Data Structures |
| struct | PPEB_FREE_BLOCK |
| struct | PINITIAL_PEB |
| struct | PINITIAL_TEB |
| struct | PTEB_ACTIVE_FRAME_CONTEXT |
| struct | PTEB_ACTIVE_FRAME |
| struct | PCLIENT_ID32 |
| struct | PCLIENT_ID64 |
| struct | PPROCESS_PRIORITY_CLASS |
| struct | PPROCESS_FOREGROUND_BACKGROUND |
| struct | PTHREAD_BASIC_INFORMATION |
| struct | PJOB_SET_ARRAY |
| struct | PEPROCESS_QUOTA_ENTRY |
| struct | PEPROCESS_QUOTA_BLOCK |
| struct | PPAGEFAULT_HISTORY |
| struct | PPS_IMPERSONATION_INFORMATION |
| struct | PTERMINATION_PORT |
| struct | PPSP_RATE_APC |
| struct | ETHREAD |
| struct | EPROCESS |
| struct | PPS_JOB_TOKEN_FILTER |
| struct | PEJOB |
| struct | PWIN32_POWEREVENT_PARAMETERS |
| struct | PWIN32_POWERSTATE_PARAMETERS |
| struct | PWIN32_JOBCALLOUT_PARAMETERS |
| struct | PWIN32_OPENMETHOD_PARAMETERS |
| struct | PWIN32_OKAYTOCLOSEMETHOD_PARAMETERS |
| struct | PWIN32_CLOSEMETHOD_PARAMETERS |
| struct | PWIN32_DELETEMETHOD_PARAMETERS |
| struct | PWIN32_PARSEMETHOD_PARAMETERS |
| struct | PWIN32_CALLOUTS_FPNS |
Defines |
| #define | USER_SHARED_DATA (0x7FFE0000) |
| #define | FLG_STOP_ON_EXCEPTION 0x00000001 |
| #define | FLG_SHOW_LDR_SNAPS 0x00000002 |
| #define | FLG_DEBUG_INITIAL_COMMAND 0x00000004 |
| #define | FLG_STOP_ON_HUNG_GUI 0x00000008 |
| #define | FLG_HEAP_ENABLE_TAIL_CHECK 0x00000010 |
| #define | FLG_HEAP_ENABLE_FREE_CHECK 0x00000020 |
| #define | FLG_HEAP_VALIDATE_PARAMETERS 0x00000040 |
| #define | FLG_HEAP_VALIDATE_ALL 0x00000080 |
| #define | FLG_POOL_ENABLE_TAIL_CHECK 0x00000100 |
| #define | FLG_POOL_ENABLE_FREE_CHECK 0x00000200 |
| #define | FLG_POOL_ENABLE_TAGGING 0x00000400 |
| #define | FLG_HEAP_ENABLE_TAGGING 0x00000800 |
| #define | FLG_USER_STACK_TRACE_DB 0x00001000 |
| #define | FLG_KERNEL_STACK_TRACE_DB 0x00002000 |
| #define | FLG_MAINTAIN_OBJECT_TYPELIST 0x00004000 |
| #define | FLG_HEAP_ENABLE_TAG_BY_DLL 0x00008000 |
| #define | FLG_IGNORE_DEBUG_PRIV 0x00010000 |
| #define | FLG_ENABLE_CSRDEBUG 0x00020000 |
| #define | FLG_ENABLE_KDEBUG_SYMBOL_LOAD 0x00040000 |
| #define | FLG_DISABLE_PAGE_KERNEL_STACKS 0x00080000 |
| #define | FLG_ENABLE_SYSTEM_CRIT_BREAKS 0x00100000 |
| #define | FLG_HEAP_DISABLE_COALESCING 0x00200000 |
| #define | FLG_ENABLE_CLOSE_EXCEPTIONS 0x00400000 |
| #define | FLG_ENABLE_EXCEPTION_LOGGING 0x00800000 |
| #define | FLG_ENABLE_HANDLE_TYPE_TAGGING 0x01000000 |
| #define | FLG_HEAP_PAGE_ALLOCS 0x02000000 |
| #define | FLG_DEBUG_INITIAL_COMMAND_EX 0x04000000 |
| #define | FLG_VALID_BITS 0x07FFFFFF |
| #define | PROCESS_CREATE_FLAGS_BREAKAWAY 0x00000001 |
| #define | PROCESS_CREATE_FLAGS_NO_DEBUG_INHERIT 0x00000002 |
| #define | PROCESS_CREATE_FLAGS_INHERIT_HANDLES 0x00000004 |
| #define | PROCESS_CREATE_FLAGS_OVERRIDE_ADDRESS_SPACE 0x00000008 |
| #define | PROCESS_CREATE_FLAGS_LARGE_PAGES 0x00000010 |
| #define | PROCESS_PRIORITY_CLASS_INVALID 0 |
| #define | PROCESS_PRIORITY_CLASS_IDLE 1 |
| #define | PROCESS_PRIORITY_CLASS_NORMAL 2 |
| #define | PROCESS_PRIORITY_CLASS_HIGH 3 |
| #define | PROCESS_PRIORITY_CLASS_REALTIME 4 |
| #define | PROCESS_PRIORITY_CLASS_BELOW_NORMAL 5 |
| #define | PROCESS_PRIORITY_CLASS_ABOVE_NORMAL 6 |
| #define | PS_REQUEST_BREAKAWAY 1 |
| #define | PS_NO_DEBUG_INHERIT 2 |
| #define | PS_INHERIT_HANDLES 4 |
| #define | PS_LARGE_PAGES 8 |
| #define | PS_ALL_FLAGS |
| #define | PROCESS_PRIORITY_IDLE 3 |
| #define | PROCESS_PRIORITY_NORMAL 8 |
| #define | PROCESS_PRIORITY_NORMAL_FOREGROUND 9 |
| #define | MEMORY_PRIORITY_BACKGROUND 0 |
| #define | MEMORY_PRIORITY_UNKNOWN 1 |
| #define | MEMORY_PRIORITY_FOREGROUND 2 |
| #define | PSP_VARIABLE_QUANTUMS 4 |
| #define | PSP_LONG_QUANTUMS 16 |
| #define | THREAD_QUERY_INFORMATION 0x0040 |
| #define | THREAD_SET_THREAD_TOKEN 0x0080 |
| #define | THREAD_IMPERSONATE 0x0100 |
| #define | THREAD_DIRECT_IMPERSONATION 0x0200 |
| #define | PROCESS_TERMINATE 0x0001 |
| #define | PROCESS_CREATE_THREAD 0x0002 |
| #define | PROCESS_SET_SESSIONID 0x0004 |
| #define | PROCESS_VM_OPERATION 0x0008 |
| #define | PROCESS_VM_READ 0x0010 |
| #define | PROCESS_VM_WRITE 0x0020 |
| #define | PROCESS_CREATE_PROCESS 0x0080 |
| #define | PROCESS_SET_QUOTA 0x0100 |
| #define | PROCESS_SET_INFORMATION 0x0200 |
| #define | PROCESS_QUERY_INFORMATION 0x0400 |
| #define | PROCESS_SUSPEND_RESUME 0x0800 |
| #define | PROCESS_QUERY_LIMITED_INFORMATION 0x1000 |
| #define | PROCESS_ALL_ACCESS |
| #define | THREAD_BASE_PRIORITY_LOWRT 15 |
| #define | THREAD_BASE_PRIORITY_MAX 2 |
| #define | THREAD_BASE_PRIORITY_MIN -2 |
| #define | THREAD_BASE_PRIORITY_IDLE -15 |
| #define | TLS_MINIMUM_AVAILABLE 64 |
| #define | JOB_OBJECT_ASSIGN_PROCESS 0x1 |
| #define | JOB_OBJECT_SET_ATTRIBUTES 0x2 |
| #define | JOB_OBJECT_QUERY 0x4 |
| #define | JOB_OBJECT_TERMINATE 0x8 |
| #define | JOB_OBJECT_SET_SECURITY_ATTRIBUTES 0x10 |
| #define | JOB_OBJECT_ALL_ACCESS |
| #define | JOB_OBJECT_LIMIT_WORKINGSET 0x1 |
| #define | JOB_OBJECT_LIMIT_PROCESS_TIME 0x2 |
| #define | JOB_OBJECT_LIMIT_JOB_TIME 0x4 |
| #define | JOB_OBJECT_LIMIT_ACTIVE_PROCESS 0x8 |
| #define | JOB_OBJECT_LIMIT_AFFINITY 0x10 |
| #define | JOB_OBJECT_LIMIT_PRIORITY_CLASS 0x20 |
| #define | JOB_OBJECT_LIMIT_PRESERVE_JOB_TIME 0x40 |
| #define | JOB_OBJECT_LIMIT_SCHEDULING_CLASS 0x80 |
| #define | JOB_OBJECT_LIMIT_PROCESS_MEMORY 0x100 |
| #define | JOB_OBJECT_LIMIT_JOB_MEMORY 0x200 |
| #define | JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION 0x400 |
| #define | JOB_OBJECT_LIMIT_BREAKAWAY_OK 0x800 |
| #define | JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK 0x1000 |
| #define | JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE 0x2000 |
| #define | CT_TERMINATED_BIT 0x1 |
| #define | CT_DEAD_THREAD_BIT 0x2 |
| #define | CT_HIDE_FROM_DEBUGGER_BIT 0x4 |
| #define | CT_ACTIVE_IMPERSONATION_INFO_BIT 0x8 |
| #define | CT_SYSTEM_THREAD_BIT 0x10 |
| #define | CT_HARD_ERRORS_ARE_DISABLED_BIT 0x20 |
| #define | CT_BREAK_ON_TERMINATION_BIT 0x40 |
| #define | CT_SKIP_CREATION_MSG_BIT 0x80 |
| #define | CT_SKIP_TERMINATION_MSG_BIT 0x100 |
| #define | STP_ACTIVE_EX_WORKER_BIT 0x1 |
| #define | STP_EX_WORKER_CAN_WAIT_USER_BIT 0x2 |
| #define | STP_MEMORY_MAKER_BIT 0x4 |
| #define | STP_KEYED_EVENT_IN_USE_BIT 0x8 |
| #define | STA_LPC_RECEIVED_MSG_ID_VALID_BIT 0x1 |
| #define | STA_LPC_EXIT_THREAD_CALLED_BIT 0x2 |
| #define | STA_ADDRESS_SPACE_OWNER_BIT 0x4 |
| #define | STA_OWNS_WORKING_SET_BITS 0x1F8 |
| #define | KPSF_AUTO_ALIGNMENT_BIT 0 |
| #define | KPSF_DISABLE_BOOST_BIT 1 |
| #define | PSF_CREATE_REPORTED_BIT 0x1 |
| #define | PSF_NO_DEBUG_INHERIT_BIT 0x2 |
| #define | PSF_PROCESS_EXITING_BIT 0x4 |
| #define | PSF_PROCESS_DELETE_BIT 0x8 |
| #define | PSF_WOW64_SPLIT_PAGES_BIT 0x10 |
| #define | PSF_VM_DELETED_BIT 0x20 |
| #define | PSF_OUTSWAP_ENABLED_BIT 0x40 |
| #define | PSF_OUTSWAPPED_BIT 0x80 |
| #define | PSF_FORK_FAILED_BIT 0x100 |
| #define | PSF_WOW64_VA_SPACE_4GB_BIT 0x200 |
| #define | PSF_ADDRESS_SPACE_INITIALIZED_BIT 0x400 |
| #define | PSF_SET_TIMER_RESOLUTION_BIT 0x1000 |
| #define | PSF_BREAK_ON_TERMINATION_BIT 0x2000 |
| #define | PSF_SESSION_CREATION_UNDERWAY_BIT 0x4000 |
| #define | PSF_WRITE_WATCH_BIT 0x8000 |
| #define | PSF_PROCESS_IN_SESSION_BIT 0x10000 |
| #define | PSF_OVERRIDE_ADDRESS_SPACE_BIT 0x20000 |
| #define | PSF_HAS_ADDRESS_SPACE_BIT 0x40000 |
| #define | PSF_LAUNCH_PREFETCHED_BIT 0x80000 |
| #define | PSF_INJECT_INPAGE_ERRORS_BIT 0x100000 |
| #define | PSF_VM_TOP_DOWN_BIT 0x200000 |
| #define | PSF_IMAGE_NOTIFY_DONE_BIT 0x400000 |
| #define | PSF_PDE_UPDATE_NEEDED_BIT 0x800000 |
| #define | PSF_VDM_ALLOWED_BIT 0x1000000 |
| #define | PSF_SWAP_ALLOWED_BIT 0x2000000 |
| #define | PSF_CREATE_FAILED_BIT 0x4000000 |
| #define | PSF_DEFAULT_IO_PRIORITY_BIT 0x8000000 |
| #define | PSF2_PROTECTED_BIT 0x800 |
| #define | TLS_EXPANSION_SLOTS 1024 |
Typedefs |
| typedef BOOLEAN | Create |
| typedef NTSTATUS(NTAPI * | PKWIN32_THREAD_CALLOUT )(struct _ETHREAD *Thread, PSW32THREADCALLOUTTYPE Type) |
| typedef NTSTATUS(NTAPI * | PKWIN32_GLOBALATOMTABLE_CALLOUT )(VOID) |
| typedef NTSTATUS(NTAPI * | PKWIN32_POWEREVENT_CALLOUT )(struct _WIN32_POWEREVENT_PARAMETERS *Parameters) |
| typedef NTSTATUS(NTAPI * | PKWIN32_POWERSTATE_CALLOUT )(struct _WIN32_POWERSTATE_PARAMETERS *Parameters) |
| typedef NTSTATUS(NTAPI * | PKWIN32_JOB_CALLOUT )(struct _WIN32_JOBCALLOUT_PARAMETERS *Parameters) |
| typedef NTSTATUS(NTAPI * | PGDI_BATCHFLUSH_ROUTINE )(VOID) |
| typedef NTSTATUS(NTAPI * | PKWIN32_OPENMETHOD_CALLOUT )(struct _WIN32_OPENMETHOD_PARAMETERS *Parameters) |
| typedef NTSTATUS(NTAPI * | PKWIN32_OKTOCLOSEMETHOD_CALLOUT )(struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS *Parameters) |
| typedef NTSTATUS(NTAPI * | PKWIN32_CLOSEMETHOD_CALLOUT )(struct _WIN32_CLOSEMETHOD_PARAMETERS *Parameters) |
| typedef VOID(NTAPI * | PKWIN32_DELETEMETHOD_CALLOUT )(struct _WIN32_DELETEMETHOD_PARAMETERS *Parameters) |
| typedef NTSTATUS(NTAPI * | PKWIN32_PARSEMETHOD_CALLOUT )(struct _WIN32_PARSEMETHOD_PARAMETERS *Parameters) |
| typedef NTSTATUS(NTAPI * | PKWIN32_WIN32DATACOLLECTION_CALLOUT )(struct _EPROCESS *Process, PVOID Callback, PVOID Context) |
| typedef VOID(NTAPI * | PLEGO_NOTIFY_ROUTINE )(IN PKTHREAD Thread) |
| typedef NTSTATUS(NTAPI * | PPOST_PROCESS_INIT_ROUTINE )(VOID) |
| typedef VOID(NTAPI * | PPEBLOCKROUTINE )(PVOID PebLock) |
Enumerations |
| enum | PSPROCESSPRIORITYMODE { PsProcessPriorityForeground,
PsProcessPriorityBackground,
PsProcessPrioritySpinning
} |
| enum | JOBOBJECTINFOCLASS {
JobObjectBasicAccountingInformation = 1,
JobObjectBasicLimitInformation,
JobObjectBasicProcessIdList,
JobObjectBasicUIRestrictions,
JobObjectSecurityLimitInformation,
JobObjectEndOfJobTimeInformation,
JobObjectAssociateCompletionPortInformation,
JobObjectBasicAndIoAccountingInformation,
JobObjectExtendedLimitInformation,
JobObjectJobSetInformation,
MaxJobObjectInfoClass,
JobObjectBasicAccountingInformation = 1,
JobObjectBasicLimitInformation,
JobObjectBasicProcessIdList,
JobObjectBasicUIRestrictions,
JobObjectSecurityLimitInformation,
JobObjectEndOfJobTimeInformation,
JobObjectAssociateCompletionPortInformation,
JobObjectBasicAndIoAccountingInformation,
JobObjectExtendedLimitInformation,
JobObjectJobSetInformation,
JobObjectGroupInformation,
MaxJobObjectInfoClass
} |
| enum | PSPOWEREVENTTYPE {
PsW32FullWake = 0,
PsW32EventCode = 1,
PsW32PowerPolicyChanged = 2,
PsW32SystemPowerState = 3,
PsW32SystemTime = 4,
PsW32DisplayState = 5,
PsW32CapabilitiesChanged = 6,
PsW32SetStateFailed = 7,
PsW32GdiOff = 8,
PsW32GdiOn = 9,
PsW32GdiPrepareResumeUI = 10,
PsW32GdiOffRequest = 11,
PsW32MonitorOff = 12
} |
| enum | POWERSTATETASK {
PowerState_BlockSessionSwitch = 0,
PowerState_Init = 1,
PowerState_QueryApps = 2,
PowerState_QueryServices = 3,
PowerState_QueryAppsFailed = 4,
PowerState_QueryServicesFailed = 5,
PowerState_SuspendApps = 6,
PowerState_SuspendServices = 7,
PowerState_ShowUI = 8,
PowerState_NotifyWL = 9,
PowerState_ResumeApps = 10,
PowerState_ResumeServices = 11,
PowerState_UnBlockSessionSwitch = 12,
PowerState_End = 13,
PowerState_BlockInput = 14,
PowerState_UnblockInput = 15
} |
| enum | PSW32JOBCALLOUTTYPE { PsW32JobCalloutSetInformation = 0,
PsW32JobCalloutAddProcess = 1,
PsW32JobCalloutTerminate = 2
} |
| enum | PSW32THREADCALLOUTTYPE { PsW32ThreadCalloutInitialize,
PsW32ThreadCalloutExit
} |
Functions |
| typedef | NTSTATUS (NTAPI *PKWIN32_PROCESS_CALLOUT)(struct _EPROCESS *Process |
Variables |
| POBJECT_TYPE NTSYSAPI | PsJobType |
1.7.6.1
