1 /******************************************************************************
2 * Process Manager Functions *
3 ******************************************************************************/
10 _Inout_ PVOID
*ApcContext
,
11 _Inout_ PVOID
*ApcRoutine
);
15 * PsGetCurrentProcess(VOID)
17 #define PsGetCurrentProcess IoGetCurrentProcess
19 #if !defined(_PSGETCURRENTTHREAD_)
20 #define _PSGETCURRENTTHREAD_
21 _IRQL_requires_max_(DISPATCH_LEVEL
)
25 PsGetCurrentThread(VOID
)
27 return (PETHREAD
)KeGetCurrentThread();
29 #endif /* !_PSGETCURRENTTHREAD_ */
39 _Out_ PHANDLE ProcessHandle
,
40 _In_ ACCESS_MASK DesiredAccess
,
41 _In_ POBJECT_ATTRIBUTES ObjectAttributes
,
42 _In_opt_ PCLIENT_ID ClientId
);
48 NtQueryInformationProcess(
49 _In_ HANDLE ProcessHandle
,
50 _In_ PROCESSINFOCLASS ProcessInformationClass
,
51 _Out_ PVOID ProcessInformation
,
52 _In_ ULONG ProcessInformationLength
,
53 _Out_opt_ PULONG ReturnLength
);
58 _IRQL_requires_max_(APC_LEVEL
)
62 PsLookupProcessByProcessId(
63 _In_ HANDLE ProcessId
,
64 _Outptr_ PEPROCESS
*Process
);
67 _IRQL_requires_max_(APC_LEVEL
)
71 PsLookupThreadByThreadId(
72 _In_ HANDLE UniqueThreadId
,
73 _Outptr_ PETHREAD
*Thread
);
76 #if (NTDDI_VERSION >= NTDDI_WIN2K)
79 _IRQL_requires_max_(APC_LEVEL
)
80 _Post_satisfies_(return <= 0)
86 _Out_ PHANDLE ThreadHandle
,
87 _In_ ULONG DesiredAccess
,
88 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
,
89 _In_opt_ HANDLE ProcessHandle
,
90 _Out_opt_ PCLIENT_ID ClientId
,
91 _In_ PKSTART_ROUTINE StartRoutine
,
92 _In_opt_
_When_(return==0, __drv_aliasesMem
) PVOID StartContext
);
94 _IRQL_requires_max_(PASSIVE_LEVEL
)
98 PsTerminateSystemThread(
99 _In_ NTSTATUS ExitStatus
);
104 _IRQL_requires_max_(PASSIVE_LEVEL
)
108 PsSetCreateProcessNotifyRoutine(
109 _In_ PCREATE_PROCESS_NOTIFY_ROUTINE NotifyRoutine
,
110 _In_ BOOLEAN Remove
);
112 _IRQL_requires_max_(PASSIVE_LEVEL
)
116 PsSetCreateThreadNotifyRoutine(
117 _In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine
);
119 _IRQL_requires_max_(PASSIVE_LEVEL
)
123 PsSetLoadImageNotifyRoutine(
124 _In_ PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine
);
129 PsGetCurrentProcessId(VOID
);
131 _IRQL_requires_max_(DISPATCH_LEVEL
)
135 PsGetCurrentThreadId(VOID
);
141 OUT PULONG MajorVersion OPTIONAL
,
142 OUT PULONG MinorVersion OPTIONAL
,
143 OUT PULONG BuildNumber OPTIONAL
,
144 OUT PUNICODE_STRING CSDVersion OPTIONAL
);
148 _IRQL_requires_max_(APC_LEVEL
)
152 PsReferenceImpersonationToken(
153 _Inout_ PETHREAD Thread
,
154 _Out_ PBOOLEAN CopyOnOpen
,
155 _Out_ PBOOLEAN EffectiveOnly
,
156 _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
);
158 _IRQL_requires_max_(APC_LEVEL
)
162 PsGetProcessExitTime(VOID
);
164 _IRQL_requires_max_(DISPATCH_LEVEL
)
168 PsIsThreadTerminating(
169 _In_ PETHREAD Thread
);
171 _Must_inspect_result_
172 _IRQL_requires_max_(PASSIVE_LEVEL
)
177 _Inout_ PETHREAD Thread
,
178 _In_opt_ PACCESS_TOKEN Token
,
179 _In_ BOOLEAN CopyOnOpen
,
180 _In_ BOOLEAN EffectiveOnly
,
181 _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
);
183 _IRQL_requires_max_(PASSIVE_LEVEL
)
187 PsDisableImpersonation(
188 _Inout_ PETHREAD Thread
,
189 _Inout_ PSE_IMPERSONATION_STATE ImpersonationState
);
191 _IRQL_requires_max_(PASSIVE_LEVEL
)
195 PsRestoreImpersonation(
196 _Inout_ PETHREAD Thread
,
197 _In_ PSE_IMPERSONATION_STATE ImpersonationState
);
199 _IRQL_requires_max_(PASSIVE_LEVEL
)
203 PsRevertToSelf(VOID
);
205 _IRQL_requires_max_(APC_LEVEL
)
210 _In_ PEPROCESS Process
,
211 _In_ POOL_TYPE PoolType
,
212 _In_ ULONG_PTR Amount
);
214 _IRQL_requires_max_(APC_LEVEL
)
219 _In_ PEPROCESS Process
,
220 _In_ POOL_TYPE PoolType
,
221 _In_ ULONG_PTR Amount
);
223 _IRQL_requires_max_(PASSIVE_LEVEL
)
227 PsAssignImpersonationToken(
228 _In_ PETHREAD Thread
,
229 _In_opt_ HANDLE Token
);
231 _IRQL_requires_max_(PASSIVE_LEVEL
)
235 PsReferencePrimaryToken(
236 _Inout_ PEPROCESS Process
);
238 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
239 $
if (_NTDDK_
|| _NTIFS_
)
240 #if (NTDDI_VERSION >= NTDDI_WINXP)
241 $
endif (_NTDDK_
|| _NTIFS_
)
244 _IRQL_requires_max_(DISPATCH_LEVEL
)
249 _In_ PEPROCESS Process
);
251 _IRQL_requires_max_(DISPATCH_LEVEL
)
256 _In_ PETHREAD Thread
);
268 PsRemoveCreateThreadNotifyRoutine(
269 _In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine
);
271 _IRQL_requires_max_(PASSIVE_LEVEL
)
275 PsRemoveLoadImageNotifyRoutine(
276 _In_ PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine
);
278 _IRQL_requires_max_(DISPATCH_LEVEL
)
282 PsGetProcessCreateTimeQuadPart(
283 _In_ PEPROCESS Process
);
287 _IRQL_requires_max_(PASSIVE_LEVEL
)
291 PsDereferencePrimaryToken(
292 _In_ PACCESS_TOKEN PrimaryToken
);
294 _IRQL_requires_max_(PASSIVE_LEVEL
)
298 PsDereferenceImpersonationToken(
299 _In_ PACCESS_TOKEN ImpersonationToken
);
301 _Must_inspect_result_
302 _IRQL_requires_max_(APC_LEVEL
)
306 PsChargeProcessPoolQuota(
307 _In_ PEPROCESS Process
,
308 _In_ POOL_TYPE PoolType
,
309 _In_ ULONG_PTR Amount
);
315 _In_ PETHREAD Thread
);
317 $
if (_NTDDK_
|| _NTIFS_
)
318 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
319 $
endif (_NTDDK_
|| _NTIFS_
)
322 #if (NTDDI_VERSION >= NTDDI_WS03)
326 PsGetThreadProcessId(
328 #endif /* (NTDDI_VERSION >= NTDDI_WS03) */
330 #if (NTDDI_VERSION >= NTDDI_VISTA)
335 PsSetCurrentThreadPrefetching(
336 IN BOOLEAN Prefetching
);
341 PsIsCurrentThreadPrefetching(VOID
);
343 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
345 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
349 PsSetCreateProcessNotifyRoutineEx(
350 IN PCREATE_PROCESS_NOTIFY_ROUTINE_EX NotifyRoutine
,
352 #endif /* (NTDDI_VERSION >= NTDDI_VISTASP1) */