-/*
- * PROJECT: ReactOS Native Headers
- * FILE: include/ndk/pstypes.h
- * PURPOSE: Defintions for Process Manager Types not documented in DDK/IFS.
- * PROGRAMMER: Alex Ionescu (alex@relsoft.net)
- * UPDATE HISTORY:
- * Created 06/10/04
- */
-#ifndef _PSTYPES_H
-#define _PSTYPES_H
+/*++ NDK Version: 0098
-/* DEPENDENCIES **************************************************************/
-#include "ldrtypes.h"
-#include "mmtypes.h"
-#include "obtypes.h"
-#include "extypes.h"
-#ifndef NTOS_MODE_USER
-#include "setypes.h"
-#endif
+Copyright (c) Alex Ionescu. All rights reserved.
-/* EXPORTED DATA *************************************************************/
+Header Name:
-#ifndef NTOS_MODE_USER
-extern NTOSAPI struct _EPROCESS* PsInitialSystemProcess;
-extern NTOSAPI POBJECT_TYPE PsProcessType;
-extern NTOSAPI POBJECT_TYPE PsThreadType;
-#endif
+ pstypes.h
+
+Abstract:
+
+ Type definitions for the Process Manager
-/* CONSTANTS *****************************************************************/
+Author:
-/* These are not exposed to drivers normally */
+ Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
+
+--*/
+
+#ifndef _PSTYPES_H
+#define _PSTYPES_H
+
+//
+// Dependencies
+//
+#include <umtypes.h>
+#include <ldrtypes.h>
+#include <mmtypes.h>
+#include <obtypes.h>
#ifndef NTOS_MODE_USER
- #define JOB_OBJECT_ASSIGN_PROCESS 1
- #define JOB_OBJECT_SET_ATTRIBUTES 2
- #define JOB_OBJECT_QUERY 4
- #define JOB_OBJECT_TERMINATE 8
- #define JOB_OBJECT_SET_SECURITY_ATTRIBUTES 16
- #define JOB_OBJECT_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SYNCHRONIZE|31)
+#include <extypes.h>
+#include <setypes.h>
#endif
-#define USER_SHARED_DATA (0x7FFE0000)
+//
+// KUSER_SHARED_DATA location in User Mode
+//
+#define USER_SHARED_DATA (0x7FFE0000)
-#ifdef NTOS_MODE_USER
-/* Macros for current Process/Thread built-in 'special' ID */
-#define NtCurrentProcess() ((HANDLE)(LONG_PTR)-1)
-#define ZwCurrentProcess() NtCurrentProcess()
-#define NtCurrentThread() ((HANDLE)(LONG_PTR)-2)
-#define ZwCurrentThread() NtCurrentThread()
-#endif
+//
+// Global Flags
+//
+#define FLG_STOP_ON_EXCEPTION 0x00000001
+#define FLG_SHOW_LDR_SNAPS 0x00000002
+#define FLG_DEBUG_INITIAL_COMMAND 0x00000004
+#define FLG_STOP_ON_HUNG_GUI 0x00000008
+#define FLG_HEAP_ENABLE_TAIL_CHECK 0x00000010
+#define FLG_HEAP_ENABLE_FREE_CHECK 0x00000020
+#define FLG_HEAP_VALIDATE_PARAMETERS 0x00000040
+#define FLG_HEAP_VALIDATE_ALL 0x00000080
+#define FLG_POOL_ENABLE_TAIL_CHECK 0x00000100
+#define FLG_POOL_ENABLE_FREE_CHECK 0x00000200
+#define FLG_POOL_ENABLE_TAGGING 0x00000400
+#define FLG_HEAP_ENABLE_TAGGING 0x00000800
+#define FLG_USER_STACK_TRACE_DB 0x00001000
+#define FLG_KERNEL_STACK_TRACE_DB 0x00002000
+#define FLG_MAINTAIN_OBJECT_TYPELIST 0x00004000
+#define FLG_HEAP_ENABLE_TAG_BY_DLL 0x00008000
+#define FLG_IGNORE_DEBUG_PRIV 0x00010000
+#define FLG_ENABLE_CSRDEBUG 0x00020000
+#define FLG_ENABLE_KDEBUG_SYMBOL_LOAD 0x00040000
+#define FLG_DISABLE_PAGE_KERNEL_STACKS 0x00080000
+#define FLG_HEAP_ENABLE_CALL_TRACING 0x00100000
+#define FLG_HEAP_DISABLE_COALESCING 0x00200000
+#define FLG_ENABLE_CLOSE_EXCEPTIONS 0x00400000
+#define FLG_ENABLE_EXCEPTION_LOGGING 0x00800000
+#define FLG_ENABLE_HANDLE_TYPE_TAGGING 0x01000000
+#define FLG_HEAP_PAGE_ALLOCS 0x02000000
+#define FLG_DEBUG_INITIAL_COMMAND_EX 0x04000000
+#define FLG_VALID_BITS 0x07FFFFFF
-/* Process priority classes */
+//
+// Process priority classes
+//
#define PROCESS_PRIORITY_CLASS_INVALID 0
#define PROCESS_PRIORITY_CLASS_IDLE 1
#define PROCESS_PRIORITY_CLASS_NORMAL 2
#define PROCESS_PRIORITY_CLASS_BELOW_NORMAL 5
#define PROCESS_PRIORITY_CLASS_ABOVE_NORMAL 6
-/* Global Flags */
-#define FLG_STOP_ON_EXCEPTION 0x00000001
-#define FLG_SHOW_LDR_SNAPS 0x00000002
-#define FLG_DEBUG_INITIAL_COMMAND 0x00000004
-#define FLG_STOP_ON_HUNG_GUI 0x00000008
-#define FLG_HEAP_ENABLE_TAIL_CHECK 0x00000010
-#define FLG_HEAP_ENABLE_FREE_CHECK 0x00000020
-#define FLG_HEAP_VALIDATE_PARAMETERS 0x00000040
-#define FLG_HEAP_VALIDATE_ALL 0x00000080
-#define FLG_POOL_ENABLE_TAIL_CHECK 0x00000100
-#define FLG_POOL_ENABLE_FREE_CHECK 0x00000200
-#define FLG_POOL_ENABLE_TAGGING 0x00000400
-#define FLG_HEAP_ENABLE_TAGGING 0x00000800
-#define FLG_USER_STACK_TRACE_DB 0x00001000
-#define FLG_KERNEL_STACK_TRACE_DB 0x00002000
-#define FLG_MAINTAIN_OBJECT_TYPELIST 0x00004000
-#define FLG_HEAP_ENABLE_TAG_BY_DLL 0x00008000
-#define FLG_IGNORE_DEBUG_PRIV 0x00010000
-#define FLG_ENABLE_CSRDEBUG 0x00020000
-#define FLG_ENABLE_KDEBUG_SYMBOL_LOAD 0x00040000
-#define FLG_DISABLE_PAGE_KERNEL_STACKS 0x00080000
-#define FLG_HEAP_ENABLE_CALL_TRACING 0x00100000
-#define FLG_HEAP_DISABLE_COALESCING 0x00200000
-#define FLG_ENABLE_CLOSE_EXCEPTIONS 0x00400000
-#define FLG_ENABLE_EXCEPTION_LOGGING 0x00800000
-#define FLG_ENABLE_HANDLE_TYPE_TAGGING 0x01000000
-#define FLG_HEAP_PAGE_ALLOCS 0x02000000
-#define FLG_DEBUG_INITIAL_COMMAND_EX 0x04000000
-
-/* ENUMERATIONS **************************************************************/
+//
+// NtCreateProcessEx flags
+//
+#define PS_REQUEST_BREAKAWAY 1
+#define PS_NO_DEBUG_INHERIT 2
+#define PS_INHERIT_HANDLES 4
+#define PS_LARGE_PAGES 8
+#define PS_ALL_FLAGS (PS_REQUEST_BREAKAWAY | \
+ PS_NO_DEBUG_INHERIT | \
+ PS_INHERIT_HANDLES | \
+ PS_LARGE_PAGES)
+
+//
+// Process base priorities
+//
+#define PROCESS_PRIORITY_IDLE 3
+#define PROCESS_PRIORITY_NORMAL 8
+#define PROCESS_PRIORITY_NORMAL_FOREGROUND 9
+
+//
+// Process memory priorities
+//
+#define MEMORY_PRIORITY_BACKGROUND 0
+#define MEMORY_PRIORITY_UNKNOWN 1
+#define MEMORY_PRIORITY_FOREGROUND 2
+
+//
+// Process Priority Separation Values (OR)
+//
+#define PSP_VARIABLE_QUANTUMS 4
+#define PSP_LONG_QUANTUMS 16
+
+#ifndef NTOS_MODE_USER
+
+//
+// Thread Access Types
+//
+#define THREAD_QUERY_INFORMATION 0x0040
+#define THREAD_SET_THREAD_TOKEN 0x0080
+#define THREAD_IMPERSONATE 0x0100
+#define THREAD_DIRECT_IMPERSONATION 0x0200
+
+//
+// Process Access Types
+//
+#define PROCESS_TERMINATE 0x0001
+#define PROCESS_CREATE_THREAD 0x0002
+#define PROCESS_SET_SESSIONID 0x0004
+#define PROCESS_VM_OPERATION 0x0008
+#define PROCESS_VM_READ 0x0010
+#define PROCESS_VM_WRITE 0x0020
+#define PROCESS_CREATE_PROCESS 0x0080
+#define PROCESS_SET_QUOTA 0x0100
+#define PROCESS_SET_INFORMATION 0x0200
+#define PROCESS_QUERY_INFORMATION 0x0400
+#define PROCESS_SUSPEND_RESUME 0x0800
+#define PROCESS_QUERY_LIMITED_INFORMATION 0x1000
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+#define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
+ SYNCHRONIZE | \
+ 0xFFFF)
+#else
+#define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
+ SYNCHRONIZE | \
+ 0xFFF)
+
+//
+// Thread Base Priorities
+//
+#define THREAD_BASE_PRIORITY_LOWRT 15
+#define THREAD_BASE_PRIORITY_MAX 2
+#define THREAD_BASE_PRIORITY_MIN -2
+#define THREAD_BASE_PRIORITY_IDLE -15
+
+//
+// TLS Slots
+//
+#define TLS_MINIMUM_AVAILABLE 64
+#endif
+
+//
+// Job Access Types
+//
+#define JOB_OBJECT_ASSIGN_PROCESS 0x1
+#define JOB_OBJECT_SET_ATTRIBUTES 0x2
+#define JOB_OBJECT_QUERY 0x4
+#define JOB_OBJECT_TERMINATE 0x8
+#define JOB_OBJECT_SET_SECURITY_ATTRIBUTES 0x10
+#define JOB_OBJECT_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
+ SYNCHRONIZE | \
+ 31)
+
+//
+// Job Limit Flags
+//
+#define JOB_OBJECT_LIMIT_WORKINGSET 0x1
+#define JOB_OBJECT_LIMIT_PROCESS_TIME 0x2
+#define JOB_OBJECT_LIMIT_JOB_TIME 0x4
+#define JOB_OBJECT_LIMIT_ACTIVE_PROCESS 0x8
+#define JOB_OBJECT_LIMIT_AFFINITY 0x10
+#define JOB_OBJECT_LIMIT_PRIORITY_CLASS 0x20
+#define JOB_OBJECT_LIMIT_PRESERVE_JOB_TIME 0x40
+#define JOB_OBJECT_LIMIT_SCHEDULING_CLASS 0x80
+#define JOB_OBJECT_LIMIT_PROCESS_MEMORY 0x100
+#define JOB_OBJECT_LIMIT_JOB_MEMORY 0x200
+#define JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION 0x400
+#define JOB_OBJECT_LIMIT_BREAKAWAY_OK 0x800
+#define JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK 0x1000
+#define JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE 0x2000
+
+
+//
+// Cross Thread Flags
+//
+#define CT_TERMINATED_BIT 0x1
+#define CT_DEAD_THREAD_BIT 0x2
+#define CT_HIDE_FROM_DEBUGGER_BIT 0x4
+#define CT_ACTIVE_IMPERSONATION_INFO_BIT 0x8
+#define CT_SYSTEM_THREAD_BIT 0x10
+#define CT_HARD_ERRORS_ARE_DISABLED_BIT 0x20
+#define CT_BREAK_ON_TERMINATION_BIT 0x40
+#define CT_SKIP_CREATION_MSG_BIT 0x80
+#define CT_SKIP_TERMINATION_MSG_BIT 0x100
+
+//
+// Same Thread Passive Flags
+//
+#define STP_ACTIVE_EX_WORKER_BIT 0x1
+#define STP_EX_WORKER_CAN_WAIT_USER_BIT 0x2
+#define STP_MEMORY_MAKER_BIT 0x4
+#define STP_KEYED_EVENT_IN_USE_BIT 0x8
+
+//
+// Same Thread APC Flags
+//
+#define STA_LPC_RECEIVED_MSG_ID_VALID_BIT 0x1
+#define STA_LPC_EXIT_THREAD_CALLED_BIT 0x2
+#define STA_ADDRESS_SPACE_OWNER_BIT 0x4
+#define STA_OWNS_WORKING_SET_BITS 0x1F8
+#endif
+
+#define TLS_EXPANSION_SLOTS 1024
+//
+// Process Flags
+//
+#define PSF_CREATE_REPORTED_BIT 0x1
+#define PSF_NO_DEBUG_INHERIT_BIT 0x2
+#define PSF_PROCESS_EXITING_BIT 0x4
+#define PSF_PROCESS_DELETE_BIT 0x8
+#define PSF_WOW64_SPLIT_PAGES_BIT 0x10
+#define PSF_VM_DELETED_BIT 0x20
+#define PSF_OUTSWAP_ENABLED_BIT 0x40
+#define PSF_OUTSWAPPED_BIT 0x80
+#define PSF_FORK_FAILED_BIT 0x100
+#define PSF_WOW64_VA_SPACE_4GB_BIT 0x200
+#define PSF_ADDRESS_SPACE_INITIALIZED_BIT 0x400
+#define PSF_SET_TIMER_RESOLUTION_BIT 0x1000
+#define PSF_BREAK_ON_TERMINATION_BIT 0x2000
+#define PSF_SESSION_CREATION_UNDERWAY_BIT 0x4000
+#define PSF_WRITE_WATCH_BIT 0x8000
+#define PSF_PROCESS_IN_SESSION_BIT 0x10000
+#define PSF_OVERRIDE_ADDRESS_SPACE_BIT 0x20000
+#define PSF_HAS_ADDRESS_SPACE_BIT 0x40000
+#define PSF_LAUNCH_PREFETCHED_BIT 0x80000
+#define PSF_INJECT_INPAGE_ERRORS_BIT 0x100000
+#define PSF_VM_TOP_DOWN_BIT 0x200000
+#define PSF_IMAGE_NOTIFY_DONE_BIT 0x400000
+#define PSF_PDE_UPDATE_NEEDED_BIT 0x800000
+#define PSF_VDM_ALLOWED_BIT 0x1000000
+#define PSF_SWAP_ALLOWED_BIT 0x2000000
+#define PSF_CREATE_FAILED_BIT 0x4000000
+#define PSF_DEFAULT_IO_PRIORITY_BIT 0x8000000
+
+//
+// Vista Process Flags
+//
+#define PSF2_PROTECTED_BIT 0x800
#ifdef NTOS_MODE_USER
+//
+// Current Process/Thread built-in 'special' handles
+//
+#define NtCurrentProcess() ((HANDLE)(LONG_PTR)-1)
+#define ZwCurrentProcess() NtCurrentProcess()
+#define NtCurrentThread() ((HANDLE)(LONG_PTR)-2)
+#define ZwCurrentThread() NtCurrentThread()
+
+//
+// Process/Thread/Job Information Classes for NtQueryInformationProcess/Thread/Job
+//
typedef enum _PROCESSINFOCLASS
{
ProcessBasicInformation,
ProcessDebugObjectHandle,
ProcessDebugFlags,
ProcessHandleTracing,
+ ProcessIoPriority,
+ ProcessExecuteFlags,
+ ProcessTlsInformation,
+ ProcessCookie,
+ ProcessImageInformation,
+ ProcessCycleTime,
+ ProcessPagePriority,
+ ProcessInstrumentationCallback,
+ ProcessThreadStackAllocation,
+ ProcessWorkingSetWatchEx,
+ ProcessImageFileNameWin32,
+ ProcessImageFileMapping,
+ ProcessAffinityUpdateMode,
+ ProcessMemoryAllocationMode,
MaxProcessInfoClass
} PROCESSINFOCLASS;
ThreadIsIoPending,
ThreadHideFromDebugger,
ThreadBreakOnTermination,
+ ThreadSwitchLegacyState,
+ ThreadIsTerminated,
+ ThreadLastSystemCall,
+ ThreadIoPriority,
+ ThreadCycleTime,
+ ThreadPagePriority,
+ ThreadActualBasePriority,
+ ThreadTebInformation,
+ ThreadCSwitchMon,
MaxThreadInfoClass
} THREADINFOCLASS;
-#endif
-/* FUNCTION TYPES ************************************************************/
-typedef VOID (NTAPI *PPEBLOCKROUTINE)(PVOID);
+#else
-#ifndef NTOS_MODE_USER
-typedef NTSTATUS
-(NTAPI *PW32_PROCESS_CALLBACK)(
+typedef enum _PSPROCESSPRIORITYMODE
+{
+ PsProcessPriorityForeground,
+ PsProcessPriorityBackground,
+ PsProcessPrioritySpinning
+} PSPROCESSPRIORITYMODE;
+
+typedef enum _JOBOBJECTINFOCLASS
+{
+ JobObjectBasicAccountingInformation = 1,
+ JobObjectBasicLimitInformation,
+ JobObjectBasicProcessIdList,
+ JobObjectBasicUIRestrictions,
+ JobObjectSecurityLimitInformation,
+ JobObjectEndOfJobTimeInformation,
+ JobObjectAssociateCompletionPortInformation,
+ JobObjectBasicAndIoAccountingInformation,
+ JobObjectExtendedLimitInformation,
+ JobObjectJobSetInformation,
+ MaxJobObjectInfoClass
+} JOBOBJECTINFOCLASS;
+
+//
+// Power Event Events for Win32K Power Event Callback
+//
+typedef enum _PSPOWEREVENTTYPE
+{
+ PsW32FullWake = 0,
+ PsW32EventCode = 1,
+ PsW32PowerPolicyChanged = 2,
+ PsW32SystemPowerState = 3,
+ PsW32SystemTime = 4,
+ PsW32DisplayState = 5,
+ PsW32CapabilitiesChanged = 6,
+ PsW32SetStateFailed = 7,
+ PsW32GdiOff = 8,
+ PsW32GdiOn = 9,
+ PsW32GdiPrepareResumeUI = 10,
+ PsW32GdiOffRequest = 11,
+ PsW32MonitorOff = 12,
+} PSPOWEREVENTTYPE;
+
+//
+// Power State Tasks for Win32K Power State Callback
+//
+typedef enum _POWERSTATETASK
+{
+ PowerState_BlockSessionSwitch = 0,
+ PowerState_Init = 1,
+ PowerState_QueryApps = 2,
+ PowerState_QueryServices = 3,
+ PowerState_QueryAppsFailed = 4,
+ PowerState_QueryServicesFailed = 5,
+ PowerState_SuspendApps = 6,
+ PowerState_SuspendServices = 7,
+ PowerState_ShowUI = 8,
+ PowerState_NotifyWL = 9,
+ PowerState_ResumeApps = 10,
+ PowerState_ResumeServices = 11,
+ PowerState_UnBlockSessionSwitch = 12,
+ PowerState_End = 13,
+ PowerState_BlockInput = 14,
+ PowerState_UnblockInput = 15,
+} POWERSTATETASK;
+
+//
+// Win32K Job Callback Types
+//
+typedef enum _PSW32JOBCALLOUTTYPE
+{
+ PsW32JobCalloutSetInformation = 0,
+ PsW32JobCalloutAddProcess = 1,
+ PsW32JobCalloutTerminate = 2,
+} PSW32JOBCALLOUTTYPE;
+
+//
+// Win32K Thread Callback Types
+//
+typedef enum _PSW32THREADCALLOUTTYPE
+{
+ PsW32ThreadCalloutInitialize,
+ PsW32ThreadCalloutExit,
+} PSW32THREADCALLOUTTYPE;
+
+//
+// Declare empty structure definitions so that they may be referenced by
+// routines before they are defined
+//
+struct _W32THREAD;
+struct _W32PROCESS;
+//struct _ETHREAD;
+struct _WIN32_POWEREVENT_PARAMETERS;
+struct _WIN32_POWERSTATE_PARAMETERS;
+struct _WIN32_JOBCALLOUT_PARAMETERS;
+struct _WIN32_OPENMETHOD_PARAMETERS;
+struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS;
+struct _WIN32_CLOSEMETHOD_PARAMETERS;
+struct _WIN32_DELETEMETHOD_PARAMETERS;
+struct _WIN32_PARSEMETHOD_PARAMETERS;
+
+//
+// Win32K Process and Thread Callbacks
+//
+typedef
+NTSTATUS
+(NTAPI *PKWIN32_PROCESS_CALLOUT)(
struct _EPROCESS *Process,
BOOLEAN Create
);
-typedef NTSTATUS
-(NTAPI *PW32_THREAD_CALLBACK)(
+typedef
+NTSTATUS
+(NTAPI *PKWIN32_THREAD_CALLOUT)(
struct _ETHREAD *Thread,
- BOOLEAN Create
+ PSW32THREADCALLOUTTYPE Type
);
-#endif
-/* TYPES *********************************************************************/
+typedef
+NTSTATUS
+(NTAPI *PKWIN32_GLOBALATOMTABLE_CALLOUT)(
+ VOID
+);
-#ifdef NTOS_MODE_USER
-typedef struct _CLIENT_ID
-{
- HANDLE UniqueProcess;
- HANDLE UniqueThread;
-} CLIENT_ID, *PCLIENT_ID;
-#endif
+typedef
+NTSTATUS
+(NTAPI *PKWIN32_POWEREVENT_CALLOUT)(
+ struct _WIN32_POWEREVENT_PARAMETERS *Parameters
+);
-struct _W32THREAD;
-struct _W32PROCESS;
+typedef
+NTSTATUS
+(NTAPI *PKWIN32_POWERSTATE_CALLOUT)(
+ struct _WIN32_POWERSTATE_PARAMETERS *Parameters
+);
+
+typedef
+NTSTATUS
+(NTAPI *PKWIN32_JOB_CALLOUT)(
+ struct _WIN32_JOBCALLOUT_PARAMETERS *Parameters
+);
+
+typedef
+NTSTATUS
+(NTAPI *PGDI_BATCHFLUSH_ROUTINE)(
+ VOID
+);
+
+typedef
+NTSTATUS
+(NTAPI *PKWIN32_OPENMETHOD_CALLOUT)(
+ struct _WIN32_OPENMETHOD_PARAMETERS *Parameters
+);
+
+typedef
+NTSTATUS
+(NTAPI *PKWIN32_OKTOCLOSEMETHOD_CALLOUT)(
+ struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS *Parameters
+);
+
+typedef
+NTSTATUS
+(NTAPI *PKWIN32_CLOSEMETHOD_CALLOUT)(
+ struct _WIN32_CLOSEMETHOD_PARAMETERS *Parameters
+);
+
+typedef
+VOID
+(NTAPI *PKWIN32_DELETEMETHOD_CALLOUT)(
+ struct _WIN32_DELETEMETHOD_PARAMETERS *Parameters
+);
+
+typedef
+NTSTATUS
+(NTAPI *PKWIN32_PARSEMETHOD_CALLOUT)(
+ struct _WIN32_PARSEMETHOD_PARAMETERS *Parameters
+);
+
+typedef
+NTSTATUS
+(NTAPI *PKWIN32_WIN32DATACOLLECTION_CALLOUT)(
+ struct _EPROCESS *Process,
+ PVOID Callback,
+ PVOID Context
+);
+
+//
+// Lego Callback
+//
+typedef
+VOID
+(NTAPI *PLEGO_NOTIFY_ROUTINE)(
+ IN PKTHREAD Thread
+);
+
+#endif
-struct _ETHREAD;
+typedef NTSTATUS
+(NTAPI *PPOST_PROCESS_INIT_ROUTINE)(
+ VOID
+);
+//
+// Descriptor Table Entry Definition
+//
+#if (_M_IX86)
+#define _DESCRIPTOR_TABLE_ENTRY_DEFINED
typedef struct _DESCRIPTOR_TABLE_ENTRY
{
ULONG Selector;
LDT_ENTRY Descriptor;
} DESCRIPTOR_TABLE_ENTRY, *PDESCRIPTOR_TABLE_ENTRY;
+#endif
+//
+// PEB Lock Routine
+//
+typedef VOID
+(NTAPI *PPEBLOCKROUTINE)(
+ PVOID PebLock
+);
+
+//
+// PEB Free Block Descriptor
+//
typedef struct _PEB_FREE_BLOCK
{
struct _PEB_FREE_BLOCK* Next;
ULONG Size;
} PEB_FREE_BLOCK, *PPEB_FREE_BLOCK;
+//
+// Process Environment Block (PEB)
+//
typedef struct _PEB
{
- UCHAR InheritedAddressSpace; /* 00h */
- UCHAR ReadImageFileExecOptions; /* 01h */
- UCHAR BeingDebugged; /* 02h */
- BOOLEAN SpareBool; /* 03h */
- HANDLE Mutant; /* 04h */
- PVOID ImageBaseAddress; /* 08h */
- PPEB_LDR_DATA Ldr; /* 0Ch */
- struct _RTL_USER_PROCESS_PARAMETERS *ProcessParameters; /* 10h */
- PVOID SubSystemData; /* 14h */
- PVOID ProcessHeap; /* 18h */
- PVOID FastPebLock; /* 1Ch */
- PPEBLOCKROUTINE FastPebLockRoutine; /* 20h */
- PPEBLOCKROUTINE FastPebUnlockRoutine; /* 24h */
- ULONG EnvironmentUpdateCount; /* 28h */
- PVOID* KernelCallbackTable; /* 2Ch */
- PVOID EventLogSection; /* 30h */
- PVOID EventLog; /* 34h */
- PPEB_FREE_BLOCK FreeList; /* 38h */
- ULONG TlsExpansionCounter; /* 3Ch */
- PVOID TlsBitmap; /* 40h */
- ULONG TlsBitmapBits[0x2]; /* 44h */
- PVOID ReadOnlySharedMemoryBase; /* 4Ch */
- PVOID ReadOnlySharedMemoryHeap; /* 50h */
- PVOID* ReadOnlyStaticServerData; /* 54h */
- PVOID AnsiCodePageData; /* 58h */
- PVOID OemCodePageData; /* 5Ch */
- PVOID UnicodeCaseTableData; /* 60h */
- ULONG NumberOfProcessors; /* 64h */
- ULONG NtGlobalFlag; /* 68h */
- LARGE_INTEGER CriticalSectionTimeout; /* 70h */
- ULONG HeapSegmentReserve; /* 78h */
- ULONG HeapSegmentCommit; /* 7Ch */
- ULONG HeapDeCommitTotalFreeThreshold; /* 80h */
- ULONG HeapDeCommitFreeBlockThreshold; /* 84h */
- ULONG NumberOfHeaps; /* 88h */
- ULONG MaximumNumberOfHeaps; /* 8Ch */
- PVOID* ProcessHeaps; /* 90h */
- PVOID GdiSharedHandleTable; /* 94h */
- PVOID ProcessStarterHelper; /* 98h */
- PVOID GdiDCAttributeList; /* 9Ch */
- PVOID LoaderLock; /* A0h */
- ULONG OSMajorVersion; /* A4h */
- ULONG OSMinorVersion; /* A8h */
- USHORT OSBuildNumber; /* ACh */
- USHORT OSCSDVersion; /* AEh */
- ULONG OSPlatformId; /* B0h */
- ULONG ImageSubSystem; /* B4h */
- ULONG ImageSubSystemMajorVersion; /* B8h */
- ULONG ImageSubSystemMinorVersion; /* BCh */
- ULONG ImageProcessAffinityMask; /* C0h */
- ULONG GdiHandleBuffer[0x22]; /* C4h */
- PVOID PostProcessInitRoutine; /* 14Ch */
- PVOID *TlsExpansionBitmap; /* 150h */
- ULONG TlsExpansionBitmapBits[0x20]; /* 154h */
- ULONG SessionId; /* 1D4h */
- PVOID AppCompatInfo; /* 1D8h */
- UNICODE_STRING CSDVersion; /* 1DCh */
+ UCHAR InheritedAddressSpace;
+ UCHAR ReadImageFileExecOptions;
+ UCHAR BeingDebugged;
+#if (NTDDI_VERSION >= NTDDI_WS03)
+ union
+ {
+ UCHAR BitField;
+ struct
+ {
+ UCHAR ImageUsesLargePages:1;
+ #if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ UCHAR IsProtectedProcess:1;
+ UCHAR IsLegacyProcess:1;
+ UCHAR IsImageDynamicallyRelocated:1;
+ UCHAR SkipPatchingUser32Forwarders:1;
+ UCHAR SpareBits:3;
+ #else
+ UCHAR SpareBits:7;
+ #endif
+ };
+ };
+#else
+ BOOLEAN SpareBool;
+#endif
+ HANDLE Mutant;
+ PVOID ImageBaseAddress;
+ PPEB_LDR_DATA Ldr;
+ struct _RTL_USER_PROCESS_PARAMETERS *ProcessParameters;
+ PVOID SubSystemData;
+ PVOID ProcessHeap;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ struct _RTL_CRITICAL_SECTION *FastPebLock;
+ PVOID AltThunkSListPtr;
+ PVOID IFEOKey;
+ union
+ {
+ ULONG CrossProcessFlags;
+ struct
+ {
+ ULONG ProcessInJob:1;
+ ULONG ProcessInitializing:1;
+ ULONG ProcessUsingVEH:1;
+ ULONG ProcessUsingVCH:1;
+ ULONG ReservedBits0:28;
+ };
+ };
+ union
+ {
+ PVOID* KernelCallbackTable;
+ PVOID UserSharedInfoPtr;
+ };
+ ULONG SystemReserved[1];
+ ULONG SpareUlong;
+ ULONG_PTR SparePebPtr0;
+#else
+ PVOID FastPebLock;
+ PPEBLOCKROUTINE FastPebLockRoutine;
+ PPEBLOCKROUTINE FastPebUnlockRoutine;
+ ULONG EnvironmentUpdateCount;
+ PVOID* KernelCallbackTable;
+ PVOID EventLogSection;
+ PVOID EventLog;
+ PPEB_FREE_BLOCK FreeList;
+#endif
+ ULONG TlsExpansionCounter;
+ PVOID TlsBitmap;
+ ULONG TlsBitmapBits[0x2];
+ PVOID ReadOnlySharedMemoryBase;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ PVOID HotpatchInformation;
+#else
+ PVOID ReadOnlySharedMemoryHeap;
+#endif
+ PVOID* ReadOnlyStaticServerData;
+ PVOID AnsiCodePageData;
+ PVOID OemCodePageData;
+ PVOID UnicodeCaseTableData;
+ ULONG NumberOfProcessors;
+ ULONG NtGlobalFlag;
+ LARGE_INTEGER CriticalSectionTimeout;
+ ULONG_PTR HeapSegmentReserve;
+ ULONG_PTR HeapSegmentCommit;
+ ULONG_PTR HeapDeCommitTotalFreeThreshold;
+ ULONG_PTR HeapDeCommitFreeBlockThreshold;
+ ULONG NumberOfHeaps;
+ ULONG MaximumNumberOfHeaps;
+ PVOID* ProcessHeaps;
+ PVOID GdiSharedHandleTable;
+ PVOID ProcessStarterHelper;
+ ULONG GdiDCAttributeList;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ struct _RTL_CRITICAL_SECTION *LoaderLock;
+#else
+ PVOID LoaderLock;
+#endif
+ ULONG OSMajorVersion;
+ ULONG OSMinorVersion;
+ USHORT OSBuildNumber;
+ USHORT OSCSDVersion;
+ ULONG OSPlatformId;
+ ULONG ImageSubSystem;
+ ULONG ImageSubSystemMajorVersion;
+ ULONG ImageSubSystemMinorVersion;
+ ULONG ImageProcessAffinityMask;
+#ifdef _WIN64
+ ULONG GdiHandleBuffer[0x3c];
+#else
+ ULONG GdiHandleBuffer[0x22];
+#endif
+ PPOST_PROCESS_INIT_ROUTINE PostProcessInitRoutine;
+ struct _RTL_BITMAP *TlsExpansionBitmap;
+ ULONG TlsExpansionBitmapBits[0x20];
+ ULONG SessionId;
+#if (NTDDI_VERSION >= NTDDI_WINXP)
+ ULARGE_INTEGER AppCompatFlags;
+ ULARGE_INTEGER AppCompatFlagsUser;
+ PVOID pShimData;
+ PVOID AppCompatInfo;
+ UNICODE_STRING CSDVersion;
+ struct _ACTIVATION_CONTEXT_DATA *ActivationContextData;
+ struct _ASSEMBLY_STORAGE_MAP *ProcessAssemblyStorageMap;
+ struct _ACTIVATION_CONTEXT_DATA *SystemDefaultActivationContextData;
+ struct _ASSEMBLY_STORAGE_MAP *SystemAssemblyStorageMap;
+ ULONG_PTR MinimumStackCommit;
+#endif
+#if (NTDDI_VERSION >= NTDDI_WS03)
+ PVOID *FlsCallback;
+ LIST_ENTRY FlsListHead;
+ struct _RTL_BITMAP *FlsBitmap;
+ ULONG FlsBitmapBits[4];
+ ULONG FlsHighIndex;
+#endif
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ PVOID WerRegistrationData;
+ PVOID WerShipAssertPtr;
+#endif
} PEB, *PPEB;
+//
+// GDI Batch Descriptor
+//
typedef struct _GDI_TEB_BATCH
{
ULONG Offset;
- ULONG HDC;
+ HANDLE HDC;
ULONG Buffer[0x136];
} GDI_TEB_BATCH, *PGDI_TEB_BATCH;
+//
+// Initial TEB
+//
typedef struct _INITIAL_TEB
{
PVOID PreviousStackBase;
PVOID AllocatedStackBase;
} INITIAL_TEB, *PINITIAL_TEB;
-typedef struct _TEB_ACTIVE_FRAME_CONTEXT
+//
+// TEB Active Frame Structures
+//
+typedef struct _TEB_ACTIVE_FRAME_CONTEXT
{
ULONG Flags;
LPSTR FrameName;
PTEB_ACTIVE_FRAME_CONTEXT Context;
} TEB_ACTIVE_FRAME, *PTEB_ACTIVE_FRAME;
+//
+// Thread Environment Block (TEB)
+//
typedef struct _TEB
{
- NT_TIB Tib; /* 00h */
- PVOID EnvironmentPointer; /* 1Ch */
- CLIENT_ID Cid; /* 20h */
- PVOID ActiveRpcHandle; /* 28h */
- PVOID ThreadLocalStoragePointer; /* 2Ch */
- struct _PEB *ProcessEnvironmentBlock; /* 30h */
- ULONG LastErrorValue; /* 34h */
- ULONG CountOfOwnedCriticalSections; /* 38h */
- PVOID CsrClientThread; /* 3Ch */
- struct _W32THREAD* Win32ThreadInfo; /* 40h */
- ULONG User32Reserved[0x1A]; /* 44h */
- ULONG UserReserved[5]; /* ACh */
- PVOID WOW32Reserved; /* C0h */
- LCID CurrentLocale; /* C4h */
- ULONG FpSoftwareStatusRegister; /* C8h */
- PVOID SystemReserved1[0x36]; /* CCh */
- LONG ExceptionCode; /* 1A4h */
- struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer; /* 1A8h */
- UCHAR SpareBytes1[0x28]; /* 1ACh */
- GDI_TEB_BATCH GdiTebBatch; /* 1D4h */
- CLIENT_ID RealClientId; /* 6B4h */
- PVOID GdiCachedProcessHandle; /* 6BCh */
- ULONG GdiClientPID; /* 6C0h */
- ULONG GdiClientTID; /* 6C4h */
- PVOID GdiThreadLocalInfo; /* 6C8h */
- ULONG Win32ClientInfo[62]; /* 6CCh */
- PVOID glDispatchTable[0xE9]; /* 7C4h */
- ULONG glReserved1[0x1D]; /* B68h */
- PVOID glReserved2; /* BDCh */
- PVOID glSectionInfo; /* BE0h */
- PVOID glSection; /* BE4h */
- PVOID glTable; /* BE8h */
- PVOID glCurrentRC; /* BECh */
- PVOID glContext; /* BF0h */
- NTSTATUS LastStatusValue; /* BF4h */
- UNICODE_STRING StaticUnicodeString; /* BF8h */
- WCHAR StaticUnicodeBuffer[0x105]; /* C00h */
- PVOID DeallocationStack; /* E0Ch */
- PVOID TlsSlots[0x40]; /* E10h */
- LIST_ENTRY TlsLinks; /* F10h */
- PVOID Vdm; /* F18h */
- PVOID ReservedForNtRpc; /* F1Ch */
- PVOID DbgSsReserved[0x2]; /* F20h */
- ULONG HardErrorDisabled; /* F28h */
- PVOID Instrumentation[14]; /* F2Ch */
- PVOID SubProcessTag; /* F64h */
- PVOID EtwTraceData; /* F68h */
- PVOID WinSockData; /* F6Ch */
- ULONG GdiBatchCount; /* F70h */
- BOOLEAN InDbgPrint; /* F74h */
- BOOLEAN FreeStackOnTermination; /* F75h */
- BOOLEAN HasFiberData; /* F76h */
- UCHAR IdealProcessor; /* F77h */
- ULONG GuaranteedStackBytes; /* F78h */
- PVOID ReservedForPerf; /* F7Ch */
- PVOID ReservedForOle; /* F80h */
- ULONG WaitingOnLoaderLock; /* F84h */
- ULONG SparePointer1; /* F88h */
- ULONG SoftPatchPtr1; /* F8Ch */
- ULONG SoftPatchPtr2; /* F90h */
- PVOID *TlsExpansionSlots; /* F94h */
- ULONG ImpersionationLocale; /* F98h */
- ULONG IsImpersonating; /* F9Ch */
- PVOID NlsCache; /* FA0h */
- PVOID pShimData; /* FA4h */
- ULONG HeapVirualAffinity; /* FA8h */
- PVOID CurrentTransactionHandle; /* FACh */
- PTEB_ACTIVE_FRAME ActiveFrame; /* FB0h */
- PVOID FlsData; /* FB4h */
- UCHAR SafeThunkCall; /* FB8h */
- UCHAR BooleanSpare[3]; /* FB9h */
- /* FIXME: Needed for WINE DLL's */
- PVOID WineDebugInfo; /* FBCh */
+ NT_TIB Tib;
+ PVOID EnvironmentPointer;
+ CLIENT_ID ClientId;
+ PVOID ActiveRpcHandle;
+ PVOID ThreadLocalStoragePointer;
+ struct _PEB *ProcessEnvironmentBlock;
+ ULONG LastErrorValue;
+ ULONG CountOfOwnedCriticalSections;
+ PVOID CsrClientThread;
+ struct _W32THREAD* Win32ThreadInfo;
+ ULONG User32Reserved[0x1A];
+ ULONG UserReserved[5];
+ PVOID WOW32Reserved;
+ LCID CurrentLocale;
+ ULONG FpSoftwareStatusRegister;
+ PVOID SystemReserved1[0x36];
+ LONG ExceptionCode;
+ struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer;
+#ifdef _WIN64
+ UCHAR SpareBytes1[24];
+#else
+ UCHAR SpareBytes1[0x24];
+#endif
+ ULONG TxFsContext;
+ GDI_TEB_BATCH GdiTebBatch;
+ CLIENT_ID RealClientId;
+ PVOID GdiCachedProcessHandle;
+ ULONG GdiClientPID;
+ ULONG GdiClientTID;
+ PVOID GdiThreadLocalInfo;
+ SIZE_T Win32ClientInfo[62];
+ PVOID glDispatchTable[0xE9];
+ SIZE_T glReserved1[0x1D];
+ PVOID glReserved2;
+ PVOID glSectionInfo;
+ PVOID glSection;
+ PVOID glTable;
+ PVOID glCurrentRC;
+ PVOID glContext;
+ NTSTATUS LastStatusValue;
+ UNICODE_STRING StaticUnicodeString;
+ WCHAR StaticUnicodeBuffer[0x105];
+ PVOID DeallocationStack;
+ PVOID TlsSlots[0x40];
+ LIST_ENTRY TlsLinks;
+ PVOID Vdm;
+ PVOID ReservedForNtRpc;
+ PVOID DbgSsReserved[0x2];
+ ULONG HardErrorDisabled;
+#ifdef _WIN64
+ PVOID Instrumentation[11];
+#else
+ PVOID Instrumentation[9];
+#endif
+ GUID ActivityId;
+ PVOID SubProcessTag;
+ PVOID EtwTraceData;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ PVOID EtwLocalData;
+#endif
+ PVOID WinSockData;
+ ULONG GdiBatchCount;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ BOOLEAN SpareBool0;
+ BOOLEAN SpareBool1;
+ BOOLEAN SpareBool2;
+#else
+ BOOLEAN InDbgPrint;
+ BOOLEAN FreeStackOnTermination;
+ BOOLEAN HasFiberData;
+#endif
+ UCHAR IdealProcessor;
+ ULONG GuaranteedStackBytes;
+ PVOID ReservedForPerf;
+ PVOID ReservedForOle;
+ ULONG WaitingOnLoaderLock;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ PVOID SavedPriorityState;
+#else
+ ULONG SparePointer1;
+#endif
+ ULONG SoftPatchPtr1;
+ ULONG SoftPatchPtr2;
+ PVOID *TlsExpansionSlots;
+ ULONG ImpersonationLocale;
+ ULONG IsImpersonating;
+ PVOID NlsCache;
+ PVOID pShimData;
+ ULONG HeapVirualAffinity;
+ PVOID CurrentTransactionHandle;
+ PTEB_ACTIVE_FRAME ActiveFrame;
+#if (NTDDI_VERSION >= NTDDI_WS03)
+ PVOID FlsData;
+#endif
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ PVOID PreferredLangauges;
+ PVOID UserPrefLanguages;
+ PVOID MergedPrefLanguages;
+ ULONG MuiImpersonation;
+ union
+ {
+ struct
+ {
+ USHORT SpareCrossTebFlags:16;
+ };
+ USHORT CrossTebFlags;
+ };
+ union
+ {
+ struct
+ {
+ USHORT DbgSafeThunkCall:1;
+ USHORT DbgInDebugPrint:1;
+ USHORT DbgHasFiberData:1;
+ USHORT DbgSkipThreadAttach:1;
+ USHORT DbgWerInShipAssertCode:1;
+ USHORT DbgIssuedInitialBp:1;
+ USHORT DbgClonedThread:1;
+ USHORT SpareSameTebBits:9;
+ };
+ USHORT SameTebFlags;
+ };
+ PVOID TxnScopeEntercallback;
+ PVOID TxnScopeExitCAllback;
+ PVOID TxnScopeContext;
+ ULONG LockCount;
+ ULONG ProcessRundown;
+ ULONGLONG LastSwitchTime;
+ ULONGLONG TotalSwitchOutTime;
+ LARGE_INTEGER WaitReasonBitMap;
+#else
+ UCHAR SafeThunkCall;
+ UCHAR BooleanSpare[3];
+#endif
} TEB, *PTEB;
-#ifndef NTOS_MODE_USER
-/* FIXME: see note in mmtypes.h */
-#ifdef _NTOSKRNL_
-#include <internal/mm.h>
+#ifdef NTOS_MODE_USER
+
+//
+// Process Information Structures for NtQueryProcessInformation
+//
+typedef struct _PROCESS_BASIC_INFORMATION
+{
+ NTSTATUS ExitStatus;
+ PPEB PebBaseAddress;
+ ULONG_PTR AffinityMask;
+ KPRIORITY BasePriority;
+ ULONG_PTR UniqueProcessId;
+ ULONG_PTR InheritedFromUniqueProcessId;
+} PROCESS_BASIC_INFORMATION,*PPROCESS_BASIC_INFORMATION;
+
+typedef struct _PROCESS_ACCESS_TOKEN
+{
+ HANDLE Token;
+ HANDLE Thread;
+} PROCESS_ACCESS_TOKEN, *PPROCESS_ACCESS_TOKEN;
+
+typedef struct _PROCESS_DEVICEMAP_INFORMATION
+{
+ union
+ {
+ struct
+ {
+ HANDLE DirectoryHandle;
+ } Set;
+ struct
+ {
+ ULONG DriveMap;
+ UCHAR DriveType[32];
+ } Query;
+ };
+} PROCESS_DEVICEMAP_INFORMATION, *PPROCESS_DEVICEMAP_INFORMATION;
+
+typedef struct _KERNEL_USER_TIMES
+{
+ LARGE_INTEGER CreateTime;
+ LARGE_INTEGER ExitTime;
+ LARGE_INTEGER KernelTime;
+ LARGE_INTEGER UserTime;
+} KERNEL_USER_TIMES, *PKERNEL_USER_TIMES;
+
+typedef struct _PROCESS_SESSION_INFORMATION
+{
+ ULONG SessionId;
+} PROCESS_SESSION_INFORMATION, *PPROCESS_SESSION_INFORMATION;
+
#endif
+typedef struct _PROCESS_PRIORITY_CLASS
+{
+ BOOLEAN Foreground;
+ UCHAR PriorityClass;
+} PROCESS_PRIORITY_CLASS, *PPROCESS_PRIORITY_CLASS;
+
+//
+// Thread Information Structures for NtQueryProcessInformation
+//
+typedef struct _THREAD_BASIC_INFORMATION
+{
+ NTSTATUS ExitStatus;
+ PVOID TebBaseAddress;
+ CLIENT_ID ClientId;
+ KAFFINITY AffinityMask;
+ KPRIORITY Priority;
+ KPRIORITY BasePriority;
+} THREAD_BASIC_INFORMATION, *PTHREAD_BASIC_INFORMATION;
+
+#ifndef NTOS_MODE_USER
+
+//
+// Job Set Array
+//
+typedef struct _JOB_SET_ARRAY
+{
+ HANDLE JobHandle;
+ ULONG MemberLevel;
+ ULONG Flags;
+} JOB_SET_ARRAY, *PJOB_SET_ARRAY;
+
+//
+// EPROCESS Quota Structures
+//
typedef struct _EPROCESS_QUOTA_ENTRY
{
SIZE_T Usage;
ULONG ProcessCount;
} EPROCESS_QUOTA_BLOCK, *PEPROCESS_QUOTA_BLOCK;
+//
+// Process Pagefault History
+//
typedef struct _PAGEFAULT_HISTORY
{
ULONG CurrentIndex;
PROCESS_WS_WATCH_INFORMATION WatchInfo[1];
} PAGEFAULT_HISTORY, *PPAGEFAULT_HISTORY;
+//
+// Process Impersonation Information
+//
typedef struct _PS_IMPERSONATION_INFORMATION
{
- PACCESS_TOKEN Token;
- BOOLEAN CopyOnOpen;
- BOOLEAN EffectiveOnly;
- SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
+ PACCESS_TOKEN Token;
+ BOOLEAN CopyOnOpen;
+ BOOLEAN EffectiveOnly;
+ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
} PS_IMPERSONATION_INFORMATION, *PPS_IMPERSONATION_INFORMATION;
-#include <pshpack4.h>
+//
+// Process Termination Port
+//
+typedef struct _TERMINATION_PORT
+{
+ struct _TERMINATION_PORT *Next;
+ PVOID Port;
+} TERMINATION_PORT, *PTERMINATION_PORT;
+
+//
+// Per-Process APC Rate Limiting
+//
+typedef struct _PSP_RATE_APC
+{
+ union
+ {
+ SINGLE_LIST_ENTRY NextApc;
+ ULONGLONG ExcessCycles;
+ };
+ ULONGLONG TargetGEneration;
+ KAPC RateApc;
+} PSP_RATE_APC, *PPSP_RATE_APC;
+
+//
+// Executive Thread (ETHREAD)
+//
typedef struct _ETHREAD
{
- KTHREAD Tcb; /* 1C0 */
- LARGE_INTEGER CreateTime; /* 1C0 */
- LARGE_INTEGER ExitTime; /* 1C0 */
+ KTHREAD Tcb;
+ LARGE_INTEGER CreateTime;
union
{
- LIST_ENTRY LpcReplyChain; /* 1C0 */
- LIST_ENTRY KeyedWaitChain; /* 1C0 */
+ LARGE_INTEGER ExitTime;
+ LIST_ENTRY LpcReplyChain;
+ LIST_ENTRY KeyedWaitChain;
};
union
{
- NTSTATUS ExitStatus; /* 1C8 */
- PVOID OfsChain; /* 1C8 */
+ NTSTATUS ExitStatus;
+ PVOID OfsChain;
};
- LIST_ENTRY PostBlockList; /* 1CC */
+ LIST_ENTRY PostBlockList;
union
{
- struct _TERMINATION_PORT *TerminationPort; /* 1D4 */
- struct _ETHREAD *ReaperLink; /* 1D4 */
- PVOID KeyedWaitValue; /* 1D4 */
+ struct _TERMINATION_PORT *TerminationPort;
+ struct _ETHREAD *ReaperLink;
+ PVOID KeyedWaitValue;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ PVOID Win32StartParameter;
+#endif
};
- KSPIN_LOCK ActiveTimerListLock; /* 1D8 */
- LIST_ENTRY ActiveTimerListHead; /* 1D8 */
- CLIENT_ID Cid; /* 1E0 */
+ KSPIN_LOCK ActiveTimerListLock;
+ LIST_ENTRY ActiveTimerListHead;
+ CLIENT_ID Cid;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ KSEMAPHORE KeyedWaitSemaphore;
+#else
union
{
- KSEMAPHORE LpcReplySemaphore; /* 1E4 */
- KSEMAPHORE KeyedReplySemaphore; /* 1E4 */
+ KSEMAPHORE LpcReplySemaphore;
+ KSEMAPHORE KeyedReplySemaphore;
};
union
{
- PVOID LpcReplyMessage; /* 200 */
- PVOID LpcWaitingOnPort; /* 200 */
+ PVOID LpcReplyMessage;
+ PVOID LpcWaitingOnPort;
};
- PPS_IMPERSONATION_INFORMATION ImpersonationInfo; /* 204 */
- LIST_ENTRY IrpList; /* 208 */
- ULONG TopLevelIrp; /* 210 */
- PDEVICE_OBJECT DeviceToVerify; /* 214 */
- struct _EPROCESS *ThreadsProcess; /* 218 */
- PKSTART_ROUTINE StartAddress; /* 21C */
+#endif
+ PPS_IMPERSONATION_INFORMATION ImpersonationInfo;
+ LIST_ENTRY IrpList;
+ ULONG_PTR TopLevelIrp;
+ PDEVICE_OBJECT DeviceToVerify;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ PPSP_RATE_APC RateControlApc;
+#else
+ struct _EPROCESS *ThreadsProcess;
+#endif
+ PVOID Win32StartAddress;
union
{
- PVOID Win32StartAddress; /* 220 */
- ULONG LpcReceivedMessageId; /* 220 */
+ PKSTART_ROUTINE StartAddress;
+ ULONG LpcReceivedMessageId;
};
- LIST_ENTRY ThreadListEntry; /* 224 */
- EX_RUNDOWN_REF RundownProtect; /* 22C */
- EX_PUSH_LOCK ThreadLock; /* 230 */
- ULONG LpcReplyMessageId; /* 234 */
- ULONG ReadClusterSize; /* 238 */
- ACCESS_MASK GrantedAccess; /* 23C */
+ LIST_ENTRY ThreadListEntry;
+ EX_RUNDOWN_REF RundownProtect;
+ EX_PUSH_LOCK ThreadLock;
+#if (NTDDI_VERSION < NTDDI_LONGHORN)
+ ULONG LpcReplyMessageId;
+#endif
+ ULONG ReadClusterSize;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ ULONG SpareUlong0;
+#else
+ ACCESS_MASK GrantedAccess;
+#endif
union
{
struct
{
- ULONG Terminated:1;
- ULONG DeadThread:1;
- ULONG HideFromDebugger:1;
- ULONG ActiveImpersonationInfo:1;
- ULONG SystemThread:1;
- ULONG HardErrorsAreDisabled:1;
- ULONG BreakOnTermination:1;
- ULONG SkipCreationMsg:1;
- ULONG SkipTerminationMsg:1;
+ ULONG Terminated:1;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ ULONG ThreadInserted:1;
+#else
+ ULONG DeadThread:1;
+#endif
+ ULONG HideFromDebugger:1;
+ ULONG ActiveImpersonationInfo:1;
+ ULONG SystemThread:1;
+ ULONG HardErrorsAreDisabled:1;
+ ULONG BreakOnTermination:1;
+ ULONG SkipCreationMsg:1;
+ ULONG SkipTerminationMsg:1;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ ULONG CreateMsgSent:1;
+ ULONG ThreadIoPriority:3;
+ ULONG ThreadPagePriority:3;
+ ULONG PendingRatecontrol:1;
+#endif
};
- ULONG CrossThreadFlags; /* 240 */
+ ULONG CrossThreadFlags;
};
union
{
struct
{
- ULONG ActiveExWorker:1;
- ULONG ExWorkerCanWaitUser:1;
- ULONG MemoryMaker:1;
- ULONG KeyedEventInUse:1;
+ ULONG ActiveExWorker:1;
+ ULONG ExWorkerCanWaitUser:1;
+ ULONG MemoryMaker:1;
+ ULONG KeyedEventInUse:1;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ ULONG RateApcState:2;
+#endif
};
- ULONG SameThreadPassiveFlags; /* 244 */
+ ULONG SameThreadPassiveFlags;
};
union
{
struct
{
- ULONG LpcReceivedMsgIdValid:1;
- ULONG LpcExitThreadCalled:1;
- ULONG AddressSpaceOwner:1;
- ULONG OwnsProcessWorkingSetExclusive:1;
- ULONG OwnsProcessWorkingSetShared:1;
- ULONG OwnsSystemWorkingSetExclusive:1;
- ULONG OwnsSystemWorkingSetShared:1;
- ULONG OwnsSessionWorkingSetExclusive:1;
- ULONG OwnsSessionWorkingSetShared:1;
- ULONG ApcNeeded:1;
+ ULONG LpcReceivedMsgIdValid:1;
+ ULONG LpcExitThreadCalled:1;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ ULONG Spare:1;
+#else
+ ULONG AddressSpaceOwner:1;
+#endif
+ ULONG OwnsProcessWorkingSetExclusive:1;
+ ULONG OwnsProcessWorkingSetShared:1;
+ ULONG OwnsSystemWorkingSetExclusive:1;
+ ULONG OwnsSystemWorkingSetShared:1;
+ ULONG OwnsSessionWorkingSetExclusive:1;
+ ULONG OwnsSessionWorkingSetShared:1;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ ULONG SupressSymbolLoad:1;
+ ULONG Spare1:3;
+ ULONG PriorityRegionActive:4;
+#else
+ ULONG ApcNeeded:1;
+#endif
};
- ULONG SameThreadApcFlags; /* 248 */
+ ULONG SameThreadApcFlags;
};
- UCHAR ForwardClusterOnly; /* 24C */
- UCHAR DisablePageFaultClustering; /* 24D */
- UCHAR ActiveFaultCount; /* 24E */
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ UCHAR CacheManagerActive;
+#else
+ UCHAR ForwardClusterOnly;
+#endif
+ UCHAR DisablePageFaultClustering;
+ UCHAR ActiveFaultCount;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ ULONG AlpcMessageId;
+ union
+ {
+ PVOID AlpcMessage;
+ ULONG AlpcReceiveAttributeSet;
+ };
+ LIST_ENTRY AlpcWaitListEntry;
+ KSEMAPHORE AlpcWaitSemaphore;
+ ULONG CacheManagerCount;
+#endif
} ETHREAD;
+//
+// Executive Process (EPROCESS)
+//
typedef struct _EPROCESS
{
- KPROCESS Pcb; /* 000 */
- EX_PUSH_LOCK ProcessLock; /* 078 */
- LARGE_INTEGER CreateTime; /* 080 */
- LARGE_INTEGER ExitTime; /* 088 */
- EX_RUNDOWN_REF RundownProtect; /* 090 */
- HANDLE UniqueProcessId; /* 094 */
- LIST_ENTRY ActiveProcessLinks; /* 098 */
- ULONG QuotaUsage[3]; /* 0A0 */
- ULONG QuotaPeak[3]; /* 0AC */
- ULONG CommitCharge; /* 0B8 */
- ULONG PeakVirtualSize; /* 0BC */
- ULONG VirtualSize; /* 0C0 */
- LIST_ENTRY SessionProcessLinks; /* 0C4 */
- PVOID DebugPort; /* 0CC */
- PVOID ExceptionPort; /* 0D0 */
- PHANDLE_TABLE ObjectTable; /* 0D4 */
- EX_FAST_REF Token; /* 0D8 */
- ULONG WorkingSetPage; /* 0DC */
- KGUARDED_MUTEX AddressCreationLock; /* 0E0 */
- KSPIN_LOCK HyperSpaceLock; /* 100 */
- PETHREAD ForkInProgress; /* 104 */
- ULONG HardwareTrigger; /* 108 */
- MM_AVL_TABLE PhysicalVadroot; /* 10C */
- PVOID CloneRoot; /* 110 */
- ULONG NumberOfPrivatePages; /* 114 */
- ULONG NumberOfLockedPages; /* 118 */
- PVOID *Win32Process; /* 11C */
- struct _EJOB *Job; /* 120 */
- PVOID SectionObject; /* 124 */
- PVOID SectionBaseAddress; /* 128 */
- PEPROCESS_QUOTA_BLOCK QuotaBlock; /* 12C */
- PPAGEFAULT_HISTORY WorkingSetWatch; /* 130 */
- PVOID Win32WindowStation; /* 134 */
- HANDLE InheritedFromUniqueProcessId; /* 138 */
- PVOID LdtInformation; /* 13C */
- PVOID VadFreeHint; /* 140 */
- PVOID VdmObjects; /* 144 */
- PVOID DeviceMap; /* 148 */
- PVOID Spare0[3]; /* 14C */
+ KPROCESS Pcb;
+ EX_PUSH_LOCK ProcessLock;
+ LARGE_INTEGER CreateTime;
+ LARGE_INTEGER ExitTime;
+ EX_RUNDOWN_REF RundownProtect;
+ HANDLE UniqueProcessId;
+ LIST_ENTRY ActiveProcessLinks;
+ ULONG QuotaUsage[3]; /* 0=PagedPool, 1=NonPagedPool, 2=Pagefile */
+ ULONG QuotaPeak[3]; /* ditto */
+ ULONG CommitCharge;
+ ULONG PeakVirtualSize;
+ ULONG VirtualSize;
+ LIST_ENTRY SessionProcessLinks;
+ PVOID DebugPort;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ union
+ {
+ PVOID ExceptionPortData;
+ ULONG ExceptionPortValue;
+ UCHAR ExceptionPortState:3;
+ };
+#else
+ PVOID ExceptionPort;
+#endif
+ PHANDLE_TABLE ObjectTable;
+ EX_FAST_REF Token;
+ ULONG WorkingSetPage;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ EX_PUSH_LOCK AddressCreationLock;
+ PETHREAD RotateInProgress;
+#else
+ KGUARDED_MUTEX AddressCreationLock;
+ KSPIN_LOCK HyperSpaceLock;
+#endif
+ PETHREAD ForkInProgress;
+ ULONG HardwareTrigger;
+ PMM_AVL_TABLE PhysicalVadRoot;
+ PVOID CloneRoot;
+ ULONG NumberOfPrivatePages;
+ ULONG NumberOfLockedPages;
+ PVOID *Win32Process;
+ struct _EJOB *Job;
+ PVOID SectionObject;
+ PVOID SectionBaseAddress;
+ PEPROCESS_QUOTA_BLOCK QuotaBlock;
+ PPAGEFAULT_HISTORY WorkingSetWatch;
+ PVOID Win32WindowStation;
+ HANDLE InheritedFromUniqueProcessId;
+ PVOID LdtInformation;
+ PVOID VadFreeHint;
+ PVOID VdmObjects;
+ PVOID DeviceMap;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ PVOID EtwDataSource;
+ PVOID FreeTebHint;
+#else
+ PVOID Spare0[3];
+#endif
union
{
- HARDWARE_PTE_X86 PagedirectoryPte; /* 158 */
- ULONGLONG Filler; /* 158 */
+ HARDWARE_PTE PageDirectoryPte;
+ ULONGLONG Filler;
};
- ULONG Session; /* 160 */
- CHAR ImageFileName[16]; /* 164 */
- LIST_ENTRY JobLinks; /* 174 */
- PVOID LockedPagesList; /* 17C */
- LIST_ENTRY ThreadListHead; /* 184 */
- PVOID SecurityPort; /* 188 */
- PVOID PaeTop; /* 18C */
- ULONG ActiveThreds; /* 190 */
- ACCESS_MASK GrantedAccess; /* 194 */
- ULONG DefaultHardErrorProcessing; /* 198 */
- NTSTATUS LastThreadExitStatus; /* 19C */
- struct _PEB* Peb; /* 1A0 */
- EX_FAST_REF PrefetchTrace; /* 1A4 */
- LARGE_INTEGER ReadOperationCount; /* 1A8 */
- LARGE_INTEGER WriteOperationCount; /* 1B0 */
- LARGE_INTEGER OtherOperationCount; /* 1B8 */
- LARGE_INTEGER ReadTransferCount; /* 1C0 */
- LARGE_INTEGER WriteTransferCount; /* 1C8 */
- LARGE_INTEGER OtherTransferCount; /* 1D0 */
- ULONG CommitChargeLimit; /* 1D8 */
- ULONG CommitChargePeak; /* 1DC */
- PVOID AweInfo; /* 1E0 */
- SE_AUDIT_PROCESS_CREATION_INFO SeAuditProcessCreationInfo; /* 1E4 */
- MMSUPPORT Vm; /* 1E8 */
- LIST_ENTRY MmProcessLinks; /* 230 */
- ULONG ModifiedPageCount; /* 238 */
- ULONG JobStatus; /* 23C */
+ ULONG Session;
+ CHAR ImageFileName[16];
+ LIST_ENTRY JobLinks;
+ PVOID LockedPagesList;
+ LIST_ENTRY ThreadListHead;
+ PVOID SecurityPort;
+ PVOID PaeTop;
+ ULONG ActiveThreads;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ ULONG ImagePathHash;
+#else
+ ACCESS_MASK GrantedAccess;
+#endif
+ ULONG DefaultHardErrorProcessing;
+ NTSTATUS LastThreadExitStatus;
+ struct _PEB* Peb;
+ EX_FAST_REF PrefetchTrace;
+ LARGE_INTEGER ReadOperationCount;
+ LARGE_INTEGER WriteOperationCount;
+ LARGE_INTEGER OtherOperationCount;
+ LARGE_INTEGER ReadTransferCount;
+ LARGE_INTEGER WriteTransferCount;
+ LARGE_INTEGER OtherTransferCount;
+ ULONG CommitChargeLimit;
+ ULONG CommitChargePeak;
+ PVOID AweInfo;
+ SE_AUDIT_PROCESS_CREATION_INFO SeAuditProcessCreationInfo;
+ MMSUPPORT Vm;
+ LIST_ENTRY MmProcessLinks;
+ ULONG ModifiedPageCount;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
union
{
struct
{
- ULONG CreateReported:1;
- ULONG NoDebugInherit:1;
- ULONG ProcessExiting:1;
- ULONG ProcessDelete:1;
- ULONG Wow64SplitPages:1;
- ULONG VmDeleted:1;
- ULONG OutswapEnabled:1;
- ULONG Outswapped:1;
- ULONG ForkFailed:1;
- ULONG Wow64VaSpace4Gb:1;
- ULONG AddressSpaceInitialized:2;
- ULONG SetTimerResolution:1;
- ULONG BreakOnTermination:1;
- ULONG SessionCreationUnderway:1;
- ULONG WriteWatch:1;
- ULONG ProcessInSession:1;
- ULONG OverrideAddressSpace:1;
- ULONG HasAddressSpace:1;
- ULONG LaunchPrefetched:1;
- ULONG InjectInpageErrors:1;
- ULONG VmTopDown:1;
- ULONG ImageNotifyDone:1;
- ULONG PdeUpdateNeeded:1;
- ULONG VdmAllowed:1;
- ULONG SmapAllowed:1;
- ULONG CreateFailed:1;
- ULONG DefaultIoPriority:3;
- ULONG Spare1:1;
- ULONG Spare2:1;
+ ULONG JobNotReallyActive:1;
+ ULONG AccountingFolded:1;
+ ULONG NewProcessReported:1;
+ ULONG ExitProcessReported:1;
+ ULONG ReportCommitChanges:1;
+ ULONG LastReportMemory:1;
+ ULONG ReportPhysicalPageChanges:1;
+ ULONG HandleTableRundown:1;
+ ULONG NeedsHandleRundown:1;
+ ULONG RefTraceEnabled:1;
+ ULONG NumaAware:1;
+ ULONG ProtectedProcess:1;
+ ULONG DefaultPagePriority:3;
+ ULONG ProcessDeleteSelf:1;
+ ULONG ProcessVerifierTarget:1;
};
- ULONG Flags; /* 240 */
+ ULONG Flags2;
};
-
- NTSTATUS ExitStatus; /* 244 */
- USHORT NextPageColor; /* 248 */
+#else
+ ULONG JobStatus;
+#endif
+ union
+ {
+ struct
+ {
+ ULONG CreateReported:1;
+ ULONG NoDebugInherit:1;
+ ULONG ProcessExiting:1;
+ ULONG ProcessDelete:1;
+ ULONG Wow64SplitPages:1;
+ ULONG VmDeleted:1;
+ ULONG OutswapEnabled:1;
+ ULONG Outswapped:1;
+ ULONG ForkFailed:1;
+ ULONG Wow64VaSpace4Gb:1;
+ ULONG AddressSpaceInitialized:2;
+ ULONG SetTimerResolution:1;
+ ULONG BreakOnTermination:1;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ ULONG DeprioritizeViews:1;
+#else
+ ULONG SessionCreationUnderway:1;
+#endif
+ ULONG WriteWatch:1;
+ ULONG ProcessInSession:1;
+ ULONG OverrideAddressSpace:1;
+ ULONG HasAddressSpace:1;
+ ULONG LaunchPrefetched:1;
+ ULONG InjectInpageErrors:1;
+ ULONG VmTopDown:1;
+ ULONG ImageNotifyDone:1;
+ ULONG PdeUpdateNeeded:1;
+ ULONG VdmAllowed:1;
+ ULONG SmapAllowed:1;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ ULONG ProcessInserted:1;
+#else
+ ULONG CreateFailed:1;
+#endif
+ ULONG DefaultIoPriority:3;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ ULONG SparePsFlags1:2;
+#else
+ ULONG Spare1:1;
+ ULONG Spare2:1;
+#endif
+ };
+ ULONG Flags;
+ };
+ NTSTATUS ExitStatus;
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+ USHORT Spare7;
+#else
+ USHORT NextPageColor;
+#endif
union
{
struct
{
- UCHAR SubSystemMinorVersion; /* 24A */
- UCHAR SubSystemMajorVersion; /* 24B */
+ UCHAR SubSystemMinorVersion;
+ UCHAR SubSystemMajorVersion;
};
- USHORT SubSystemVersion; /* 24A */
+ USHORT SubSystemVersion;
};
- UCHAR PriorityClass; /* 24C */
- MM_AVL_TABLE VadRoot; /* 250 */
- ULONG Cookie; /* 270 */
-
-/***************************************************************
- * REACTOS SPECIFIC START
- ***************************************************************/
- /* FIXME WILL BE DEPRECATED WITH PUSHLOCK SUPPORT IN 0.3.0 */
- KEVENT LockEvent; /* 274 */
- ULONG LockCount; /* 284 */
- struct _KTHREAD *LockOwner; /* 288 */
-
- /* FIXME MOVE TO AVL TREES */
- MADDRESS_SPACE AddressSpace; /* 28C */
+ UCHAR PriorityClass;
+ MM_AVL_TABLE VadRoot;
+ ULONG Cookie;
} EPROCESS;
-#include <poppack.h>
+//
+// Job Token Filter Data
+//
#include <pshpack1.h>
typedef struct _PS_JOB_TOKEN_FILTER
{
- UINT CapturedSidCount;
+ ULONG CapturedSidCount;
PSID_AND_ATTRIBUTES CapturedSids;
- UINT CapturedSidsLength;
- UINT CapturedGroupCount;
+ ULONG CapturedSidsLength;
+ ULONG CapturedGroupCount;
PSID_AND_ATTRIBUTES CapturedGroups;
- UINT CapturedGroupsLength;
- UINT CapturedPrivilegeCount;
+ ULONG CapturedGroupsLength;
+ ULONG CapturedPrivilegeCount;
PLUID_AND_ATTRIBUTES CapturedPrivileges;
- UINT CapturedPrivilegesLength;
+ ULONG CapturedPrivilegesLength;
} PS_JOB_TOKEN_FILTER, *PPS_JOB_TOKEN_FILTER;
+//
+// Executive Job (EJOB)
+//
typedef struct _EJOB
{
KEVENT Event;
LARGE_INTEGER TotalKernelTime;
LARGE_INTEGER ThisPeriodTotalUserTime;
LARGE_INTEGER ThisPeriodTotalKernelTime;
- UINT TotalPageFaultCount;
- UINT TotalProcesses;
- UINT ActiveProcesses;
- UINT TotalTerminatedProcesses;
+ ULONG TotalPageFaultCount;
+ ULONG TotalProcesses;
+ ULONG ActiveProcesses;
+ ULONG TotalTerminatedProcesses;
LARGE_INTEGER PerProcessUserTimeLimit;
LARGE_INTEGER PerJobUserTimeLimit;
- UINT LimitFlags;
- UINT MinimumWorkingSetSize;
- UINT MaximumWorkingSetSize;
- UINT ActiveProcessLimit;
- UINT Affinity;
- BYTE PriorityClass;
- UINT UIRestrictionsClass;
- UINT SecurityLimitFlags;
+ ULONG LimitFlags;
+ ULONG MinimumWorkingSetSize;
+ ULONG MaximumWorkingSetSize;
+ ULONG ActiveProcessLimit;
+ ULONG Affinity;
+ UCHAR PriorityClass;
+ ULONG UIRestrictionsClass;
+ ULONG SecurityLimitFlags;
PVOID Token;
PPS_JOB_TOKEN_FILTER Filter;
- UINT EndOfJobTimeAction;
+ ULONG EndOfJobTimeAction;
PVOID CompletionPort;
PVOID CompletionKey;
- UINT SessionId;
- UINT SchedulingClass;
+ ULONG SessionId;
+ ULONG SchedulingClass;
ULONGLONG ReadOperationCount;
ULONGLONG WriteOperationCount;
ULONGLONG OtherOperationCount;
ULONGLONG WriteTransferCount;
ULONGLONG OtherTransferCount;
IO_COUNTERS IoInfo;
- UINT ProcessMemoryLimit;
- UINT JobMemoryLimit;
- UINT PeakProcessMemoryUsed;
- UINT PeakJobMemoryUsed;
- UINT CurrentJobMemoryUsed;
+ ULONG ProcessMemoryLimit;
+ ULONG JobMemoryLimit;
+ ULONG PeakProcessMemoryUsed;
+ ULONG PeakJobMemoryUsed;
+ ULONG CurrentJobMemoryUsed;
+#if (NTDDI_VERSION >= NTDDI_WINXP) && (NTDDI_VERSION < NTDDI_WS03)
+ FAST_MUTEX MemoryLimitsLock;
+#elif (NTDDI_VERSION >= NTDDI_WS03) && (NTDDI_VERSION < NTDDI_LONGHORN)
KGUARDED_MUTEX MemoryLimitsLock;
+#elif (NTDDI_VERSION >= NTDDI_LONGHORN)
+ EX_PUSH_LOCK MemoryLimitsLock;
+#endif
+ LIST_ENTRY JobSetLinks;
ULONG MemberLevel;
ULONG JobFlags;
} EJOB, *PEJOB;
#include <poppack.h>
-typedef struct _W32_CALLOUT_DATA
+//
+// Win32K Callback Registration Data
+//
+typedef struct _WIN32_POWEREVENT_PARAMETERS
{
- PW32_PROCESS_CALLBACK W32ProcessCallout;
- PW32_THREAD_CALLBACK W32ThreadCallout;
- PVOID UserGlobalAtomTableCallout;
- PVOID UserPowerEventCallout;
- PVOID UserPowerStateCallout;
- PVOID UserJobCallout;
- PVOID NtGdiUserFlushUserBatch;
- OB_OPEN_METHOD DesktopOpen;
- PVOID DesktopUnmap;
- OB_DELETE_METHOD DesktopDelete;
- OB_OKAYTOCLOSE_METHOD WinstaOkayToClose;
- OB_DELETE_METHOD WinStaDelete;
- OB_PARSE_METHOD WinStaParse;
- OB_OPEN_METHOD WinStaOpen;
-
- /* FIXME: These are ROS-ONLY and are fixed in a future local patch */
- OB_FIND_METHOD WinStaFind;
- OB_OPEN_METHOD WinStaCreate;
- OB_CREATE_METHOD DesktopCreate;
-} W32_CALLOUT_DATA, *PW32_CALLOUT_DATA;
+ PSPOWEREVENTTYPE EventNumber;
+ ULONG Code;
+} WIN32_POWEREVENT_PARAMETERS, *PWIN32_POWEREVENT_PARAMETERS;
-#endif
+typedef struct _WIN32_POWERSTATE_PARAMETERS
+{
+ UCHAR Promotion;
+ POWER_ACTION SystemAction;
+ SYSTEM_POWER_STATE MinSystemState;
+ ULONG Flags;
+ POWERSTATETASK PowerStateTask;
+} WIN32_POWERSTATE_PARAMETERS, *PWIN32_POWERSTATE_PARAMETERS;
-#endif
+typedef struct _WIN32_JOBCALLOUT_PARAMETERS
+{
+ PVOID Job;
+ PSW32JOBCALLOUTTYPE CalloutType;
+ PVOID Data;
+} WIN32_JOBCALLOUT_PARAMETERS, *PWIN32_JOBCALLOUT_PARAMETERS;
+
+typedef struct _WIN32_OPENMETHOD_PARAMETERS
+{
+ OB_OPEN_REASON OpenReason;
+ PEPROCESS Process;
+ PVOID Object;
+ ULONG GrantedAccess;
+ ULONG HandleCount;
+} WIN32_OPENMETHOD_PARAMETERS, *PWIN32_OPENMETHOD_PARAMETERS;
+
+typedef struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS
+{
+ PEPROCESS Process;
+ PVOID Object;
+ HANDLE Handle;
+ KPROCESSOR_MODE PreviousMode;
+} WIN32_OKAYTOCLOSEMETHOD_PARAMETERS, *PWIN32_OKAYTOCLOSEMETHOD_PARAMETERS;
+
+typedef struct _WIN32_CLOSEMETHOD_PARAMETERS
+{
+ PEPROCESS Process;
+ PVOID Object;
+ ACCESS_MASK AccessMask;
+ ULONG ProcessHandleCount;
+ ULONG SystemHandleCount;
+} WIN32_CLOSEMETHOD_PARAMETERS, *PWIN32_CLOSEMETHOD_PARAMETERS;
+
+typedef struct _WIN32_DELETEMETHOD_PARAMETERS
+{
+ PVOID Object;
+} WIN32_DELETEMETHOD_PARAMETERS, *PWIN32_DELETEMETHOD_PARAMETERS;
+
+typedef struct _WIN32_PARSEMETHOD_PARAMETERS
+{
+ PVOID ParseObject;
+ PVOID ObjectType;
+ PACCESS_STATE AccessState;
+ KPROCESSOR_MODE AccessMode;
+ ULONG Attributes;
+ OUT PUNICODE_STRING CompleteName;
+ PUNICODE_STRING RemainingName;
+ PVOID Context;
+ PSECURITY_QUALITY_OF_SERVICE SecurityQos;
+ PVOID *Object;
+} WIN32_PARSEMETHOD_PARAMETERS, *PWIN32_PARSEMETHOD_PARAMETERS;
+
+typedef struct _WIN32_CALLOUTS_FPNS
+{
+ PKWIN32_PROCESS_CALLOUT ProcessCallout;
+ PKWIN32_THREAD_CALLOUT ThreadCallout;
+ PKWIN32_GLOBALATOMTABLE_CALLOUT GlobalAtomTableCallout;
+ PKWIN32_POWEREVENT_CALLOUT PowerEventCallout;
+ PKWIN32_POWERSTATE_CALLOUT PowerStateCallout;
+ PKWIN32_JOB_CALLOUT JobCallout;
+ PGDI_BATCHFLUSH_ROUTINE BatchFlushRoutine;
+ PKWIN32_OPENMETHOD_CALLOUT DesktopOpenProcedure;
+ PKWIN32_OKTOCLOSEMETHOD_CALLOUT DesktopOkToCloseProcedure;
+ PKWIN32_CLOSEMETHOD_CALLOUT DesktopCloseProcedure;
+ PKWIN32_DELETEMETHOD_CALLOUT DesktopDeleteProcedure;
+ PKWIN32_OKTOCLOSEMETHOD_CALLOUT WindowStationOkToCloseProcedure;
+ PKWIN32_CLOSEMETHOD_CALLOUT WindowStationCloseProcedure;
+ PKWIN32_DELETEMETHOD_CALLOUT WindowStationDeleteProcedure;
+ PKWIN32_PARSEMETHOD_CALLOUT WindowStationParseProcedure;
+ PKWIN32_OPENMETHOD_CALLOUT WindowStationOpenProcedure;
+ PKWIN32_WIN32DATACOLLECTION_CALLOUT Win32DataCollectionProcedure;
+} WIN32_CALLOUTS_FPNS, *PWIN32_CALLOUTS_FPNS;
+
+#endif // !NTOS_MODE_USER
+
+#endif // _PSTYPES_H