 {
966 SINGLE_LIST_ENTRY NextApc;
967 ULONGLONG ExcessCycles;
968 };
969 ULONGLONG TargetGEneration;
970 KAPC RateApc;
971 } PSP_RATE_APC, *PPSP_RATE_APC;
972
973 //
974 // Executive Thread (ETHREAD)
975 //
976 #include <pshpack4.h>
977 typedef struct _ETHREAD
978 {
979 KTHREAD Tcb;
980 PVOID Padding;
981 LARGE_INTEGER CreateTime;
982 union
983 {
984 LARGE_INTEGER ExitTime;
985 LIST_ENTRY LpcReplyChain;
986 LIST_ENTRY KeyedWaitChain;
987 };
988 union
989 {
990 NTSTATUS ExitStatus;
991 PVOID OfsChain;
992 };
993 LIST_ENTRY PostBlockList;
994 union
995 {
996 struct _TERMINATION_PORT *TerminationPort;
997 struct _ETHREAD *ReaperLink;
998 PVOID KeyedWaitValue;
999 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1000 PVOID Win32StartParameter;
1001 #endif
1002 };
1003 KSPIN_LOCK ActiveTimerListLock;
1004 LIST_ENTRY ActiveTimerListHead;
1005 CLIENT_ID Cid;
1006 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1007 KSEMAPHORE KeyedWaitSemaphore;
1008 #else
1009 union
1010 {
1011 KSEMAPHORE LpcReplySemaphore;
1012 KSEMAPHORE KeyedReplySemaphore;
1013 };
1014 union
1015 {
1016 PVOID LpcReplyMessage;
1017 PVOID LpcWaitingOnPort;
1018 };
1019 #endif
1020 PPS_IMPERSONATION_INFORMATION ImpersonationInfo;
1021 LIST_ENTRY IrpList;
1022 ULONG TopLevelIrp;
1023 PDEVICE_OBJECT DeviceToVerify;
1024 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1025 PPSP_RATE_APC RateControlApc;
1026 #else
1027 struct _EPROCESS *ThreadsProcess;
1028 #endif
1029 PVOID Win32StartAddress;
1030 union
1031 {
1032 PKSTART_ROUTINE StartAddress;
1033 ULONG LpcReceivedMessageId;
1034 };
1035 LIST_ENTRY ThreadListEntry;
1036 EX_RUNDOWN_REF RundownProtect;
1037 EX_PUSH_LOCK ThreadLock;
1038 #if (NTDDI_VERSION < NTDDI_LONGHORN)
1039 ULONG LpcReplyMessageId;
1040 #endif
1041 ULONG ReadClusterSize;
1042 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1043 ULONG SpareUlong0;
1044 #else
1045 ACCESS_MASK GrantedAccess;
1046 #endif
1047 union
1048 {
1049 struct
1050 {
1051 ULONG Terminated:1;
1052 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1053 ULONG ThreadInserted:1;
1054 #else
1055 ULONG DeadThread:1;
1056 #endif
1057 ULONG HideFromDebugger:1;
1058 ULONG ActiveImpersonationInfo:1;
1059 ULONG SystemThread:1;
1060 ULONG HardErrorsAreDisabled:1;
1061 ULONG BreakOnTermination:1;
1062 ULONG SkipCreationMsg:1;
1063 ULONG SkipTerminationMsg:1;
1064 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1065 ULONG CreateMsgSent:1;
1066 ULONG ThreadIoPriority:3;
1067 ULONG ThreadPagePriority:3;
1068 ULONG PendingRatecontrol:1;
1069 #endif
1070 };
1071 ULONG CrossThreadFlags;
1072 };
1073 union
1074 {
1075 struct
1076 {
1077 ULONG ActiveExWorker:1;
1078 ULONG ExWorkerCanWaitUser:1;
1079 ULONG MemoryMaker:1;
1080 ULONG KeyedEventInUse:1;
1081 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1082 ULONG RateApcState:2;
1083 #endif
1084 };
1085 ULONG SameThreadPassiveFlags;
1086 };
1087 union
1088 {
1089 struct
1090 {
1091 ULONG LpcReceivedMsgIdValid:1;
1092 ULONG LpcExitThreadCalled:1;
1093 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1094 ULONG Spare:1;
1095 #else
1096 ULONG AddressSpaceOwner:1;
1097 #endif
1098 ULONG OwnsProcessWorkingSetExclusive:1;
1099 ULONG OwnsProcessWorkingSetShared:1;
1100 ULONG OwnsSystemWorkingSetExclusive:1;
1101 ULONG OwnsSystemWorkingSetShared:1;
1102 ULONG OwnsSessionWorkingSetExclusive:1;
1103 ULONG OwnsSessionWorkingSetShared:1;
1104 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1105 ULONG SupressSymbolLoad:1;
1106 ULONG Spare1:3;
1107 ULONG PriorityRegionActive:4;
1108 #else
1109 ULONG ApcNeeded:1;
1110 #endif
1111 };
1112 ULONG SameThreadApcFlags;
1113 };
1114 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1115 UCHAR CacheManagerActive;
1116 #else
1117 UCHAR ForwardClusterOnly;
1118 #endif
1119 UCHAR DisablePageFaultClustering;
1120 UCHAR ActiveFaultCount;
1121 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1122 ULONG AlpcMessageId;
1123 union
1124 {
1125 PVOID AlpcMessage;
1126 ULONG AlpcReceiveAttributeSet;
1127 };
1128 LIST_ENTRY AlpcWaitListEntry;
1129 KSEMAPHORE AlpcWaitSemaphore;
1130 ULONG CacheManagerCount;
1131 #endif
1132 } ETHREAD;
1133
1134 //
1135 // Executive Process (EPROCESS)
1136 //
1137 typedef struct _EPROCESS
1138 {
1139 KPROCESS Pcb;
1140 EX_PUSH_LOCK ProcessLock;
1141 LARGE_INTEGER CreateTime;
1142 LARGE_INTEGER ExitTime;
1143 EX_RUNDOWN_REF RundownProtect;
1144 HANDLE UniqueProcessId;
1145 LIST_ENTRY ActiveProcessLinks;
1146 ULONG QuotaUsage[3];
1147 ULONG QuotaPeak[3];
1148 ULONG CommitCharge;
1149 ULONG PeakVirtualSize;
1150 ULONG VirtualSize;
1151 LIST_ENTRY SessionProcessLinks;
1152 PVOID DebugPort;
1153 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1154 union
1155 {
1156 PVOID ExceptionPortData;
1157 ULONG ExceptionPortValue;
1158 UCHAR ExceptionPortState:3;
1159 };
1160 #else
1161 PVOID ExceptionPort;
1162 #endif
1163 PHANDLE_TABLE ObjectTable;
1164 EX_FAST_REF Token;
1165 ULONG WorkingSetPage;
1166 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1167 EX_PUSH_LOCK AddressCreationLock;
1168 PETHREAD RotateInProgress;
1169 #else
1170 FAST_MUTEX AddressCreationLock; // FIXME: FAST_MUTEX for XP, KGUARDED_MUTEX for 2K3
1171 KSPIN_LOCK HyperSpaceLock;
1172 #endif
1173 PETHREAD ForkInProgress;
1174 ULONG HardwareTrigger;
1175 MM_AVL_TABLE PhysicalVadroot;
1176 PVOID CloneRoot;
1177 ULONG NumberOfPrivatePages;
1178 ULONG NumberOfLockedPages;
1179 PVOID *Win32Process;
1180 struct _EJOB *Job;
1181 PVOID SectionObject;
1182 PVOID SectionBaseAddress;
1183 PEPROCESS_QUOTA_BLOCK QuotaBlock;
1184 PPAGEFAULT_HISTORY WorkingSetWatch;
1185 PVOID Win32WindowStation;
1186 HANDLE InheritedFromUniqueProcessId;
1187 PVOID LdtInformation;
1188 PVOID VadFreeHint;
1189 PVOID VdmObjects;
1190 PVOID DeviceMap;
1191 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1192 ULONG AlpcPagedPoolQuotaCache;
1193 PVOID EtwDataSource;
1194 PVOID FreeTebHint;
1195 #else
1196 PVOID Spare0[3];
1197 #endif
1198 union
1199 {
1200 HARDWARE_PTE_X86 PagedirectoryPte;
1201 ULONGLONG Filler;
1202 };
1203 ULONG Session;
1204 CHAR ImageFileName[16];
1205 LIST_ENTRY JobLinks;
1206 PVOID LockedPagesList;
1207 LIST_ENTRY ThreadListHead;
1208 PVOID SecurityPort;
1209 PVOID PaeTop;
1210 ULONG ActiveThreads;
1211 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1212 ULONG ImagePathHash;
1213 #else
1214 ACCESS_MASK GrantedAccess;
1215 #endif
1216 ULONG DefaultHardErrorProcessing;
1217 NTSTATUS LastThreadExitStatus;
1218 struct _PEB* Peb;
1219 EX_FAST_REF PrefetchTrace;
1220 LARGE_INTEGER ReadOperationCount;
1221 LARGE_INTEGER WriteOperationCount;
1222 LARGE_INTEGER OtherOperationCount;
1223 LARGE_INTEGER ReadTransferCount;
1224 LARGE_INTEGER WriteTransferCount;
1225 LARGE_INTEGER OtherTransferCount;
1226 ULONG CommitChargeLimit;
1227 ULONG CommitChargePeak;
1228 PVOID AweInfo;
1229 SE_AUDIT_PROCESS_CREATION_INFO SeAuditProcessCreationInfo;
1230 MMSUPPORT Vm;
1231 LIST_ENTRY MmProcessLinks;
1232 ULONG ModifiedPageCount;
1233 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1234 union
1235 {
1236 struct
1237 {
1238 ULONG JobNotReallyActive:1;
1239 ULONG AccountingFolded:1;
1240 ULONG NewProcessReported:1;
1241 ULONG ExitProcessReported:1;
1242 ULONG ReportCommitChanges:1;
1243 ULONG LastReportMemory:1;
1244 ULONG ReportPhysicalPageChanges:1;
1245 ULONG HandleTableRundown:1;
1246 ULONG NeedsHandleRundown:1;
1247 ULONG RefTraceEnabled:1;
1248 ULONG NumaAware:1;
1249 ULONG ProtectedProcess:1;
1250 ULONG DefaultPagePriority:3;
1251 ULONG ProcessDeleteSelf:1;
1252 ULONG ProcessVerifierTarget:1;
1253 };
1254 ULONG Flags2;
1255 };
1256 #else
1257 ULONG JobStatus;
1258 #endif
1259 union
1260 {
1261 struct
1262 {
1263 ULONG CreateReported:1;
1264 ULONG NoDebugInherit:1;
1265 ULONG ProcessExiting:1;
1266 ULONG ProcessDelete:1;
1267 ULONG Wow64SplitPages:1;
1268 ULONG VmDeleted:1;
1269 ULONG OutswapEnabled:1;
1270 ULONG Outswapped:1;
1271 ULONG ForkFailed:1;
1272 ULONG Wow64VaSpace4Gb:1;
1273 ULONG AddressSpaceInitialized:2;
1274 ULONG SetTimerResolution:1;
1275 ULONG BreakOnTermination:1;
1276 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1277 ULONG DeprioritizeViews:1;
1278 #else
1279 ULONG SessionCreationUnderway:1;
1280 #endif
1281 ULONG WriteWatch:1;
1282 ULONG ProcessInSession:1;
1283 ULONG OverrideAddressSpace:1;
1284 ULONG HasAddressSpace:1;
1285 ULONG LaunchPrefetched:1;
1286 ULONG InjectInpageErrors:1;
1287 ULONG VmTopDown:1;
1288 ULONG ImageNotifyDone:1;
1289 ULONG PdeUpdateNeeded:1;
1290 ULONG VdmAllowed:1;
1291 ULONG SmapAllowed:1;
1292 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1293 ULONG ProcessInserted:1;
1294 #else
1295 ULONG CreateFailed:1;
1296 #endif
1297 ULONG DefaultIoPriority:3;
1298 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1299 ULONG SparePsFlags1:2;
1300 #else
1301 ULONG Spare1:1;
1302 ULONG Spare2:1;
1303 #endif
1304 };
1305 ULONG Flags;
1306 };
1307 NTSTATUS ExitStatus;
1308 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1309 USHORT Spare7;
1310 #else
1311 USHORT NextPageColor;
1312 #endif
1313 union
1314 {
1315 struct
1316 {
1317 UCHAR SubSystemMinorVersion;
1318 UCHAR SubSystemMajorVersion;
1319 };
1320 USHORT SubSystemVersion;
1321 };
1322 UCHAR PriorityClass;
1323 MM_AVL_TABLE VadRoot;
1324 ULONG Cookie;
1325 } EPROCESS;
1326 #include <poppack.h>
1327
1328 //
1329 // Job Token Filter Data
1330 //
1331 #include <pshpack1.h>
1332 typedef struct _PS_JOB_TOKEN_FILTER
1333 {
1334 ULONG CapturedSidCount;
1335 PSID_AND_ATTRIBUTES CapturedSids;
1336 ULONG CapturedSidsLength;
1337 ULONG CapturedGroupCount;
1338 PSID_AND_ATTRIBUTES CapturedGroups;
1339 ULONG CapturedGroupsLength;
1340 ULONG CapturedPrivilegeCount;
1341 PLUID_AND_ATTRIBUTES CapturedPrivileges;
1342 ULONG CapturedPrivilegesLength;
1343 } PS_JOB_TOKEN_FILTER, *PPS_JOB_TOKEN_FILTER;
1344
1345 //
1346 // Executive Job (EJOB)
1347 //
1348 typedef struct _EJOB
1349 {
1350 KEVENT Event;
1351 LIST_ENTRY JobLinks;
1352 LIST_ENTRY ProcessListHead;
1353 ERESOURCE JobLock;
1354 LARGE_INTEGER TotalUserTime;
1355 LARGE_INTEGER TotalKernelTime;
1356 LARGE_INTEGER ThisPeriodTotalUserTime;
1357 LARGE_INTEGER ThisPeriodTotalKernelTime;
1358 ULONG TotalPageFaultCount;
1359 ULONG TotalProcesses;
1360 ULONG ActiveProcesses;
1361 ULONG TotalTerminatedProcesses;
1362 LARGE_INTEGER PerProcessUserTimeLimit;
1363 LARGE_INTEGER PerJobUserTimeLimit;
1364 ULONG LimitFlags;
1365 ULONG MinimumWorkingSetSize;
1366 ULONG MaximumWorkingSetSize;
1367 ULONG ActiveProcessLimit;
1368 ULONG Affinity;
1369 UCHAR PriorityClass;
1370 ULONG UIRestrictionsClass;
1371 ULONG SecurityLimitFlags;
1372 PVOID Token;
1373 PPS_JOB_TOKEN_FILTER Filter;
1374 ULONG EndOfJobTimeAction;
1375 PVOID CompletionPort;
1376 PVOID CompletionKey;
1377 ULONG SessionId;
1378 ULONG SchedulingClass;
1379 ULONGLONG ReadOperationCount;
1380 ULONGLONG WriteOperationCount;
1381 ULONGLONG OtherOperationCount;
1382 ULONGLONG ReadTransferCount;
1383 ULONGLONG WriteTransferCount;
1384 ULONGLONG OtherTransferCount;
1385 IO_COUNTERS IoInfo;
1386 ULONG ProcessMemoryLimit;
1387 ULONG JobMemoryLimit;
1388 ULONG PeakProcessMemoryUsed;
1389 ULONG PeakJobMemoryUsed;
1390 ULONG CurrentJobMemoryUsed;
1391 #if (NTDDI_VERSION == NTDDI_WINXP)
1392 FAST_MUTEX MemoryLimitsLock;
1393 #elif (NTDDI_VERSION == NTDDI_WS03)
1394 KGUARDED_MUTEX MemoryLimitsLock;
1395 #elif (NTDDI_VERSION >= NTDDI_LONGHORN)
1396 EX_PUSH_LOCK MemoryLimitsLock;
1397 #endif
1398 LIST_ENTRY JobSetLinks;
1399 ULONG MemberLevel;
1400 ULONG JobFlags;
1401 } EJOB, *PEJOB;
1402 #include <poppack.h>
1403
1404 //
1405 // Win32K Callback Registration Data
1406 //
1407 typedef struct _WIN32_POWEREVENT_PARAMETERS
1408 {
1409 PSPOWEREVENTTYPE EventNumber;
1410 ULONG Code;
1411 } WIN32_POWEREVENT_PARAMETERS, *PWIN32_POWEREVENT_PARAMETERS;
1412
1413 typedef struct _WIN32_POWERSTATE_PARAMETERS
1414 {
1415 UCHAR Promotion;
1416 POWER_ACTION SystemAction;
1417 SYSTEM_POWER_STATE MinSystemState;
1418 ULONG Flags;
1419 POWERSTATETASK PowerStateTask;
1420 } WIN32_POWERSTATE_PARAMETERS, *PWIN32_POWERSTATE_PARAMETERS;
1421
1422 typedef struct _WIN32_JOBCALLOUT_PARAMETERS
1423 {
1424 PVOID Job;
1425 PSW32JOBCALLOUTTYPE CalloutType;
1426 PVOID Data;
1427 } WIN32_JOBCALLOUT_PARAMETERS, *PWIN32_JOBCALLOUT_PARAMETERS;
1428
1429 typedef struct _WIN32_OPENMETHOD_PARAMETERS
1430 {
1431 OB_OPEN_REASON OpenReason;
1432 PEPROCESS Process;
1433 PVOID Object;
1434 ULONG GrantedAccess;
1435 ULONG HandleCount;
1436 } WIN32_OPENMETHOD_PARAMETERS, *PWIN32_OPENMETHOD_PARAMETERS;
1437
1438 typedef struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS
1439 {
1440 PEPROCESS Process;
1441 PVOID Object;
1442 HANDLE Handle;
1443 KPROCESSOR_MODE PreviousMode;
1444 } WIN32_OKAYTOCLOSEMETHOD_PARAMETERS, *PWIN32_OKAYTOCLOSEMETHOD_PARAMETERS;
1445
1446 typedef struct _WIN32_CLOSEMETHOD_PARAMETERS
1447 {
1448 PEPROCESS Process;
1449 PVOID Object;
1450 ACCESS_MASK AccessMask;
1451 ULONG ProcessHandleCount;
1452 ULONG SystemHandleCount;
1453 } WIN32_CLOSEMETHOD_PARAMETERS, *PWIN32_CLOSEMETHOD_PARAMETERS;
1454
1455 typedef struct _WIN32_DELETEMETHOD_PARAMETERS
1456 {
1457 PVOID Object;
1458 } WIN32_DELETEMETHOD_PARAMETERS, *PWIN32_DELETEMETHOD_PARAMETERS;
1459
1460 typedef struct _WIN32_PARSEMETHOD_PARAMETERS
1461 {
1462 PVOID ParseObject;
1463 PVOID ObjectType;
1464 PACCESS_STATE AccessState;
1465 KPROCESSOR_MODE AccessMode;
1466 ULONG Attributes;
1467 OUT PUNICODE_STRING CompleteName;
1468 PUNICODE_STRING RemainingName;
1469 PVOID Context;
1470 PSECURITY_QUALITY_OF_SERVICE SecurityQos;
1471 PVOID *Object;
1472 } WIN32_PARSEMETHOD_PARAMETERS, *PWIN32_PARSEMETHOD_PARAMETERS;
1473
1474 typedef struct _WIN32_CALLOUTS_FPNS
1475 {
1476 PKWIN32_PROCESS_CALLOUT ProcessCallout;
1477 PKWIN32_THREAD_CALLOUT ThreadCallout;
1478 PKWIN32_GLOBALATOMTABLE_CALLOUT GlobalAtomTableCallout;
1479 PKWIN32_POWEREVENT_CALLOUT PowerEventCallout;
1480 PKWIN32_POWERSTATE_CALLOUT PowerStateCallout;
1481 PKWIN32_JOB_CALLOUT JobCallout;
1482 PGDI_BATCHFLUSH_ROUTINE BatchFlushRoutine;
1483 PKWIN32_OPENMETHOD_CALLOUT DesktopOpenProcedure;
1484 PKWIN32_OKTOCLOSEMETHOD_CALLOUT DesktopOkToCloseProcedure;
1485 PKWIN32_CLOSEMETHOD_CALLOUT DesktopCloseProcedure;
1486 PKWIN32_DELETEMETHOD_CALLOUT DesktopDeleteProcedure;
1487 PKWIN32_OKTOCLOSEMETHOD_CALLOUT WindowStationOkToCloseProcedure;
1488 PKWIN32_CLOSEMETHOD_CALLOUT WindowStationCloseProcedure;
1489 PKWIN32_DELETEMETHOD_CALLOUT WindowStationDeleteProcedure;
1490 PKWIN32_PARSEMETHOD_CALLOUT WindowStationParseProcedure;
1491 PKWIN32_OPENMETHOD_CALLOUT WindowStationOpenProcedure;
1492 PKWIN32_WIN32DATACOLLECTION_CALLOUT Win32DataCollectionProcedure;
1493 } WIN32_CALLOUTS_FPNS, *PWIN32_CALLOUTS_FPNS;
1494
1495 #endif // !NTOS_MODE_USER
1496
1497 #endif // _PSTYPES_H
A free Windows-compatible Operating System