Go to the source code of this file.
Function Documentation
◆ _In_reads_bytes_()
| _In_ THREADINFOCLASS _In_reads_bytes_ | ( | ThreadInformationLength | ) |
◆ _IRQL_requires_max_()
| _IRQL_requires_max_ | ( | PASSIVE_LEVEL | ) |
Queries information details about a security descriptor.
Computes the quota size of a security descriptor.
Assigns a security descriptor for a new object.
An extended function that assigns a security descriptor for a new object.
Frees a security descriptor.
An extended function that sets new information data to a security descriptor.
Modifies some information data about a security descriptor.
- Parameters
-
[in] SecurityInformation Security information details to be queried from a security descriptor. [out] SecurityDescriptor The returned security descriptor with security information data. [in,out] Length The returned length of a security descriptor. [in,out] ObjectsSecurityDescriptor The returned object security descriptor.
- Returns
- Returns STATUS_SUCCESS if the operations have been completed successfully and that the specific information about the security descriptor has been queried. STATUS_BUFFER_TOO_SMALL is returned if the buffer size is too small to contain the queried info about the security descriptor.
- Parameters
-
[in] Object If specified, the function will use this arbitrary object that points to an object security descriptor. [in] SecurityInformation Security information details to be set. [in] SecurityDescriptor A security descriptor where its info is to be changed. [in,out] ObjectsSecurityDescriptor The returned pointer to security descriptor objects. [in] PoolType Pool type for the new security descriptor to allocate. [in] GenericMapping The generic mapping of access rights masks.
- Returns
- See SeSetSecurityDescriptorInfoEx.
- Parameters
-
[in] Object If specified, the function will use this arbitrary object that points to an object security descriptor. [in] SecurityInformation Security information details to be set. [in] SecurityDescriptor A security descriptor where its info is to be changed. [in,out] ObjectsSecurityDescriptor The returned pointer to security descriptor objects. [in] AutoInheritFlags Flags bitmask inheritation, influencing how the security descriptor can be inherited and if it can be in the first place. [in] PoolType Pool type for the new security descriptor to allocate. [in] GenericMapping The generic mapping of access rights masks.
- Returns
- Returns STATUS_SUCCESS if the operations have been completed without problems and that new info has been set to the security descriptor. STATUS_NO_SECURITY_ON_OBJECT is returned if the object does not have a security descriptor. STATUS_INSUFFICIENT_RESOURCES is returned if memory pool allocation for the new security descriptor with new info set has failed.
- Parameters
-
[in] SecurityDescriptor A security descriptor to be freed from memory.
- Returns
- Returns STATUS_SUCCESS.
- Parameters
-
[in] _ParentDescriptor A security descriptor of the parent object that is being created. [in] _ExplicitDescriptor An explicit security descriptor that is applied to a new object. [out] NewDescriptor The new allocated security descriptor. [in] ObjectType The type of the new object. [in] IsDirectoryObject Set this to TRUE if the newly created object is a directory object, otherwise set this to FALSE. [in] AutoInheritFlags Automatic inheritance flags that influence how access control entries within ACLs from security descriptors are inherited. [in] SubjectContext Security subject context of the new object. [in] GenericMapping Generic mapping of access mask rights. [in] PoolType This parameter is unused.
- Returns
- Returns STATUS_SUCCESS if the operations have been completed successfully and that the security descriptor has been assigned to the new object. STATUS_NO_TOKEN is returned if the caller hasn't supplied a valid argument to a security subject context. STATUS_INVALID_OWNER is returned if the caller hasn't supplied a parent descriptor that belongs to the main user (owner). STATUS_INVALID_PRIMARY_GROUP is returned by the same reason as with the previous NTSTATUS code. The two NTSTATUS codes are returned if the calling thread stated that the owner and/or group is defaulted to the parent descriptor (SEF_DEFAULT_OWNER_FROM_PARENT and/or SEF_DEFAULT_GROUP_FROM_PARENT respectively). STATUS_INSUFFICIENT_RESOURCES is returned if memory pool allocation for the descriptor buffer has failed. A failure NTSTATUS is returned otherwise.
- Parameters
-
[in] ParentDescriptor A security descriptor of the parent object that is being created. [in] ExplicitDescriptor An explicit security descriptor that is applied to a new object. [out] NewDescriptor The new allocated security descriptor. [in] IsDirectoryObject Set this to TRUE if the newly created object is a directory object, otherwise set this to FALSE. [in] SubjectContext Security subject context of the new object. [in] GenericMapping Generic mapping of access mask rights. [in] PoolType This parameter is unused.
- Returns
- See SeAssignSecurityEx.
- Parameters
-
[in] SecurityDescriptor A security descriptor. [out] QuotaInfoSize The returned quota size of the given security descriptor to the caller. The function may return 0 to this parameter if the descriptor doesn't have a group or a discretionary access control list (DACL) even.
- Returns
- Returns STATUS_SUCCESS if the quota size of a security descriptor has been computed successfully. STATUS_UNKNOWN_REVISION is returned if the security descriptor has an invalid revision.
Definition at line 64 of file Messaging.c.
◆ NtAlertResumeThread()
| NTSYSCALLAPI NTSTATUS NTAPI NtAlertResumeThread | ( | _In_ HANDLE | ThreadHandle, |
| _Out_opt_ PULONG | SuspendCount | ||
| ) |
◆ NtAlertThread()
| NTSYSCALLAPI NTSTATUS NTAPI NtAlertThread | ( | _In_ HANDLE | ThreadHandle | ) |
◆ NtApphelpCacheControl()
| NTSYSCALLAPI NTSTATUS NTAPI NtApphelpCacheControl | ( | _In_ APPHELPCACHESERVICECLASS | Service, |
| _In_opt_ PAPPHELP_CACHE_SERVICE_LOOKUP | ServiceData | ||
| ) |
Definition at line 728 of file apphelp.c.
Referenced by BaseDumpAppcompatCache(), BaseFlushAppcompatCache(), and CallApphelp().
◆ NtAssignProcessToJobObject()
| NTSYSCALLAPI NTSTATUS NTAPI NtAssignProcessToJobObject | ( | _In_ HANDLE | JobHandle, |
| _In_ HANDLE | ProcessHandle | ||
| ) |
◆ NtCreateJobObject()
| NTSYSCALLAPI NTSTATUS NTAPI NtCreateJobObject | ( | _Out_ PHANDLE | JobHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_ POBJECT_ATTRIBUTES | ObjectAttributes | ||
| ) |
◆ NtCreateJobSet()
| NTSTATUS NTAPI NtCreateJobSet | ( | _In_ ULONG | NumJob, |
| _In_ PJOB_SET_ARRAY | UserJobSet, | ||
| _In_ ULONG | Flags | ||
| ) |
◆ NtCreateProcess()
| NTSYSCALLAPI NTSTATUS NTAPI NtCreateProcess | ( | _Out_ PHANDLE | ProcessHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_opt_ POBJECT_ATTRIBUTES | ObjectAttributes, | ||
| _In_ HANDLE | ParentProcess, | ||
| _In_ BOOLEAN | InheritObjectTable, | ||
| _In_opt_ HANDLE | SectionHandle, | ||
| _In_opt_ HANDLE | DebugPort, | ||
| _In_opt_ HANDLE | ExceptionPort | ||
| ) |
◆ NtCreateProcessEx()
| NTSYSCALLAPI NTSTATUS NTAPI NtCreateProcessEx | ( | _Out_ PHANDLE | ProcessHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_opt_ POBJECT_ATTRIBUTES | ObjectAttributes, | ||
| _In_ HANDLE | ParentProcess, | ||
| _In_ ULONG | Flags, | ||
| _In_opt_ HANDLE | SectionHandle, | ||
| _In_opt_ HANDLE | DebugPort, | ||
| _In_opt_ HANDLE | ExceptionPort, | ||
| _In_ BOOLEAN | InJob | ||
| ) |
◆ NtCreateThread()
| NTSYSCALLAPI NTSTATUS NTAPI NtCreateThread | ( | _Out_ PHANDLE | ThreadHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_opt_ POBJECT_ATTRIBUTES | ObjectAttributes, | ||
| _In_ HANDLE | ProcessHandle, | ||
| _Out_ PCLIENT_ID | ClientId, | ||
| _In_ PCONTEXT | ThreadContext, | ||
| _In_ PINITIAL_TEB | UserStack, | ||
| _In_ BOOLEAN | CreateSuspended | ||
| ) |
◆ NtCurrentTeb()
| FORCEINLINE struct _TEB* NtCurrentTeb | ( | VOID | ) |
Definition at line 420 of file psfuncs.h.
Referenced by __declspec(), __wine_pop_frame(), __wine_push_frame(), _NtCurrentTeb(), AbortDoc(), actctx_init(), AVrfInitializeVerifier(), AvrfpResolveThunks(), BaseCreateThreadPoolThread(), BaseGetNamedObjectDirectory(), Basep8BitStringToStaticUnicodeString(), BasepComputeProcessPath(), BasepLoadLibraryAsDatafile(), BaseSrvBSMThread(), BuildUserModeWindowStationName(), CallMsgFilterA(), CallMsgFilterW(), CallNamedPipeA(), CloseAllProcessHandles(), COM_CurrentInfo(), COM_TlsDestroy(), CompareStringA(), ConvertFiberToThread(), ConvertThreadToFiberEx(), CountHandlers(), CreatePipe(), CreateProcessInternalW(), CreateRemoteThread(), CSR_API(), CsrApiHandleConnectionRequest(), CsrApiRequestThread(), CsrClientCallServer(), CsrConnectToUser(), CsrIdentifyAlertableThread(), CsrInitializeProcessStructure(), CsrValidateMessageBuffer(), DbgkMapViewOfSection(), DbgUiConnectToDbg(), DbgUiContinue(), DbgUiDebugActiveProcess(), DbgUiGetThreadDebugObject(), DbgUiSetThreadDebugObject(), DbgUiStopDebugging(), DbgUiWaitStateChange(), DefineDosDeviceA(), DeleteFiber(), DllMain(), doChild(), ElfChangeNotify(), EndDoc(), EngGetLastError(), EngSetLastError(), ExitThread(), extfmt_default_dbg_vlog(), ExtTextOutW(), FatalAppExitA(), FilenameA2W(), find_entry(), find_entry_language(), find_query_actctx(), FlsAlloc(), FlsGetValue(), FlsSetValue(), GdiAllocBatchCommand(), GdiDeleteBrushOrPen(), GdiDllInitialize(), GdiProcessSetup(), GdiQueryTable(), GdiSetLastError(), get_base_dir(), get_or_create_threaddata(), GetBinaryTypeA(), GetCurrentDirectoryA(), GetCurrentProcessId(), GetCurrentThreadId(), GetLastError(), GetModuleHandleA(), GetTeb(), GetTempFileNameW(), GetThreadLocale(), GetW32ThreadInfo(), GetWindowThreadProcessId(), GuiConsoleInputThread(), hash_basename(), hGetPEBHandle(), Imm32CheckImcProcess(), Imm32CleanupContext(), Imm32IsCrossProcessAccess(), Imm32RequestMessageAW(), ImmSetCompositionFontA(), ImmSetCompositionFontW(), InitThreadCallback(), IntAddSynthesizedFormats(), IntEndPage(), InternalAddAtom(), InternalFindAtom(), IntGetCurrentDC(), IntGetCurrentDcData(), IntGetCurrentDispatchTable(), IntGetCurrentICDPrivate(), IntGetCurrentRC(), IntMakeCurrent(), IntNotifyWinEvent(), IntSetCurrentDispatchTable(), IntSetCurrentICDPrivate(), IntSetThreadDesktop(), IsGUIThread(), IsThreadAFiber(), IsWinEventHookInstalled(), KiRaiseUserExceptionDispatcher(), KiSystemCallHandler(), KiSystemServiceHandler(), LCMapStringA(), ldr_notify_callback1(), ldr_notify_callback_dll_main(), ldr_notify_callback_fail(), LdrLoadDll(), LdrpAllocateTls(), LdrpFreeTls(), LdrpInit(), LdrpInitializeProcess(), LdrpInitializeThread(), LdrpInitSecurityCookie(), LdrpLoadImportModule(), LdrpMakeCookie(), LdrpMapDll(), LdrpRunInitializeRoutines(), LdrpUpdateLoadCount3(), LdrShutdownProcess(), LdrShutdownThread(), LdrUnlockLoaderLock(), load_gl_funcs(), Main(), MyGdiQueryTable(), NlsInit(), NtGdiFlushUserBatch(), NtUserSetWindowsHookAW(), OffsetViewportOrgEx(), OffsetWindowOrgEx(), ok_fls_(), PolyPatBlt(), PostMessageA(), PostMessageW(), PsConvertToGuiThread(), PspUserThreadStartup(), QueryDosDeviceA(), RemoveHandles(), rosfmt_default_dbg_vlog(), RtlAcquirePrivilege(), RtlAcquireResourceExclusive(), RtlAcquireResourceShared(), RtlActivateActivationContext(), RtlActivateActivationContextUnsafeFast(), RtlApplicationVerifierStop(), RtlConvertSharedToExclusive(), RtlCreateActivationContext(), RtlDeactivateActivationContext(), RtlDeactivateActivationContextUnsafeFast(), RtlEnterCriticalSection(), RtlExitUserThread(), RtlFindActivationContextSectionGuid(), RtlFindActivationContextSectionString(), RtlFreeThreadActivationContextStack(), RtlGetActiveActivationContext(), RtlGetCriticalSectionRecursionCount(), RtlGetFrame(), RtlGetLastNtStatus(), RtlGetLastWin32Error(), RtlGetThreadErrorMode(), RtlInitializeCriticalSectionAndSpinCount(), RtlIsActivationContextActive(), RtlIsCriticalSectionLockedByThread(), RtlIsThreadWithinLoaderCallout(), RtlLeaveCriticalSection(), RtlNtStatusToDosError(), RtlpCaptureStackLimits(), RtlpClearInDbgPrint(), RtlpDphProcessStartupInitialization(), RtlpFreeDebugInfo(), RtlPopFrame(), RtlpPageHeapCreate(), RtlpPageHeapDestroy(), RtlpSetInDbgPrint(), RtlPushFrame(), RtlpWaitForCriticalSection(), RtlQueryProcessDebugInformation(), RtlSetLastWin32Error(), RtlSetLastWin32ErrorAndNtStatusFromNtStatus(), RtlSetThreadErrorMode(), RtlTryEnterCriticalSection(), ScControlService(), ScServiceMainStubA(), ScServiceMainStubW(), service_main(), SetConsoleInputExeNameA(), SetGraphicsMode(), SetLastError(), SetMapperFlags(), SetPolyFillMode(), SetROP2(), SetTextCharacterExtra(), SetTextJustification(), SetThreadLocale(), SetThreadStackGuarantee(), SetThreadUILanguage(), SetViewportExtEx(), SetViewportOrgEx(), SetWindowExtEx(), SetWindowOrgEx(), SetWindowsHookA(), SetWindowsHookW(), SockEnterApiFast(), START_TEST(), StartPage(), TerminateThread(), test_HashLinks(), test_import_resolution(), test_InMemoryOrderModuleList(), test_query_object(), test_RemoveDirectoryA(), test_RemoveDirectoryW(), test_RtlThreadErrorMode(), TestWindowProcess(), TlsAlloc(), TlsGetValue(), TlsSetValue(), UnhandledExceptionFilter(), UpdateColors(), UserDbgAssertThreadInfo(), UserSetLastError(), VdmDispatchBop(), VdmDispatchPageFault(), VdmpGetVdmTib(), Win32kThreadCallback(), wined3d_cs_create(), winefmt_default_dbg_vlog(), and WTSQuerySessionInformationW().
◆ NtImpersonateThread()
| NTSYSCALLAPI NTSTATUS NTAPI NtImpersonateThread | ( | _In_ HANDLE | ThreadHandle, |
| _In_ HANDLE | ThreadToImpersonate, | ||
| _In_ PSECURITY_QUALITY_OF_SERVICE | SecurityQualityOfService | ||
| ) |
◆ NtIsProcessInJob()
| NTSYSCALLAPI NTSTATUS NTAPI NtIsProcessInJob | ( | _In_ HANDLE | ProcessHandle, |
| _In_opt_ HANDLE | JobHandle | ||
| ) |
◆ NtOpenProcess()
| __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcess | ( | _Out_ PHANDLE | ProcessHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_ POBJECT_ATTRIBUTES | ObjectAttributes, | ||
| _In_opt_ PCLIENT_ID | ClientId | ||
| ) |
◆ NtOpenProcessToken()
| _Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcessToken | ( | _In_ HANDLE | ProcessHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _Out_ PHANDLE | TokenHandle | ||
| ) |
◆ NtOpenThread()
| NTSYSCALLAPI NTSTATUS NTAPI NtOpenThread | ( | _Out_ PHANDLE | ThreadHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_ POBJECT_ATTRIBUTES | ObjectAttributes, | ||
| _In_ PCLIENT_ID | ClientId | ||
| ) |
◆ NtOpenThreadToken()
| NTSYSCALLAPI NTSTATUS NTAPI NtOpenThreadToken | ( | _In_ HANDLE | ThreadHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_ BOOLEAN | OpenAsSelf, | ||
| _Out_ PHANDLE | TokenHandle | ||
| ) |
Opens a token that is tied to a thread handle.
- Parameters
-
[out] ThreadHandle Thread handle where the token is about to be opened. [in] DesiredAccess The request access right for the token. [in] OpenAsSelf If set to TRUE, the access check will be made with the security context of the process of the calling thread (opening as self). Otherwise the access check will be made with the security context of the calling thread instead. [out] TokenHandle The opened token handle returned to the caller for use.
- Returns
- See NtOpenThreadTokenEx.
Definition at line 6445 of file token.c.
◆ NtOpenThreadTokenEx()
| NTSYSCALLAPI NTSTATUS NTAPI NtOpenThreadTokenEx | ( | _In_ HANDLE | ThreadHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_ BOOLEAN | OpenAsSelf, | ||
| _In_ ULONG | HandleAttributes, | ||
| _Out_ PHANDLE | TokenHandle | ||
| ) |
Opens a token that is tied to a thread handle.
- Parameters
-
[out] ThreadHandle Thread handle where the token is about to be opened. [in] DesiredAccess The request access right for the token. [in] OpenAsSelf If set to TRUE, the access check will be made with the security context of the process of the calling thread (opening as self). Otherwise the access check will be made with the security context of the calling thread instead. [in] HandleAttributes Handle attributes for the opened thread token handle. [out] TokenHandle The opened token handle returned to the caller for use.
- Returns
- Returns STATUS_SUCCESS if the function has successfully opened the thread token. STATUS_CANT_OPEN_ANONYMOUS is returned if a token has SecurityAnonymous as impersonation level and we cannot open it. A failure NTSTATUS code is returned otherwise.
Definition at line 6243 of file token.c.
◆ NtQueryInformationJobObject()
| NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationJobObject | ( | _In_ HANDLE | JobHandle, |
| _In_ JOBOBJECTINFOCLASS | JobInformationClass, | ||
| _Out_bytecap_(JobInformationLength) PVOID | JobInformation, | ||
| _In_ ULONG | JobInformationLength, | ||
| _Out_ PULONG | ReturnLength | ||
| ) |
◆ NtQueryInformationProcess()
| __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationProcess | ( | _In_ HANDLE | ProcessHandle, |
| _In_ PROCESSINFOCLASS | ProcessInformationClass, | ||
| _Out_ PVOID | ProcessInformation, | ||
| _In_ ULONG | ProcessInformationLength, | ||
| _Out_opt_ PULONG | ReturnLength | ||
| ) |
Definition at line 59 of file query.c.
◆ NtQueryInformationThread()
| NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationThread | ( | _In_ HANDLE | ThreadHandle, |
| _In_ THREADINFOCLASS | ThreadInformationClass, | ||
| _Out_ PVOID | ThreadInformation, | ||
| _In_ ULONG | ThreadInformationLength, | ||
| _Out_opt_ PULONG | ReturnLength | ||
| ) |
◆ NtRegisterThreadTerminatePort()
| NTSYSCALLAPI NTSTATUS NTAPI NtRegisterThreadTerminatePort | ( | _In_ HANDLE | TerminationPort | ) |
◆ NtResumeProcess()
| NTSYSCALLAPI NTSTATUS NTAPI NtResumeProcess | ( | _In_ HANDLE | ProcessHandle | ) |
◆ NtResumeThread()
| NTSYSCALLAPI NTSTATUS NTAPI NtResumeThread | ( | _In_ HANDLE | ThreadHandle, |
| _Out_opt_ PULONG | SuspendCount | ||
| ) |
◆ NtSetInformationJobObject()
| NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationJobObject | ( | _In_ HANDLE | JobHandle, |
| _In_ JOBOBJECTINFOCLASS | JobInformationClass, | ||
| _In_bytecount_(JobInformationLength) PVOID | JobInformation, | ||
| _In_ ULONG | JobInformationLength | ||
| ) |
◆ NtSetInformationProcess()
| NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationProcess | ( | _In_ HANDLE | ProcessHandle, |
| _In_ PROCESSINFOCLASS | ProcessInformationClass, | ||
| _In_ PVOID | ProcessInformation, | ||
| _In_ ULONG | ProcessInformationLength | ||
| ) |
◆ NtSetInformationThread()
| __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationThread | ( | _In_ HANDLE | ThreadHandle, |
| _In_ THREADINFOCLASS | ThreadInformationClass, | ||
| _In_reads_bytes_(ThreadInformationLength) PVOID | ThreadInformation, | ||
| _In_ ULONG | ThreadInformationLength | ||
| ) |
◆ NtSuspendProcess()
| NTSYSCALLAPI NTSTATUS NTAPI NtSuspendProcess | ( | _In_ HANDLE | ProcessHandle | ) |
◆ NtSuspendThread()
| NTSYSCALLAPI NTSTATUS NTAPI NtSuspendThread | ( | _In_ HANDLE | ThreadHandle, |
| _In_ PULONG | PreviousSuspendCount | ||
| ) |
◆ NtTerminateJobObject()
| NTSYSCALLAPI NTSTATUS NTAPI NtTerminateJobObject | ( | _In_ HANDLE | JobHandle, |
| _In_ NTSTATUS | ExitStatus | ||
| ) |
◆ NtTerminateProcess()
| NTSYSCALLAPI NTSTATUS NTAPI NtTerminateProcess | ( | _In_ HANDLE | ProcessHandle, |
| _In_ NTSTATUS | ExitStatus | ||
| ) |
◆ NtTerminateThread()
| NTSYSCALLAPI NTSTATUS NTAPI NtTerminateThread | ( | _In_ HANDLE | ThreadHandle, |
| _In_ NTSTATUS | ExitStatus | ||
| ) |
◆ PsChargePoolQuota()
| NTKERNELAPI VOID NTAPI PsChargePoolQuota | ( | _In_ PEPROCESS | Process, |
| _In_ POOL_TYPE | PoolType, | ||
| _In_ SIZE_T | Amount | ||
| ) |
Charges the pool quota of a given process. The kind of pool quota to charge is determined by the PoolType parameter.
- Parameters
-
[in] Process The process which quota is to be charged. [in] PoolType The pool type to choose to charge quotas (e.g. PagedPool or NonPagedPool). [in] Amount The amount of quotas to charge into a process.
- Returns
- Nothing.
- Remarks
- The function raises an exception if STATUS_QUOTA_EXCEEDED status code is returned. Callers are responsible on their own to handle the raised exception.
Definition at line 775 of file quota.c.
Referenced by FsRtlCancelNotify(), and FsRtlNotifyFilterReportChange().
◆ PsChargeProcessNonPagedPoolQuota()
| NTKERNELAPI NTSTATUS NTAPI PsChargeProcessNonPagedPoolQuota | ( | _In_ PEPROCESS | Process, |
| _In_ SIZE_T | Amount | ||
| ) |
Charges the non paged pool quota of a given process.
- Parameters
-
[in] Process The process which non paged quota is to be charged. [in] Amount The amount of quotas to charge into a process.
- Returns
- Returns STATUS_SUCCESS if quota charing has suceeded, STATUS_QUOTA_EXCEEDED is returned otherwise to indicate the caller attempted to charge quotas over the limits.
Definition at line 811 of file quota.c.
Referenced by START_TEST().
◆ PsChargeProcessPagedPoolQuota()
| NTKERNELAPI NTSTATUS NTAPI PsChargeProcessPagedPoolQuota | ( | _In_ PEPROCESS | Process, |
| _In_ SIZE_T | Amount | ||
| ) |
Charges the paged pool quota of a given process.
- Parameters
-
[in] Process The process which paged quota is to be charged. [in] Amount The amount of quotas to charge into a process.
- Returns
- Returns STATUS_SUCCESS if quota charing has suceeded, STATUS_QUOTA_EXCEEDED is returned otherwise to indicate the caller attempted to charge quotas over the limits.
Definition at line 839 of file quota.c.
Referenced by ExpAllocateHandleTable(), ExpAllocateTablePagedPool(), ExpAllocateTablePagedPoolNoZero(), and START_TEST().
◆ PsChargeProcessPoolQuota()
| NTKERNELAPI NTSTATUS NTAPI PsChargeProcessPoolQuota | ( | _In_ PEPROCESS | Process, |
| _In_ POOL_TYPE | PoolType, | ||
| _In_ SIZE_T | Amount | ||
| ) |
Charges the process' quota pool. The type of quota to be charged depends upon the PoolType parameter.
- Parameters
-
[in] Process The process which quota is to be charged. [in] PoolType The type of quota pool to charge (e.g. PagedPool or NonPagedPool). [in] Amount The amount of quotas to charge into a process.
- Returns
- Returns STATUS_SUCCESS if quota charing has suceeded, STATUS_QUOTA_EXCEEDED is returned otherwise to indicate the caller attempted to charge quotas over the limits.
Definition at line 872 of file quota.c.
Referenced by ExAllocatePoolWithQuotaTag(), PsChargePoolQuota(), PsChargeProcessNonPagedPoolQuota(), and PsChargeProcessPagedPoolQuota().
◆ PsEstablishWin32Callouts()
| NTKERNELAPI VOID NTAPI PsEstablishWin32Callouts | ( | _In_ PWIN32_CALLOUTS_FPNS | CalloutData | ) |
◆ PsGetCurrentProcessSessionId()
| NTKERNELAPI ULONG NTAPI PsGetCurrentProcessSessionId | ( | VOID | ) |
Definition at line 1133 of file process.c.
Referenced by ExpWin32SessionCallout(), IntCreateDesktop(), IntDestroyMenuObject(), NtSetInformationObject(), NtUserSwitchDesktop(), ObpLookupObjectName(), and VideoPortUseDeviceInSession().
◆ PsGetCurrentProcessWin32Process()
| NTKERNELAPI PVOID NTAPI PsGetCurrentProcessWin32Process | ( | VOID | ) |
Definition at line 1183 of file process.c.
Referenced by _Function_class_(), CheckWinstaAttributeAccess(), co_IntGraphicsCheck(), co_IntSetParent(), co_IntSetWindowLongPtr(), co_IntUserManualGuiCheck(), co_UserDestroyWindow(), DC_bAllocDcAttr(), DC_vFreeDcAttr(), DecrementCurrentProcessGdiHandleCount(), DesktopHeapAddressToUser(), DesktopHeapGetUserDelta(), GDI_CleanupForProcess(), GetBrushAttrPool(), GetControlColor(), GetFontFamilyInfoForSubstitutes(), GetW32ProcessInfo(), handle_internal_message(), IdlePing(), IdlePong(), IncrementCurrentProcessGdiHandleCount(), IntAllowSetForegroundWindow(), IntGdiAddFontMemResource(), IntGdiCleanupPrivateFontsForProcess(), IntGdiLoadFontsFromMemory(), IntGdiRemoveFontMemResource(), IntGdiSetRegionOwner(), IntGetFontFamilyInfo(), IntLoadHookModule(), IntLoadSystenIcons(), IntLockSetForegroundWindow(), IntMapDesktopView(), IntUnmapDesktopView(), IntWinStaOkToClose(), NtUserCallHwndParam(), NtUserCallOneParam(), NtUserDestroyCursor(), NtUserFindExistingCursorIcon(), NtUserGetComboBoxInfo(), NtUserGetListBoxInfo(), NtUserSetSystemCursor(), NtUserSetWindowFNID(), REGION_bAllocRgnAttr(), REGION_vCleanup(), TextIntRealizeFont(), UserDbgAssertThreadInfo(), UserGetDCEx(), UserGetProcessWindowStation(), UserHeapAddressToUser(), UserSetProcessWindowStation(), UserSystemParametersInfo(), and UserUnregisterUserApiHook().
◆ PsGetCurrentThreadProcessId()
| NTKERNELAPI HANDLE NTAPI PsGetCurrentThreadProcessId | ( | VOID | ) |
◆ PsGetCurrentThreadWin32Thread()
| NTKERNELAPI PVOID NTAPI PsGetCurrentThreadWin32Thread | ( | VOID | ) |
Definition at line 805 of file thread.c.
Referenced by AllocateUserMessage(), CaretSystemTimerProc(), co_HOOK_CallHooks(), co_IntCallHookProc(), co_IntCallSentMessageCallback(), co_IntCallWindowProc(), co_IntClientLoadLibrary(), co_IntClientThreadSetup(), co_IntFixCaret(), co_IntGetPeekMessage(), co_IntLoadDefaultCursors(), co_IntLoadSysMenuTemplate(), co_IntPaintWindows(), co_IntPeekMessage(), co_IntProcessKeyboardMessage(), co_IntProcessMouseMessage(), co_IntSendActivateMessages(), co_IntSendMessageTimeoutSingle(), co_IntSendMessageWithCallBack(), co_IntSetActiveWindow(), co_IntSetCaretPos(), co_IntSetForegroundAndFocusWindow(), co_IntWaitMessage(), co_MsqDispatchOneSentMessage(), co_MsqReplyMessage(), co_MsqSendMessage(), co_MsqSendMessageAsync(), co_UserDestroyWindow(), co_UserHideCaret(), co_UserSetCapture(), co_UserSetFocus(), co_UserShowCaret(), co_WinPosSearchChildren(), co_WinPosSetWindowPos(), co_WinPosShowWindow(), DECREASE_THREAD_LOCK_COUNT(), DefWndDoSizeMove(), DefWndStartSizeMove(), DesktopHeapGetUserDelta(), DesktopThreadMain(), GetW32ThreadInfo(), handle_internal_message(), IdlePing(), INCREASE_THREAD_LOCK_COUNT(), IntAddAtom(), IntCallWndProc(), IntCallWndProcRet(), IntCbAllocateMemory(), IntCbFreeMemory(), IntCreateDesktop(), IntDeactivateWindow(), IntDefWindowProc(), IntDeRegisterShellHookWindow(), IntDesktopOkToClose(), IntDispatchMessage(), IntDrawScrollBar(), IntGetAndReferenceClass(), IntGetAtomName(), IntGetCapture(), IntGetCurrentThreadDesktopWindow(), IntGetNextHook(), IntGetQueueStatus(), IntGetThreadDesktopWindow(), IntGetThreadFocusWindow(), IntInitMessagePumpHook(), IntInvalidateWindows(), IntIsClipboardOpenByMe(), IntMsqClearWakeMask(), IntMsqSetWakeMask(), IntNotifyWinEvent(), IntQueryTrackMouseEvent(), IntRegisterShellHookWindow(), IntReleaseCapture(), IntRemoveHook(), IntSendDestroyMsg(), IntSendSyncPaint(), IntSetThreadDesktop(), IntSetTimer(), IntTrackMouseEvent(), IntTrackPopupMenuEx(), IntTranslateKbdMessage(), IntUnhookWindowsHook(), IntUninitMessagePumpHook(), IntUserSetActiveWindow(), MENU_DoNextMenu(), MENU_InitTracking(), MENU_TrackMenu(), MsqGetMessageExtraInfo(), MsqSetMessageExtraInfo(), NtUserActivateKeyboardLayout(), NtUserBlockInput(), NtUserCallNoParam(), NtUserCallOneParam(), NtUserCallTwoParam(), NtUserCreateAcceleratorTable(), NtUserCreateCaret(), NtUserGetCaretPos(), NtUserGetGUIThreadInfo(), NtUserGetKeyboardLayoutName(), NtUserGetKeyboardState(), NtUserGetKeyNameText(), NtUserGetThreadState(), NtUserLoadKeyboardLayoutEx(), NtUserLockWorkStation(), NtUserMapVirtualKeyEx(), NtUserQueryWindow(), NtUserSendInput(), NtUserSetKeyboardState(), NtUserSetThreadState(), NtUserSetWindowsHookEx(), NtUserSetWinEventHook(), NtUserToUnicodeEx(), NtUserValidateTimerCallback(), NtUserVkKeyScanEx(), NtUserWaitForInputIdle(), PostTimerMessages(), UserCreateInputContext(), UserDbgAssertThreadInfo(), UserDerefObjectCo(), UserDestroyMenu(), UserEnterExclusive(), UserGetActiveWindow(), UserGetCPD(), UserGetKeyboardLayout(), UserGetKeyState(), UserGhostThreadEntry(), UserInitialize(), UserOpenClipboard(), UserOpenInputDesktop(), UserRefObjectCo(), UserRegisterHotKey(), UserRegisterUserApiHook(), UserSendKeyboardInput(), UserSendMouseInput(), UserSetActiveWindow(), UserSetCursor(), UserShowCursor(), and UserUnregisterUserApiHook().
◆ PsGetProcessExitProcessCalled()
| NTKERNELAPI BOOLEAN NTAPI PsGetProcessExitProcessCalled | ( | _In_ PEPROCESS | Process | ) |
◆ PsGetProcessExitStatus()
| NTKERNELAPI NTSTATUS NTAPI PsGetProcessExitStatus | ( | _In_ PEPROCESS | Process | ) |
◆ PsGetProcessInheritedFromUniqueProcessId()
◆ PsGetProcessSecurityPort()
| NTKERNELAPI PVOID NTAPI PsGetProcessSecurityPort | ( | _In_ PEPROCESS | Process | ) |
◆ PsGetProcessSessionId()
| NTKERNELAPI ULONG NTAPI PsGetProcessSessionId | ( | _In_ PEPROCESS | Process | ) |
◆ PsGetProcessWin32Process()
| NTKERNELAPI PVOID NTAPI PsGetProcessWin32Process | ( | _In_ PEPROCESS | Process | ) |
◆ PsGetProcessWin32WindowStation()
| NTKERNELAPI PVOID NTAPI PsGetProcessWin32WindowStation | ( | _In_ PEPROCESS | Process | ) |
◆ PsGetThreadFreezeCount()
| NTKERNELAPI ULONG NTAPI PsGetThreadFreezeCount | ( | _In_ PETHREAD | Thread | ) |
◆ PsGetThreadHardErrorsAreDisabled()
| NTKERNELAPI BOOLEAN NTAPI PsGetThreadHardErrorsAreDisabled | ( | _In_ PETHREAD | Thread | ) |
◆ PsGetThreadId()
| NTKERNELAPI HANDLE NTAPI PsGetThreadId | ( | _In_ PETHREAD | Thread | ) |
◆ PsGetThreadProcess()
| NTKERNELAPI PEPROCESS NTAPI PsGetThreadProcess | ( | _In_ PETHREAD | Thread | ) |
◆ PsGetThreadTeb()
| NTKERNELAPI PTEB NTAPI PsGetThreadTeb | ( | _In_ PETHREAD | Thread | ) |
◆ PsGetThreadWin32Thread()
| NTKERNELAPI PVOID NTAPI PsGetThreadWin32Thread | ( | _In_ PETHREAD | Thread | ) |
◆ PsIsProtectedProcess()
◆ PsIsSystemProcess()
| NTKERNELAPI BOOLEAN NTAPI PsIsSystemProcess | ( | _In_ PEPROCESS | Process | ) |
◆ PsIsThreadImpersonating()
| NTKERNELAPI BOOLEAN NTAPI PsIsThreadImpersonating | ( | _In_ PETHREAD | Thread | ) |
◆ PsLookupProcessThreadByCid()
| NTKERNELAPI NTSTATUS NTAPI PsLookupProcessThreadByCid | ( | _In_ PCLIENT_ID | Cid, |
| _Out_opt_ PEPROCESS * | Process, | ||
| _Out_ PETHREAD * | Thread | ||
| ) |
◆ PsReturnPoolQuota()
| NTKERNELAPI VOID NTAPI PsReturnPoolQuota | ( | _In_ PEPROCESS | Process, |
| _In_ POOL_TYPE | PoolType, | ||
| _In_ SIZE_T | Amount | ||
| ) |
Returns the pool quota that the process was taking up.
- Parameters
-
[in] Process The process which quota is to be returned. [in] PoolType The type of quota pool to return (e.g. PagedPool or NonPagedPool). [in] Amount The amount of quotas to return from a process.
- Returns
- Nothing.
Definition at line 907 of file quota.c.
Referenced by ExFreePoolWithTag(), ExReturnPoolQuota(), PsReturnProcessNonPagedPoolQuota(), and PsReturnProcessPagedPoolQuota().
◆ PsReturnProcessNonPagedPoolQuota()
| NTKERNELAPI VOID NTAPI PsReturnProcessNonPagedPoolQuota | ( | _In_ PEPROCESS | Process, |
| _In_ SIZE_T | Amount | ||
| ) |
Returns the non paged quota pool that the process was taking up.
- Parameters
-
[in] Process The process which non paged quota is to be returned. [in] Amount The amount of quotas to return from a process.
- Returns
- Nothing.
Definition at line 938 of file quota.c.
Referenced by PspDeleteProcess(), and START_TEST().
◆ PsReturnProcessPagedPoolQuota()
Returns the paged pool quota that the process was taking up.
- Parameters
-
[in] Process The process which paged pool quota is to be returned. [in] Amount The amount of quotas to return from a process.
- Returns
- Nothing.
Definition at line 965 of file quota.c.
Referenced by ExpAllocateHandleTable(), ExpFreeHandleTable(), ExpFreeTablePagedPool(), FsRtlCancelNotify(), FsRtlNotifyCleanup(), FsRtlNotifyCompleteIrp(), FsRtlNotifyFilterReportChange(), and START_TEST().
◆ PsRevertThreadToSelf()
| NTKERNELAPI VOID NTAPI PsRevertThreadToSelf | ( | _Inout_ PETHREAD | Thread | ) |
◆ PsSetProcessPriorityByClass()
◆ PsSetProcessSecurityPort()
| NTKERNELAPI NTSTATUS NTAPI PsSetProcessSecurityPort | ( | _Inout_ PEPROCESS | Process, |
| _In_ PVOID | SecurityPort | ||
| ) |
◆ PsSetProcessWin32Process()
| NTKERNELAPI NTSTATUS NTAPI PsSetProcessWin32Process | ( | _Inout_ PEPROCESS | Process, |
| _In_opt_ PVOID | Win32Process, | ||
| _In_opt_ PVOID | OldWin32Process | ||
| ) |
Definition at line 1257 of file process.c.
Referenced by AllocW32Process(), and ExitProcessCallback().
◆ PsSetProcessWindowStation()
| NTKERNELAPI VOID NTAPI PsSetProcessWindowStation | ( | _Inout_ PEPROCESS | Process, |
| _In_opt_ PVOID | WindowStation | ||
| ) |
◆ PsSetThreadHardErrorsAreDisabled()
| NTKERNELAPI VOID NTAPI PsSetThreadHardErrorsAreDisabled | ( | _Inout_ PETHREAD | Thread, |
| _In_ BOOLEAN | Disabled | ||
| ) |
◆ PsSetThreadWin32Thread()
| NTKERNELAPI PVOID NTAPI PsSetThreadWin32Thread | ( | _Inout_ PETHREAD | Thread, |
| _In_opt_ PVOID | Win32Thread, | ||
| _In_opt_ PVOID | OldWin32Thread | ||
| ) |
◆ ZwAlertResumeThread()
| NTSYSAPI NTSTATUS NTAPI ZwAlertResumeThread | ( | _In_ HANDLE | ThreadHandle, |
| _Out_opt_ PULONG | SuspendCount | ||
| ) |
◆ ZwAlertThread()
◆ ZwAssignProcessToJobObject()
| NTSYSAPI NTSTATUS NTAPI ZwAssignProcessToJobObject | ( | _In_ HANDLE | JobHandle, |
| _In_ HANDLE | ProcessHandle | ||
| ) |
◆ ZwCreateJobObject()
| NTSYSAPI NTSTATUS NTAPI ZwCreateJobObject | ( | _Out_ PHANDLE | JobHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_ POBJECT_ATTRIBUTES | ObjectAttributes | ||
| ) |
◆ ZwCreateProcess()
| NTSYSAPI NTSTATUS NTAPI ZwCreateProcess | ( | _Out_ PHANDLE | ProcessHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_opt_ POBJECT_ATTRIBUTES | ObjectAttributes, | ||
| _In_ HANDLE | ParentProcess, | ||
| _In_ BOOLEAN | InheritObjectTable, | ||
| _In_opt_ HANDLE | SectionHandle, | ||
| _In_opt_ HANDLE | DebugPort, | ||
| _In_opt_ HANDLE | ExceptionPort | ||
| ) |
Referenced by RtlCreateUserProcess().
◆ ZwCreateThread()
| NTSYSAPI NTSTATUS NTAPI ZwCreateThread | ( | _Out_ PHANDLE | ThreadHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_opt_ POBJECT_ATTRIBUTES | ObjectAttributes, | ||
| _In_ HANDLE | ProcessHandle, | ||
| _Out_ PCLIENT_ID | ClientId, | ||
| _In_ PCONTEXT | ThreadContext, | ||
| _In_ PINITIAL_TEB | UserStack, | ||
| _In_ BOOLEAN | CreateSuspended | ||
| ) |
Referenced by RtlCreateUserThread().
◆ ZwImpersonateThread()
| NTSYSAPI NTSTATUS NTAPI ZwImpersonateThread | ( | _In_ HANDLE | ThreadHandle, |
| _In_ HANDLE | ThreadToImpersonate, | ||
| _In_ PSECURITY_QUALITY_OF_SERVICE | SecurityQualityOfService | ||
| ) |
◆ ZwIsProcessInJob()
◆ ZwOpenThread()
| NTSYSAPI NTSTATUS NTAPI ZwOpenThread | ( | _Out_ PHANDLE | ThreadHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_ POBJECT_ATTRIBUTES | ObjectAttributes, | ||
| _In_ PCLIENT_ID | ClientId | ||
| ) |
◆ ZwOpenThreadToken()
| NTSYSAPI NTSTATUS NTAPI ZwOpenThreadToken | ( | _In_ HANDLE | ThreadHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_ BOOLEAN | OpenAsSelf, | ||
| _Out_ PHANDLE | TokenHandle | ||
| ) |
Referenced by RtlAdjustPrivilege(), and RtlpOpenThreadToken().
◆ ZwOpenThreadTokenEx()
| NTSYSAPI NTSTATUS NTAPI ZwOpenThreadTokenEx | ( | _In_ HANDLE | ThreadHandle, |
| _In_ ACCESS_MASK | DesiredAccess, | ||
| _In_ BOOLEAN | OpenAsSelf, | ||
| _In_ ULONG | HandleAttributes, | ||
| _Out_ PHANDLE | TokenHandle | ||
| ) |
Referenced by RtlFormatCurrentUserKeyPath().
◆ ZwQueryInformationJobObject()
| NTSYSAPI NTSTATUS NTAPI ZwQueryInformationJobObject | ( | _In_ HANDLE | JobHandle, |
| _In_ JOBOBJECTINFOCLASS | JobInformationClass, | ||
| _Out_bytecap_(JobInformationLength) PVOID | JobInformation, | ||
| _In_ ULONG | JobInformationLength, | ||
| _Out_ PULONG | ReturnLength | ||
| ) |
◆ ZwQueryInformationProcess()
| NTSYSAPI NTSTATUS NTAPI ZwQueryInformationProcess | ( | _In_ HANDLE | ProcessHandle, |
| _In_ PROCESSINFOCLASS | ProcessInformationClass, | ||
| _Out_ PVOID | ProcessInformation, | ||
| _In_ ULONG | ProcessInformationLength, | ||
| _Out_opt_ PULONG | ReturnLength | ||
| ) |
Referenced by lie_about_fs_type(), RtlCreateUserProcess(), RtlEncodePointer(), RtlSetProcessIsCritical(), and START_TEST().
◆ ZwQueryInformationThread()
| NTSYSAPI NTSTATUS NTAPI ZwQueryInformationThread | ( | _In_ HANDLE | ThreadHandle, |
| _In_ THREADINFOCLASS | ThreadInformationClass, | ||
| _Out_ PVOID | ThreadInformation, | ||
| _In_ ULONG | ThreadInformationLength, | ||
| _Out_opt_ PULONG | ReturnLength | ||
| ) |
Referenced by RtlSetThreadIsCritical().
◆ ZwRegisterThreadTerminatePort()
◆ ZwResumeProcess()
◆ ZwResumeThread()
Referenced by ExpLoadInitialProcess().
◆ ZwSetInformationJobObject()
| NTSYSAPI NTSTATUS NTAPI ZwSetInformationJobObject | ( | _In_ HANDLE | JobHandle, |
| _In_ JOBOBJECTINFOCLASS | JobInformationClass, | ||
| _In_ PVOID | JobInformation, | ||
| _In_ ULONG | JobInformationLength | ||
| ) |
◆ ZwSetInformationProcess()
| NTSYSAPI NTSTATUS NTAPI ZwSetInformationProcess | ( | _In_ HANDLE | ProcessHandle, |
| _In_ PROCESSINFOCLASS | ProcessInformationClass, | ||
| _In_ PVOID | ProcessInformation, | ||
| _In_ ULONG | ProcessInformationLength | ||
| ) |
Referenced by RtlSetProcessIsCritical().
◆ ZwSuspendProcess()
◆ ZwSuspendThread()
| NTSYSAPI NTSTATUS NTAPI ZwSuspendThread | ( | _In_ HANDLE | ThreadHandle, |
| _In_ PULONG | PreviousSuspendCount | ||
| ) |
◆ ZwTerminateJobObject()
◆ ZwTerminateThread()
Referenced by RtlAssert().
Variable Documentation
◆ DesiredAccess
◆ ExitStatus
Definition at line 859 of file psfuncs.h.
Referenced by BaseExitThreadPoolThread(), BaseSrvBSMThread(), CdfsChkdsk(), ChkdskEx(), CsrDereferenceNtSession(), DbgkExitProcess(), DbgkExitThread(), Ext2Chkdsk(), NtfsChkdsk(), NtTerminateJobObject(), NtTerminateProcess(), NtTerminateThread(), PspExitThread(), PspTerminateProcess(), PspTerminateThreadByPointer(), PsTerminateProcess(), PsTerminateSystemThread(), RtlpExitThread(), test_query_process_basic(), VfatChkdsk(), and VfatxChkdsk().
◆ HandleAttributes
◆ ThreadInformationClass
| _In_ THREADINFOCLASS ThreadInformationClass |
Definition at line 832 of file psfuncs.h.
Referenced by NtQueryInformationThread(), NtSetInformationThread(), NtUserQueryInformationThread(), and NtUserSetInformationThread().
◆ ThreadInformationLength
| _In_ THREADINFOCLASS _In_ ULONG ThreadInformationLength |
Definition at line 835 of file psfuncs.h.
Referenced by NtQueryInformationThread(), NtSetInformationThread(), NtUserSetInformationThread(), and PspQueryDescriptorThread().
◆ TokenHandle
Definition at line 715 of file psfuncs.h.
Referenced by AdjustTokenGroups(), AdjustTokenPrivileges(), BasepReplaceProcessThreadTokens(), CreateProcessInternalW(), DuplicateTokenAsEffective(), GetCallerLuid(), GetSiteSidFromToken(), GetTokenInformation(), IsPrivilegeEnabled(), IsTokenRestricted(), LogonUserExW(), LsapIsTrustedClient(), LsapLogonUser(), LsarSetSecurityObject(), MyLogonUser(), NtAccessCheck(), NtAdjustGroupsToken(), NtAdjustPrivilegesToken(), NtCreateToken(), NtOpenProcessToken(), NtOpenProcessTokenEx(), NtOpenThreadToken(), NtOpenThreadTokenEx(), NtQueryInformationToken(), NtSetInformationProcess(), NtSetInformationThread(), NtSetInformationToken(), OpenProcessToken(), OpenThreadToken(), PsAssignImpersonationToken(), PspSetPrimaryToken(), RtlAdjustPrivilege(), RtlCreateUserSecurityObject(), RtlDefaultNpAcl(), RtlFormatCurrentUserKeyPath(), RtlpGetImpersonationToken(), RtlpOpenThreadToken(), SamrSetSecurityObject(), SepCreateToken(), SetThreadToken(), SetTokenInformation(), SHTestTokenMembership(), and START_TEST().
