1 /******************************************************************************
2 * Process Manager Types *
3 ******************************************************************************/
6 #define QUOTA_LIMITS_HARDWS_MIN_ENABLE 0x00000001
7 #define QUOTA_LIMITS_HARDWS_MIN_DISABLE 0x00000002
8 #define QUOTA_LIMITS_HARDWS_MAX_ENABLE 0x00000004
9 #define QUOTA_LIMITS_HARDWS_MAX_DISABLE 0x00000008
10 #define QUOTA_LIMITS_USE_DEFAULT_LIMITS 0x00000010
12 /* Thread Access Rights */
13 #define THREAD_TERMINATE 0x0001
14 #define THREAD_SUSPEND_RESUME 0x0002
15 #define THREAD_ALERT 0x0004
16 #define THREAD_GET_CONTEXT 0x0008
17 #define THREAD_SET_CONTEXT 0x0010
18 #define THREAD_SET_INFORMATION 0x0020
19 #define THREAD_SET_LIMITED_INFORMATION 0x0400
20 #define THREAD_QUERY_LIMITED_INFORMATION 0x0800
22 #define PROCESS_DUP_HANDLE (0x0040)
24 #if (NTDDI_VERSION >= NTDDI_VISTA)
25 #define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0xFFFF)
27 #define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0xFFF)
30 #if (NTDDI_VERSION >= NTDDI_VISTA)
31 #define THREAD_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0xFFFF)
33 #define THREAD_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x3FF)
36 #define LOW_PRIORITY 0
37 #define LOW_REALTIME_PRIORITY 16
38 #define HIGH_PRIORITY 31
39 #define MAXIMUM_PRIORITY 32
44 #define QUOTA_LIMITS_HARDWS_MIN_ENABLE 0x00000001
45 #define QUOTA_LIMITS_HARDWS_MIN_DISABLE 0x00000002
46 #define QUOTA_LIMITS_HARDWS_MAX_ENABLE 0x00000004
47 #define QUOTA_LIMITS_HARDWS_MAX_DISABLE 0x00000008
48 #define QUOTA_LIMITS_USE_DEFAULT_LIMITS 0x00000010
50 typedef struct _QUOTA_LIMITS
{
51 SIZE_T PagedPoolLimit
;
52 SIZE_T NonPagedPoolLimit
;
53 SIZE_T MinimumWorkingSetSize
;
54 SIZE_T MaximumWorkingSetSize
;
56 LARGE_INTEGER TimeLimit
;
57 } QUOTA_LIMITS
, *PQUOTA_LIMITS
;
59 typedef union _RATE_QUOTA_LIMIT
{
61 _ANONYMOUS_STRUCT
struct {
65 } RATE_QUOTA_LIMIT
, *PRATE_QUOTA_LIMIT
;
67 typedef struct _QUOTA_LIMITS_EX
{
68 SIZE_T PagedPoolLimit
;
69 SIZE_T NonPagedPoolLimit
;
70 SIZE_T MinimumWorkingSetSize
;
71 SIZE_T MaximumWorkingSetSize
;
73 LARGE_INTEGER TimeLimit
;
74 SIZE_T WorkingSetLimit
;
79 RATE_QUOTA_LIMIT CpuRateLimit
;
80 } QUOTA_LIMITS_EX
, *PQUOTA_LIMITS_EX
;
82 typedef struct _IO_COUNTERS
{
83 ULONGLONG ReadOperationCount
;
84 ULONGLONG WriteOperationCount
;
85 ULONGLONG OtherOperationCount
;
86 ULONGLONG ReadTransferCount
;
87 ULONGLONG WriteTransferCount
;
88 ULONGLONG OtherTransferCount
;
89 } IO_COUNTERS
, *PIO_COUNTERS
;
91 typedef struct _VM_COUNTERS
{
92 SIZE_T PeakVirtualSize
;
95 SIZE_T PeakWorkingSetSize
;
96 SIZE_T WorkingSetSize
;
97 SIZE_T QuotaPeakPagedPoolUsage
;
98 SIZE_T QuotaPagedPoolUsage
;
99 SIZE_T QuotaPeakNonPagedPoolUsage
;
100 SIZE_T QuotaNonPagedPoolUsage
;
101 SIZE_T PagefileUsage
;
102 SIZE_T PeakPagefileUsage
;
103 } VM_COUNTERS
, *PVM_COUNTERS
;
105 typedef struct _VM_COUNTERS_EX
{
106 SIZE_T PeakVirtualSize
;
108 ULONG PageFaultCount
;
109 SIZE_T PeakWorkingSetSize
;
110 SIZE_T WorkingSetSize
;
111 SIZE_T QuotaPeakPagedPoolUsage
;
112 SIZE_T QuotaPagedPoolUsage
;
113 SIZE_T QuotaPeakNonPagedPoolUsage
;
114 SIZE_T QuotaNonPagedPoolUsage
;
115 SIZE_T PagefileUsage
;
116 SIZE_T PeakPagefileUsage
;
118 } VM_COUNTERS_EX
, *PVM_COUNTERS_EX
;
120 #define MAX_HW_COUNTERS 16
121 #define THREAD_PROFILING_FLAG_DISPATCH 0x00000001
123 typedef enum _HARDWARE_COUNTER_TYPE
{
125 MaxHardwareCounterType
126 } HARDWARE_COUNTER_TYPE
, *PHARDWARE_COUNTER_TYPE
;
128 typedef struct _HARDWARE_COUNTER
{
129 HARDWARE_COUNTER_TYPE Type
;
132 } HARDWARE_COUNTER
, *PHARDWARE_COUNTER
;
134 typedef struct _POOLED_USAGE_AND_LIMITS
{
135 SIZE_T PeakPagedPoolUsage
;
136 SIZE_T PagedPoolUsage
;
137 SIZE_T PagedPoolLimit
;
138 SIZE_T PeakNonPagedPoolUsage
;
139 SIZE_T NonPagedPoolUsage
;
140 SIZE_T NonPagedPoolLimit
;
141 SIZE_T PeakPagefileUsage
;
142 SIZE_T PagefileUsage
;
143 SIZE_T PagefileLimit
;
144 } POOLED_USAGE_AND_LIMITS
, *PPOOLED_USAGE_AND_LIMITS
;
146 typedef struct _PROCESS_ACCESS_TOKEN
{
149 } PROCESS_ACCESS_TOKEN
, *PPROCESS_ACCESS_TOKEN
;
151 #define PROCESS_EXCEPTION_PORT_ALL_STATE_BITS 0x00000003UL
152 #define PROCESS_EXCEPTION_PORT_ALL_STATE_FLAGS ((ULONG_PTR)((1UL << PROCESS_EXCEPTION_PORT_ALL_STATE_BITS) - 1))
154 typedef struct _PROCESS_EXCEPTION_PORT
{
155 _In_ HANDLE ExceptionPortHandle
;
156 _Inout_ ULONG StateFlags
;
157 } PROCESS_EXCEPTION_PORT
, *PPROCESS_EXCEPTION_PORT
;
160 (NTAPI
*PCREATE_PROCESS_NOTIFY_ROUTINE
)(
161 _In_ HANDLE ParentId
,
162 _In_ HANDLE ProcessId
,
163 _In_ BOOLEAN Create
);
165 typedef struct _PS_CREATE_NOTIFY_INFO
{
167 _ANONYMOUS_UNION
union {
169 _ANONYMOUS_STRUCT
struct {
170 _In_ ULONG FileOpenNameAvailable
:1;
171 _In_ ULONG Reserved
:31;
174 _In_ HANDLE ParentProcessId
;
175 _In_ CLIENT_ID CreatingThreadId
;
176 _Inout_
struct _FILE_OBJECT
*FileObject
;
177 _In_ PCUNICODE_STRING ImageFileName
;
178 _In_opt_ PCUNICODE_STRING CommandLine
;
179 _Inout_ NTSTATUS CreationStatus
;
180 } PS_CREATE_NOTIFY_INFO
, *PPS_CREATE_NOTIFY_INFO
;
183 (NTAPI
*PCREATE_PROCESS_NOTIFY_ROUTINE_EX
)(
184 _Inout_ PEPROCESS Process
,
185 _In_ HANDLE ProcessId
,
186 _Inout_opt_ PPS_CREATE_NOTIFY_INFO CreateInfo
);
189 (NTAPI
*PCREATE_THREAD_NOTIFY_ROUTINE
)(
190 _In_ HANDLE ProcessId
,
191 _In_ HANDLE ThreadId
,
192 _In_ BOOLEAN Create
);
194 #define IMAGE_ADDRESSING_MODE_32BIT 3
196 typedef struct _IMAGE_INFO
{
197 _ANONYMOUS_UNION
union {
199 _ANONYMOUS_STRUCT
struct {
200 ULONG ImageAddressingMode
:8;
201 ULONG SystemModeImage
:1;
202 ULONG ImageMappedToAllPids
:1;
203 ULONG ExtendedInfoPresent
:1;
210 ULONG ImageSectionNumber
;
211 } IMAGE_INFO
, *PIMAGE_INFO
;
213 typedef struct _IMAGE_INFO_EX
{
215 IMAGE_INFO ImageInfo
;
216 struct _FILE_OBJECT
*FileObject
;
217 } IMAGE_INFO_EX
, *PIMAGE_INFO_EX
;
220 (NTAPI
*PLOAD_IMAGE_NOTIFY_ROUTINE
)(
221 _In_ PUNICODE_STRING FullImageName
,
222 _In_ HANDLE ProcessId
,
223 _In_ PIMAGE_INFO ImageInfo
);
225 #define THREAD_CSWITCH_PMU_DISABLE FALSE
226 #define THREAD_CSWITCH_PMU_ENABLE TRUE
228 #define PROCESS_LUID_DOSDEVICES_ONLY 0x00000001
230 #define PROCESS_HANDLE_TRACING_MAX_STACKS 16
232 typedef enum _PROCESSINFOCLASS
{
233 ProcessBasicInformation
,
239 ProcessRaisePriority
,
241 ProcessExceptionPort
,
243 ProcessLdtInformation
,
245 ProcessDefaultHardErrorMode
,
246 ProcessIoPortHandlers
,
247 ProcessPooledUsageAndLimits
,
248 ProcessWorkingSetWatch
,
250 ProcessEnableAlignmentFaultFixup
,
251 ProcessPriorityClass
,
252 ProcessWx86Information
,
255 ProcessPriorityBoost
,
257 ProcessSessionInformation
,
258 ProcessForegroundInformation
,
259 ProcessWow64Information
,
260 ProcessImageFileName
,
261 ProcessLUIDDeviceMapsEnabled
,
262 ProcessBreakOnTermination
,
263 ProcessDebugObjectHandle
,
265 ProcessHandleTracing
,
268 ProcessTlsInformation
,
270 ProcessImageInformation
,
273 ProcessInstrumentationCallback
,
274 ProcessThreadStackAllocation
,
275 ProcessWorkingSetWatchEx
,
276 ProcessImageFileNameWin32
,
277 ProcessImageFileMapping
,
278 ProcessAffinityUpdateMode
,
279 ProcessMemoryAllocationMode
,
280 ProcessGroupInformation
,
281 ProcessTokenVirtualizationEnabled
,
282 ProcessConsoleHostProcess
,
283 ProcessWindowInformation
,
287 typedef enum _THREADINFOCLASS
{
288 ThreadBasicInformation
,
293 ThreadImpersonationToken
,
294 ThreadDescriptorTableEntry
,
295 ThreadEnableAlignmentFaultFixup
,
296 ThreadEventPair_Reusable
,
297 ThreadQuerySetWin32StartAddress
,
299 ThreadPerformanceCount
,
301 ThreadIdealProcessor
,
303 ThreadSetTlsArrayAddress
,
305 ThreadHideFromDebugger
,
306 ThreadBreakOnTermination
,
307 ThreadSwitchLegacyState
,
309 ThreadLastSystemCall
,
313 ThreadActualBasePriority
,
314 ThreadTebInformation
,
318 ThreadGroupInformation
,
319 ThreadUmsInformation
,
320 ThreadCounterProfiling
,
321 ThreadIdealProcessorEx
,
325 typedef struct _PAGE_PRIORITY_INFORMATION
{
327 } PAGE_PRIORITY_INFORMATION
, *PPAGE_PRIORITY_INFORMATION
;
329 typedef struct _PROCESS_WS_WATCH_INFORMATION
{
332 } PROCESS_WS_WATCH_INFORMATION
, *PPROCESS_WS_WATCH_INFORMATION
;
334 typedef struct _PROCESS_BASIC_INFORMATION
{
336 struct _PEB
*PebBaseAddress
;
337 ULONG_PTR AffinityMask
;
338 KPRIORITY BasePriority
;
339 ULONG_PTR UniqueProcessId
;
340 ULONG_PTR InheritedFromUniqueProcessId
;
341 } PROCESS_BASIC_INFORMATION
,*PPROCESS_BASIC_INFORMATION
;
343 typedef struct _PROCESS_EXTENDED_BASIC_INFORMATION
{
345 PROCESS_BASIC_INFORMATION BasicInfo
;
346 _ANONYMOUS_UNION
union {
348 _ANONYMOUS_STRUCT
struct {
349 ULONG IsProtectedProcess
:1;
350 ULONG IsWow64Process
:1;
351 ULONG IsProcessDeleting
:1;
352 ULONG IsCrossSessionCreate
:1;
356 } PROCESS_EXTENDED_BASIC_INFORMATION
, *PPROCESS_EXTENDED_BASIC_INFORMATION
;
358 typedef struct _PROCESS_DEVICEMAP_INFORMATION
{
359 _ANONYMOUS_UNION
union {
361 HANDLE DirectoryHandle
;
368 } PROCESS_DEVICEMAP_INFORMATION
, *PPROCESS_DEVICEMAP_INFORMATION
;
370 typedef struct _PROCESS_DEVICEMAP_INFORMATION_EX
{
371 _ANONYMOUS_UNION
union {
373 HANDLE DirectoryHandle
;
381 } PROCESS_DEVICEMAP_INFORMATION_EX
, *PPROCESS_DEVICEMAP_INFORMATION_EX
;
383 typedef struct _PROCESS_SESSION_INFORMATION
{
385 } PROCESS_SESSION_INFORMATION
, *PPROCESS_SESSION_INFORMATION
;
387 typedef struct _PROCESS_HANDLE_TRACING_ENABLE
{
389 } PROCESS_HANDLE_TRACING_ENABLE
, *PPROCESS_HANDLE_TRACING_ENABLE
;
391 typedef struct _PROCESS_HANDLE_TRACING_ENABLE_EX
{
394 } PROCESS_HANDLE_TRACING_ENABLE_EX
, *PPROCESS_HANDLE_TRACING_ENABLE_EX
;
396 typedef struct _PROCESS_HANDLE_TRACING_ENTRY
{
400 PVOID Stacks
[PROCESS_HANDLE_TRACING_MAX_STACKS
];
401 } PROCESS_HANDLE_TRACING_ENTRY
, *PPROCESS_HANDLE_TRACING_ENTRY
;
403 typedef struct _PROCESS_HANDLE_TRACING_QUERY
{
406 PROCESS_HANDLE_TRACING_ENTRY HandleTrace
[1];
407 } PROCESS_HANDLE_TRACING_QUERY
, *PPROCESS_HANDLE_TRACING_QUERY
;
409 extern NTKERNELAPI PEPROCESS PsInitialSystemProcess
;