ReactOS 0.4.16-dev-1170-ge326b06
psfuncs.h
Go to the documentation of this file.
1/*++ NDK Version: 0098
2
3Copyright (c) Alex Ionescu. All rights reserved.
4
5Header Name:
6
7 psfuncs.h
8
9Abstract:
10
11 Function definitions for the Process Manager
12
13Author:
14
15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16
17--*/
18
19#ifndef _PSFUNCS_H
20#define _PSFUNCS_H
21
22//
23// Dependencies
24//
25#include <umtypes.h>
26#include <pstypes.h>
27
28#ifdef __cplusplus
29extern "C" {
30#endif
31
32#ifndef NTOS_MODE_USER
33
34//
35// Win32K Process/Thread Functions
36//
37NTKERNELAPI
38PVOID
39NTAPI
40PsGetCurrentThreadWin32Thread(
41 VOID
42);
43
44NTKERNELAPI
45PVOID
46NTAPI
47PsGetCurrentProcessWin32Process(
48 VOID
49);
50
51NTKERNELAPI
52PVOID
53NTAPI
54PsGetProcessWin32Process(
55 _In_ PEPROCESS Process
56);
57
58NTKERNELAPI
59NTSTATUS
60NTAPI
61PsSetProcessWin32Process(
62 _Inout_ PEPROCESS Process,
63 _In_opt_ PVOID Win32Process,
64 _In_opt_ PVOID OldWin32Process
65);
66
67NTKERNELAPI
68PVOID
69NTAPI
70PsSetThreadWin32Thread(
71 _Inout_ PETHREAD Thread,
72 _In_opt_ PVOID Win32Thread,
73 _In_opt_ PVOID OldWin32Thread
74);
75
76NTKERNELAPI
77PVOID
78NTAPI
79PsGetThreadWin32Thread(
80 _In_ PETHREAD Thread
81);
82
83NTKERNELAPI
84PVOID
85NTAPI
86PsGetProcessWin32WindowStation(
87 _In_ PEPROCESS Process
88);
89
90NTKERNELAPI
91VOID
92NTAPI
93PsSetProcessWindowStation(
94 _Inout_ PEPROCESS Process,
95 _In_opt_ PVOID WindowStation
96);
97
98NTKERNELAPI
99PTEB
100NTAPI
101PsGetThreadTeb(
102 _In_ PETHREAD Thread
103);
104
105NTKERNELAPI
106HANDLE
107NTAPI
108PsGetThreadId(
109 _In_ PETHREAD Thread
110);
111
112NTKERNELAPI
113PEPROCESS
114NTAPI
115PsGetThreadProcess(
116 _In_ PETHREAD Thread
117);
118
119NTKERNELAPI
120ULONG
121NTAPI
122PsGetThreadFreezeCount(
123 _In_ PETHREAD Thread
124);
125
126NTKERNELAPI
127BOOLEAN
128NTAPI
129PsGetThreadHardErrorsAreDisabled(
130 _In_ PETHREAD Thread
131);
132
133NTKERNELAPI
134VOID
135NTAPI
136PsSetThreadHardErrorsAreDisabled(
137 _Inout_ PETHREAD Thread,
138 _In_ BOOLEAN Disabled
139);
140
141NTKERNELAPI
142VOID
143NTAPI
144PsEstablishWin32Callouts(
145 _In_ PWIN32_CALLOUTS_FPNS CalloutData
146);
147
148NTKERNELAPI
149VOID
150NTAPI
151PsReturnProcessNonPagedPoolQuota(
152 _In_ PEPROCESS Process,
153 _In_ SIZE_T Amount
154);
155
156NTKERNELAPI
157ULONG
158NTAPI
159PsGetCurrentProcessSessionId(
160 VOID
161);
162
163//
164// Process Impersonation Functions
165//
166NTKERNELAPI
167BOOLEAN
168NTAPI
169PsIsThreadImpersonating(
170 _In_ PETHREAD Thread
171);
172
173NTKERNELAPI
174VOID
175NTAPI
176PsRevertThreadToSelf(
177 _Inout_ PETHREAD Thread
178);
179
180//
181// Misc. Functions
182//
183NTKERNELAPI
184NTSTATUS
185NTAPI
186PsLookupProcessThreadByCid(
187 _In_ PCLIENT_ID Cid,
188 _Out_opt_ PEPROCESS *Process,
189 _Out_ PETHREAD *Thread
190);
191
192BOOLEAN
193NTAPI
194PsIsProtectedProcess(
195 _In_ PEPROCESS Process
196);
197
198NTKERNELAPI
199BOOLEAN
200NTAPI
201PsIsSystemProcess(
202 _In_ PEPROCESS Process
203);
204
205VOID
206NTAPI
207PsSetProcessPriorityByClass(
208 _In_ PEPROCESS Process,
209 _In_ PSPROCESSPRIORITYMODE Type
210);
211
212HANDLE
213NTAPI
214PsGetProcessInheritedFromUniqueProcessId(
215 _In_ PEPROCESS Process
216);
217
218NTKERNELAPI
219NTSTATUS
220NTAPI
221PsGetProcessExitStatus(
222 _In_ PEPROCESS Process
223);
224
225NTKERNELAPI
226ULONG
227NTAPI
228PsGetProcessSessionId(
229 _In_ PEPROCESS Process
230);
231
232NTKERNELAPI
233BOOLEAN
234NTAPI
235PsGetProcessExitProcessCalled(
236 _In_ PEPROCESS Process
237);
238
239//
240// Quota Functions
241//
242NTKERNELAPI
243VOID
244NTAPI
245PsChargePoolQuota(
246 _In_ PEPROCESS Process,
247 _In_ POOL_TYPE PoolType,
248 _In_ SIZE_T Amount
249);
250
251NTKERNELAPI
252NTSTATUS
253NTAPI
254PsChargeProcessNonPagedPoolQuota(
255 _In_ PEPROCESS Process,
256 _In_ SIZE_T Amount
257);
258
259NTKERNELAPI
260NTSTATUS
261NTAPI
262PsChargeProcessPagedPoolQuota(
263 _In_ PEPROCESS Process,
264 _In_ SIZE_T Amount
265);
266
267NTKERNELAPI
268NTSTATUS
269NTAPI
270PsChargeProcessPoolQuota(
271 _In_ PEPROCESS Process,
272 _In_ POOL_TYPE PoolType,
273 _In_ SIZE_T Amount
274);
275
276NTKERNELAPI
277VOID
278NTAPI
279PsReturnPoolQuota(
280 _In_ PEPROCESS Process,
281 _In_ POOL_TYPE PoolType,
282 _In_ SIZE_T Amount
283);
284
285NTKERNELAPI
286VOID
287NTAPI
288PsReturnProcessNonPagedPoolQuota(
289 _In_ PEPROCESS Process,
290 _In_ SIZE_T Amount
291);
292
293NTKERNELAPI
294VOID
295NTAPI
296PsReturnProcessPagedPoolQuota(
297 _In_ PEPROCESS Process,
298 _In_ SIZE_T Amount
299);
300
301NTKERNELAPI
302PVOID
303NTAPI
304PsGetProcessSecurityPort(
305 _In_ PEPROCESS Process
306);
307
308NTKERNELAPI
309NTSTATUS
310NTAPI
311PsSetProcessSecurityPort(
312 _Inout_ PEPROCESS Process,
313 _In_ PVOID SecurityPort
314);
315
316NTKERNELAPI
317HANDLE
318NTAPI
319PsGetCurrentThreadProcessId(
320 VOID
321);
322
323#endif
324
325//
326// Native Calls
327//
328NTSYSCALLAPI
329NTSTATUS
330NTAPI
331NtAlertResumeThread(
332 _In_ HANDLE ThreadHandle,
333 _Out_opt_ PULONG SuspendCount
334);
335
336NTSYSCALLAPI
337NTSTATUS
338NTAPI
339NtApphelpCacheControl(
340 _In_ APPHELPCACHESERVICECLASS Service,
341 _In_opt_ PAPPHELP_CACHE_SERVICE_LOOKUP ServiceData
342);
343
344NTSYSCALLAPI
345NTSTATUS
346NTAPI
347NtAlertThread(
348 _In_ HANDLE ThreadHandle
349);
350
351NTSYSCALLAPI
352NTSTATUS
353NTAPI
354NtAssignProcessToJobObject(
355 _In_ HANDLE JobHandle,
356 _In_ HANDLE ProcessHandle
357);
358
359NTSYSCALLAPI
360NTSTATUS
361NTAPI
362NtCreateJobObject(
363 _Out_ PHANDLE JobHandle,
364 _In_ ACCESS_MASK DesiredAccess,
365 _In_ POBJECT_ATTRIBUTES ObjectAttributes
366);
367
368NTSTATUS
369NTAPI
370NtCreateJobSet(
371 _In_ ULONG NumJob,
372 _In_ PJOB_SET_ARRAY UserJobSet,
373 _In_ ULONG Flags
374);
375
376NTSYSCALLAPI
377NTSTATUS
378NTAPI
379NtCreateProcess(
380 _Out_ PHANDLE ProcessHandle,
381 _In_ ACCESS_MASK DesiredAccess,
382 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
383 _In_ HANDLE ParentProcess,
384 _In_ BOOLEAN InheritObjectTable,
385 _In_opt_ HANDLE SectionHandle,
386 _In_opt_ HANDLE DebugPort,
387 _In_opt_ HANDLE ExceptionPort
388);
389
390NTSYSCALLAPI
391NTSTATUS
392NTAPI
393NtCreateProcessEx(
394 _Out_ PHANDLE ProcessHandle,
395 _In_ ACCESS_MASK DesiredAccess,
396 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
397 _In_ HANDLE ParentProcess,
398 _In_ ULONG Flags,
399 _In_opt_ HANDLE SectionHandle,
400 _In_opt_ HANDLE DebugPort,
401 _In_opt_ HANDLE ExceptionPort,
402 _In_ BOOLEAN InJob
403);
404
405NTSYSCALLAPI
406NTSTATUS
407NTAPI
408NtCreateThread(
409 _Out_ PHANDLE ThreadHandle,
410 _In_ ACCESS_MASK DesiredAccess,
411 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
412 _In_ HANDLE ProcessHandle,
413 _Out_ PCLIENT_ID ClientId,
414 _In_ PCONTEXT ThreadContext,
415 _In_ PINITIAL_TEB UserStack,
416 _In_ BOOLEAN CreateSuspended
417);
418
419#ifndef NTOS_MODE_USER
420FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
421{
422#if defined(_M_IX86)
423 return (struct _TEB *)__readfsdword(0x18);
424#elif defined (_M_AMD64)
425 return (struct _TEB *)__readgsqword(FIELD_OFFSET(NT_TIB, Self));
426#elif defined (_M_ARM)
427 // return (struct _TEB *)KeGetPcr()->Used_Self;
428 return (struct _TEB *)(ULONG_PTR)_MoveFromCoprocessor(CP15_TPIDRURW);
429#elif defined (_M_ARM64)
430 //UNIMPLEMENTED;
431 return 0;
432// #elif defined(_M_PPC)
433// return (struct _TEB *)_read_teb_dword(0x18);
434#else
435#error Unsupported architecture
436#endif
437}
438#else
439struct _TEB * NtCurrentTeb(VOID);
440#endif
441
442NTSYSCALLAPI
443NTSTATUS
444NTAPI
445NtImpersonateThread(
446 _In_ HANDLE ThreadHandle,
447 _In_ HANDLE ThreadToImpersonate,
448 _In_ PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService
449);
450
451NTSYSCALLAPI
452NTSTATUS
453NTAPI
454NtIsProcessInJob(
455 _In_ HANDLE ProcessHandle,
456 _In_opt_ HANDLE JobHandle
457);
458
459__kernel_entry
460NTSYSCALLAPI
461NTSTATUS
462NTAPI
463NtOpenProcess(
464 _Out_ PHANDLE ProcessHandle,
465 _In_ ACCESS_MASK DesiredAccess,
466 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
467 _In_opt_ PCLIENT_ID ClientId
468);
469
470_Must_inspect_result_
471__kernel_entry
472NTSYSCALLAPI
473NTSTATUS
474NTAPI
475NtOpenProcessToken(
476 _In_ HANDLE ProcessHandle,
477 _In_ ACCESS_MASK DesiredAccess,
478 _Out_ PHANDLE TokenHandle
479);
480
481NTSYSCALLAPI
482NTSTATUS
483NTAPI
484NtOpenThread(
485 _Out_ PHANDLE ThreadHandle,
486 _In_ ACCESS_MASK DesiredAccess,
487 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
488 _In_ PCLIENT_ID ClientId
489);
490
491NTSYSCALLAPI
492NTSTATUS
493NTAPI
494NtOpenThreadToken(
495 _In_ HANDLE ThreadHandle,
496 _In_ ACCESS_MASK DesiredAccess,
497 _In_ BOOLEAN OpenAsSelf,
498 _Out_ PHANDLE TokenHandle
499);
500
501NTSYSCALLAPI
502NTSTATUS
503NTAPI
504NtOpenThreadTokenEx(
505 _In_ HANDLE ThreadHandle,
506 _In_ ACCESS_MASK DesiredAccess,
507 _In_ BOOLEAN OpenAsSelf,
508 _In_ ULONG HandleAttributes,
509 _Out_ PHANDLE TokenHandle
510);
511
512NTSYSCALLAPI
513NTSTATUS
514NTAPI
515NtQueryInformationJobObject(
516 _In_ HANDLE JobHandle,
517 _In_ JOBOBJECTINFOCLASS JobInformationClass,
518 _Out_bytecap_(JobInformationLength) PVOID JobInformation,
519 _In_ ULONG JobInformationLength,
520 _Out_ PULONG ReturnLength
521);
522
523#ifndef _NTDDK_
524__kernel_entry
525NTSYSCALLAPI
526NTSTATUS
527NTAPI
528NtQueryInformationProcess(
529 _In_ HANDLE ProcessHandle,
530 _In_ PROCESSINFOCLASS ProcessInformationClass,
531 _Out_ PVOID ProcessInformation,
532 _In_ ULONG ProcessInformationLength,
533 _Out_opt_ PULONG ReturnLength
534);
535#endif
536
537NTSYSCALLAPI
538NTSTATUS
539NTAPI
540NtQueryInformationThread(
541 _In_ HANDLE ThreadHandle,
542 _In_ THREADINFOCLASS ThreadInformationClass,
543 _Out_ PVOID ThreadInformation,
544 _In_ ULONG ThreadInformationLength,
545 _Out_opt_ PULONG ReturnLength
546);
547
548NTSYSCALLAPI
549NTSTATUS
550NTAPI
551NtRegisterThreadTerminatePort(
552 _In_ HANDLE TerminationPort
553);
554
555NTSYSCALLAPI
556NTSTATUS
557NTAPI
558NtResumeThread(
559 _In_ HANDLE ThreadHandle,
560 _Out_opt_ PULONG SuspendCount
561);
562
563NTSYSCALLAPI
564NTSTATUS
565NTAPI
566NtResumeProcess(
567 _In_ HANDLE ProcessHandle
568);
569
570NTSYSCALLAPI
571NTSTATUS
572NTAPI
573NtSetInformationJobObject(
574 _In_ HANDLE JobHandle,
575 _In_ JOBOBJECTINFOCLASS JobInformationClass,
576 _In_bytecount_(JobInformationLength) PVOID JobInformation,
577 _In_ ULONG JobInformationLength
578);
579
580NTSYSCALLAPI
581NTSTATUS
582NTAPI
583NtSetInformationProcess(
584 _In_ HANDLE ProcessHandle,
585 _In_ PROCESSINFOCLASS ProcessInformationClass,
586 _In_ PVOID ProcessInformation,
587 _In_ ULONG ProcessInformationLength
588);
589
590__kernel_entry
591NTSYSCALLAPI
592NTSTATUS
593NTAPI
594NtSetInformationThread(
595 _In_ HANDLE ThreadHandle,
596 _In_ THREADINFOCLASS ThreadInformationClass,
597 _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation,
598 _In_ ULONG ThreadInformationLength
599);
600
601NTSYSCALLAPI
602NTSTATUS
603NTAPI
604NtSuspendProcess(
605 _In_ HANDLE ProcessHandle
606);
607
608NTSYSCALLAPI
609NTSTATUS
610NTAPI
611NtSuspendThread(
612 _In_ HANDLE ThreadHandle,
613 _In_ PULONG PreviousSuspendCount
614);
615
616NTSYSCALLAPI
617NTSTATUS
618NTAPI
619NtTerminateProcess(
620 _In_ HANDLE ProcessHandle,
621 _In_ NTSTATUS ExitStatus
622);
623
624NTSYSCALLAPI
625NTSTATUS
626NTAPI
627NtTerminateThread(
628 _In_ HANDLE ThreadHandle,
629 _In_ NTSTATUS ExitStatus
630);
631
632NTSYSCALLAPI
633NTSTATUS
634NTAPI
635NtTerminateJobObject(
636 _In_ HANDLE JobHandle,
637 _In_ NTSTATUS ExitStatus
638);
639
640NTSYSAPI
641NTSTATUS
642NTAPI
643ZwAlertResumeThread(
644 _In_ HANDLE ThreadHandle,
645 _Out_opt_ PULONG SuspendCount
646);
647
648NTSYSAPI
649NTSTATUS
650NTAPI
651ZwAlertThread(
652 _In_ HANDLE ThreadHandle
653);
654
655NTSYSAPI
656NTSTATUS
657NTAPI
658ZwAssignProcessToJobObject(
659 _In_ HANDLE JobHandle,
660 _In_ HANDLE ProcessHandle
661);
662
663NTSYSAPI
664NTSTATUS
665NTAPI
666ZwCreateJobObject(
667 _Out_ PHANDLE JobHandle,
668 _In_ ACCESS_MASK DesiredAccess,
669 _In_ POBJECT_ATTRIBUTES ObjectAttributes
670);
671
672NTSYSAPI
673NTSTATUS
674NTAPI
675ZwCreateProcess(
676 _Out_ PHANDLE ProcessHandle,
677 _In_ ACCESS_MASK DesiredAccess,
678 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
679 _In_ HANDLE ParentProcess,
680 _In_ BOOLEAN InheritObjectTable,
681 _In_opt_ HANDLE SectionHandle,
682 _In_opt_ HANDLE DebugPort,
683 _In_opt_ HANDLE ExceptionPort
684);
685
686NTSYSAPI
687NTSTATUS
688NTAPI
689ZwCreateThread(
690 _Out_ PHANDLE ThreadHandle,
691 _In_ ACCESS_MASK DesiredAccess,
692 _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
693 _In_ HANDLE ProcessHandle,
694 _Out_ PCLIENT_ID ClientId,
695 _In_ PCONTEXT ThreadContext,
696 _In_ PINITIAL_TEB UserStack,
697 _In_ BOOLEAN CreateSuspended
698);
699
700NTSYSAPI
701NTSTATUS
702NTAPI
703ZwImpersonateThread(
704 _In_ HANDLE ThreadHandle,
705 _In_ HANDLE ThreadToImpersonate,
706 _In_ PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService
707);
708
709NTSYSAPI
710NTSTATUS
711NTAPI
712ZwIsProcessInJob(
713 _In_ HANDLE ProcessHandle,
714 _In_opt_ HANDLE JobHandle
715);
716
717_IRQL_requires_max_(PASSIVE_LEVEL)
718NTSYSAPI
719NTSTATUS
720NTAPI
721ZwOpenProcessTokenEx(
722 _In_ HANDLE ProcessHandle,
723 _In_ ACCESS_MASK DesiredAccess,
724 _In_ ULONG HandleAttributes,
725 _Out_ PHANDLE TokenHandle
726);
727
728NTSYSAPI
729NTSTATUS
730NTAPI
731ZwOpenThread(
732 _Out_ PHANDLE ThreadHandle,
733 _In_ ACCESS_MASK DesiredAccess,
734 _In_ POBJECT_ATTRIBUTES ObjectAttributes,
735 _In_ PCLIENT_ID ClientId
736);
737
738NTSYSAPI
739NTSTATUS
740NTAPI
741ZwOpenThreadToken(
742 _In_ HANDLE ThreadHandle,
743 _In_ ACCESS_MASK DesiredAccess,
744 _In_ BOOLEAN OpenAsSelf,
745 _Out_ PHANDLE TokenHandle
746);
747
748NTSYSAPI
749NTSTATUS
750NTAPI
751ZwOpenThreadTokenEx(
752 _In_ HANDLE ThreadHandle,
753 _In_ ACCESS_MASK DesiredAccess,
754 _In_ BOOLEAN OpenAsSelf,
755 _In_ ULONG HandleAttributes,
756 _Out_ PHANDLE TokenHandle
757);
758
759NTSYSAPI
760NTSTATUS
761NTAPI
762ZwQueryInformationJobObject(
763 _In_ HANDLE JobHandle,
764 _In_ JOBOBJECTINFOCLASS JobInformationClass,
765 _Out_bytecap_(JobInformationLength) PVOID JobInformation,
766 _In_ ULONG JobInformationLength,
767 _Out_ PULONG ReturnLength
768);
769
770NTSYSAPI
771NTSTATUS
772NTAPI
773ZwQueryInformationProcess(
774 _In_ HANDLE ProcessHandle,
775 _In_ PROCESSINFOCLASS ProcessInformationClass,
776 _Out_ PVOID ProcessInformation,
777 _In_ ULONG ProcessInformationLength,
778 _Out_opt_ PULONG ReturnLength
779);
780
781NTSYSAPI
782NTSTATUS
783NTAPI
784ZwQueryInformationThread(
785 _In_ HANDLE ThreadHandle,
786 _In_ THREADINFOCLASS ThreadInformationClass,
787 _Out_ PVOID ThreadInformation,
788 _In_ ULONG ThreadInformationLength,
789 _Out_opt_ PULONG ReturnLength
790);
791
792NTSYSAPI
793NTSTATUS
794NTAPI
795ZwRegisterThreadTerminatePort(
796 _In_ HANDLE TerminationPort
797);
798
799NTSYSAPI
800NTSTATUS
801NTAPI
802ZwResumeThread(
803 _In_ HANDLE ThreadHandle,
804 _Out_opt_ PULONG SuspendCount
805);
806
807NTSYSAPI
808NTSTATUS
809NTAPI
810ZwResumeProcess(
811 _In_ HANDLE ProcessHandle
812);
813
814NTSYSAPI
815NTSTATUS
816NTAPI
817ZwSetInformationJobObject(
818 _In_ HANDLE JobHandle,
819 _In_ JOBOBJECTINFOCLASS JobInformationClass,
820 _In_ PVOID JobInformation,
821 _In_ ULONG JobInformationLength
822);
823
824NTSYSAPI
825NTSTATUS
826NTAPI
827ZwSetInformationProcess(
828 _In_ HANDLE ProcessHandle,
829 _In_ PROCESSINFOCLASS ProcessInformationClass,
830 _In_ PVOID ProcessInformation,
831 _In_ ULONG ProcessInformationLength
832);
833
834_IRQL_requires_max_(PASSIVE_LEVEL)
835NTSYSAPI
836NTSTATUS
837NTAPI
838ZwSetInformationThread(
839 _In_ HANDLE ThreadHandle,
840 _In_ THREADINFOCLASS ThreadInformationClass,
841 _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation,
842 _In_ ULONG ThreadInformationLength
843);
844
845NTSYSAPI
846NTSTATUS
847NTAPI
848ZwSuspendProcess(
849 _In_ HANDLE ProcessHandle
850);
851
852NTSYSAPI
853NTSTATUS
854NTAPI
855ZwSuspendThread(
856 _In_ HANDLE ThreadHandle,
857 _In_ PULONG PreviousSuspendCount
858);
859
860_IRQL_requires_max_(PASSIVE_LEVEL)
861NTSYSAPI
862NTSTATUS
863NTAPI
864ZwTerminateProcess (
865 _In_opt_ HANDLE ProcessHandle,
866 _In_ NTSTATUS ExitStatus
867 );
868
869NTSYSAPI
870NTSTATUS
871NTAPI
872ZwTerminateThread(
873 _In_ HANDLE ThreadHandle,
874 _In_ NTSTATUS ExitStatus
875);
876
877NTSYSAPI
878NTSTATUS
879NTAPI
880ZwTerminateJobObject(
881 _In_ HANDLE JobHandle,
882 _In_ NTSTATUS ExitStatus
883);
884
885#ifdef __cplusplus
886}
887#endif
888
889#endif
ReturnLength
_In_ PVOID _In_ ULONG _Out_ PVOID _In_ ULONG _Inout_ PULONG ReturnLength
Definition: KdSystemDebugControl.c:34
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
Type
Type
Definition: Type.h:7
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI
#define NTSYSAPI
Definition: ntoskrnl.h:12
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
THREADINFOCLASS
enum _THREADINFOCLASS THREADINFOCLASS
Definition: thread.c:101
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
_IRQL_requires_max_
#define _IRQL_requires_max_(irql)
Definition: driverspecs.h:230
PASSIVE_LEVEL
#define PASSIVE_LEVEL
Definition: env_spec_w32.h:693
Thread
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
Amount
_Must_inspect_result_ _In_ LONGLONG _In_ LONGLONG Amount
Definition: fsrtlfuncs.h:551
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
JOBOBJECTINFOCLASS
enum _JOBOBJECTINFOCLASS JOBOBJECTINFOCLASS
APPHELPCACHESERVICECLASS
enum _APPHELPCACHESERVICECLASS APPHELPCACHESERVICECLASS
PSPROCESSPRIORITYMODE
enum _PSPROCESSPRIORITYMODE PSPROCESSPRIORITYMODE
PROCESSINFOCLASS
enum _PROCESSINFOCLASS PROCESSINFOCLASS
Definition: loader.c:63
__readfsdword
PPC_QUAL unsigned long __readfsdword(const unsigned long Offset)
Definition: intrin_ppc.h:382
NtCurrentTeb
#define NtCurrentTeb
Definition: iphlpapi_private.h:4
Disabled
@ Disabled
Definition: mountmgr.h:178
_Out_bytecap_
#define _Out_bytecap_(size)
Definition: ms_sal.h:854
_In_bytecount_
#define _In_bytecount_(size)
Definition: ms_sal.h:812
CP15_TPIDRURW
#define CP15_TPIDRURW
Definition: ketypes.h:131
ProcessHandle
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
PsGetThreadWin32Thread
NTKERNELAPI PVOID NTAPI PsGetThreadWin32Thread(_In_ PETHREAD Thread)
ZwQueryInformationThread
NTSYSAPI NTSTATUS NTAPI ZwQueryInformationThread(_In_ HANDLE ThreadHandle, _In_ THREADINFOCLASS ThreadInformationClass, _Out_ PVOID ThreadInformation, _In_ ULONG ThreadInformationLength, _Out_opt_ PULONG ReturnLength)
ZwImpersonateThread
NTSYSAPI NTSTATUS NTAPI ZwImpersonateThread(_In_ HANDLE ThreadHandle, _In_ HANDLE ThreadToImpersonate, _In_ PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService)
NtAlertResumeThread
NTSYSCALLAPI NTSTATUS NTAPI NtAlertResumeThread(_In_ HANDLE ThreadHandle, _Out_opt_ PULONG SuspendCount)
NtQueryInformationThread
NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationThread(_In_ HANDLE ThreadHandle, _In_ THREADINFOCLASS ThreadInformationClass, _Out_ PVOID ThreadInformation, _In_ ULONG ThreadInformationLength, _Out_opt_ PULONG ReturnLength)
NtTerminateJobObject
NTSYSCALLAPI NTSTATUS NTAPI NtTerminateJobObject(_In_ HANDLE JobHandle, _In_ NTSTATUS ExitStatus)
NtOpenThreadToken
NTSYSCALLAPI NTSTATUS NTAPI NtOpenThreadToken(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
Definition: token.c:2474
PsGetThreadHardErrorsAreDisabled
NTKERNELAPI BOOLEAN NTAPI PsGetThreadHardErrorsAreDisabled(_In_ PETHREAD Thread)
NtCreateJobObject
NTSYSCALLAPI NTSTATUS NTAPI NtCreateJobObject(_Out_ PHANDLE JobHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
PsSetProcessWin32Process
NTKERNELAPI NTSTATUS NTAPI PsSetProcessWin32Process(_Inout_ PEPROCESS Process, _In_opt_ PVOID Win32Process, _In_opt_ PVOID OldWin32Process)
Definition: process.c:1257
ExitStatus
_In_ NTSTATUS ExitStatus
Definition: psfuncs.h:867
NtSuspendThread
NTSYSCALLAPI NTSTATUS NTAPI NtSuspendThread(_In_ HANDLE ThreadHandle, _In_ PULONG PreviousSuspendCount)
PsGetCurrentProcessWin32Process
NTKERNELAPI PVOID NTAPI PsGetCurrentProcessWin32Process(VOID)
Definition: process.c:1183
ZwTerminateThread
NTSYSAPI NTSTATUS NTAPI ZwTerminateThread(_In_ HANDLE ThreadHandle, _In_ NTSTATUS ExitStatus)
PsGetThreadId
NTKERNELAPI HANDLE NTAPI PsGetThreadId(_In_ PETHREAD Thread)
NtSuspendProcess
NTSYSCALLAPI NTSTATUS NTAPI NtSuspendProcess(_In_ HANDLE ProcessHandle)
PsIsThreadImpersonating
NTKERNELAPI BOOLEAN NTAPI PsIsThreadImpersonating(_In_ PETHREAD Thread)
PsSetProcessWindowStation
NTKERNELAPI VOID NTAPI PsSetProcessWindowStation(_Inout_ PEPROCESS Process, _In_opt_ PVOID WindowStation)
PsChargeProcessPagedPoolQuota
NTKERNELAPI NTSTATUS NTAPI PsChargeProcessPagedPoolQuota(_In_ PEPROCESS Process, _In_ SIZE_T Amount)
Charges the paged pool quota of a given process.
Definition: quota.c:839
NtOpenProcess
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcess(_Out_ PHANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_opt_ PCLIENT_ID ClientId)
NtSetInformationProcess
NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _In_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength)
NtAlertThread
NTSYSCALLAPI NTSTATUS NTAPI NtAlertThread(_In_ HANDLE ThreadHandle)
TokenHandle
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:726
NtAssignProcessToJobObject
NTSYSCALLAPI NTSTATUS NTAPI NtAssignProcessToJobObject(_In_ HANDLE JobHandle, _In_ HANDLE ProcessHandle)
PsEstablishWin32Callouts
NTKERNELAPI VOID NTAPI PsEstablishWin32Callouts(_In_ PWIN32_CALLOUTS_FPNS CalloutData)
PsGetProcessExitProcessCalled
NTKERNELAPI BOOLEAN NTAPI PsGetProcessExitProcessCalled(_In_ PEPROCESS Process)
PsSetProcessPriorityByClass
VOID NTAPI PsSetProcessPriorityByClass(_In_ PEPROCESS Process, _In_ PSPROCESSPRIORITYMODE Type)
NtIsProcessInJob
NTSYSCALLAPI NTSTATUS NTAPI NtIsProcessInJob(_In_ HANDLE ProcessHandle, _In_opt_ HANDLE JobHandle)
PsGetProcessExitStatus
NTKERNELAPI NTSTATUS NTAPI PsGetProcessExitStatus(_In_ PEPROCESS Process)
PsIsSystemProcess
NTKERNELAPI BOOLEAN NTAPI PsIsSystemProcess(_In_ PEPROCESS Process)
ThreadInformationLength
_In_ THREADINFOCLASS _In_ ULONG ThreadInformationLength
Definition: psfuncs.h:843
ZwOpenThread
NTSYSAPI NTSTATUS NTAPI ZwOpenThread(_Out_ PHANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ PCLIENT_ID ClientId)
PsGetProcessSecurityPort
NTKERNELAPI PVOID NTAPI PsGetProcessSecurityPort(_In_ PEPROCESS Process)
ZwSetInformationProcess
NTSYSAPI NTSTATUS NTAPI ZwSetInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _In_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength)
PsLookupProcessThreadByCid
NTKERNELAPI NTSTATUS NTAPI PsLookupProcessThreadByCid(_In_ PCLIENT_ID Cid, _Out_opt_ PEPROCESS *Process, _Out_ PETHREAD *Thread)
ZwSetInformationJobObject
NTSYSAPI NTSTATUS NTAPI ZwSetInformationJobObject(_In_ HANDLE JobHandle, _In_ JOBOBJECTINFOCLASS JobInformationClass, _In_ PVOID JobInformation, _In_ ULONG JobInformationLength)
PsSetThreadHardErrorsAreDisabled
NTKERNELAPI VOID NTAPI PsSetThreadHardErrorsAreDisabled(_Inout_ PETHREAD Thread, _In_ BOOLEAN Disabled)
PsGetThreadTeb
NTKERNELAPI PTEB NTAPI PsGetThreadTeb(_In_ PETHREAD Thread)
ZwSuspendThread
NTSYSAPI NTSTATUS NTAPI ZwSuspendThread(_In_ HANDLE ThreadHandle, _In_ PULONG PreviousSuspendCount)
NtResumeProcess
NTSYSCALLAPI NTSTATUS NTAPI NtResumeProcess(_In_ HANDLE ProcessHandle)
PsGetProcessWin32WindowStation
NTKERNELAPI PVOID NTAPI PsGetProcessWin32WindowStation(_In_ PEPROCESS Process)
NtQueryInformationProcess
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _Out_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength, _Out_opt_ PULONG ReturnLength)
Definition: query.c:59
PsGetProcessInheritedFromUniqueProcessId
HANDLE NTAPI PsGetProcessInheritedFromUniqueProcessId(_In_ PEPROCESS Process)
PsChargeProcessNonPagedPoolQuota
NTKERNELAPI NTSTATUS NTAPI PsChargeProcessNonPagedPoolQuota(_In_ PEPROCESS Process, _In_ SIZE_T Amount)
Charges the non paged pool quota of a given process.
Definition: quota.c:811
NtRegisterThreadTerminatePort
NTSYSCALLAPI NTSTATUS NTAPI NtRegisterThreadTerminatePort(_In_ HANDLE TerminationPort)
PsGetCurrentProcessSessionId
NTKERNELAPI ULONG NTAPI PsGetCurrentProcessSessionId(VOID)
Definition: process.c:1133
NtCreateJobSet
NTSTATUS NTAPI NtCreateJobSet(_In_ ULONG NumJob, _In_ PJOB_SET_ARRAY UserJobSet, _In_ ULONG Flags)
PsGetThreadProcess
NTKERNELAPI PEPROCESS NTAPI PsGetThreadProcess(_In_ PETHREAD Thread)
NtImpersonateThread
NTSYSCALLAPI NTSTATUS NTAPI NtImpersonateThread(_In_ HANDLE ThreadHandle, _In_ HANDLE ThreadToImpersonate, _In_ PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService)
NtOpenThreadTokenEx
NTSYSCALLAPI NTSTATUS NTAPI NtOpenThreadTokenEx(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
Definition: token.c:2331
NtCreateThread
NTSYSCALLAPI NTSTATUS NTAPI NtCreateThread(_Out_ PHANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ HANDLE ProcessHandle, _Out_ PCLIENT_ID ClientId, _In_ PCONTEXT ThreadContext, _In_ PINITIAL_TEB UserStack, _In_ BOOLEAN CreateSuspended)
PsSetThreadWin32Thread
NTKERNELAPI PVOID NTAPI PsSetThreadWin32Thread(_Inout_ PETHREAD Thread, _In_opt_ PVOID Win32Thread, _In_opt_ PVOID OldWin32Thread)
PsReturnProcessPagedPoolQuota
NTKERNELAPI VOID NTAPI PsReturnProcessPagedPoolQuota(_In_ PEPROCESS Process, _In_ SIZE_T Amount)
Returns the paged pool quota that the process was taking up.
Definition: quota.c:965
PsGetProcessSessionId
NTKERNELAPI ULONG NTAPI PsGetProcessSessionId(_In_ PEPROCESS Process)
PsReturnProcessNonPagedPoolQuota
NTKERNELAPI VOID NTAPI PsReturnProcessNonPagedPoolQuota(_In_ PEPROCESS Process, _In_ SIZE_T Amount)
Returns the non paged quota pool that the process was taking up.
Definition: quota.c:938
PsChargeProcessPoolQuota
NTKERNELAPI NTSTATUS NTAPI PsChargeProcessPoolQuota(_In_ PEPROCESS Process, _In_ POOL_TYPE PoolType, _In_ SIZE_T Amount)
Charges the process' quota pool. The type of quota to be charged depends upon the PoolType parameter.
Definition: quota.c:872
PsGetProcessWin32Process
NTKERNELAPI PVOID NTAPI PsGetProcessWin32Process(_In_ PEPROCESS Process)
ZwCreateProcess
NTSYSAPI NTSTATUS NTAPI ZwCreateProcess(_Out_ PHANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ HANDLE ParentProcess, _In_ BOOLEAN InheritObjectTable, _In_opt_ HANDLE SectionHandle, _In_opt_ HANDLE DebugPort, _In_opt_ HANDLE ExceptionPort)
NtCreateProcessEx
NTSYSCALLAPI NTSTATUS NTAPI NtCreateProcessEx(_Out_ PHANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ HANDLE ParentProcess, _In_ ULONG Flags, _In_opt_ HANDLE SectionHandle, _In_opt_ HANDLE DebugPort, _In_opt_ HANDLE ExceptionPort, _In_ BOOLEAN InJob)
PsGetCurrentThreadWin32Thread
NTKERNELAPI PVOID NTAPI PsGetCurrentThreadWin32Thread(VOID)
Definition: thread.c:805
ThreadInformationClass
_In_ THREADINFOCLASS ThreadInformationClass
Definition: psfuncs.h:840
PsReturnPoolQuota
NTKERNELAPI VOID NTAPI PsReturnPoolQuota(_In_ PEPROCESS Process, _In_ POOL_TYPE PoolType, _In_ SIZE_T Amount)
Returns the pool quota that the process was taking up.
Definition: quota.c:907
NtOpenThread
NTSYSCALLAPI NTSTATUS NTAPI NtOpenThread(_Out_ PHANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ PCLIENT_ID ClientId)
ZwAlertThread
NTSYSAPI NTSTATUS NTAPI ZwAlertThread(_In_ HANDLE ThreadHandle)
ZwIsProcessInJob
NTSYSAPI NTSTATUS NTAPI ZwIsProcessInJob(_In_ HANDLE ProcessHandle, _In_opt_ HANDLE JobHandle)
ZwCreateThread
NTSYSAPI NTSTATUS NTAPI ZwCreateThread(_Out_ PHANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ HANDLE ProcessHandle, _Out_ PCLIENT_ID ClientId, _In_ PCONTEXT ThreadContext, _In_ PINITIAL_TEB UserStack, _In_ BOOLEAN CreateSuspended)
NtCreateProcess
NTSYSCALLAPI NTSTATUS NTAPI NtCreateProcess(_Out_ PHANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ HANDLE ParentProcess, _In_ BOOLEAN InheritObjectTable, _In_opt_ HANDLE SectionHandle, _In_opt_ HANDLE DebugPort, _In_opt_ HANDLE ExceptionPort)
ZwOpenThreadTokenEx
NTSYSAPI NTSTATUS NTAPI ZwOpenThreadTokenEx(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle)
HandleAttributes
_In_ ACCESS_MASK _In_ ULONG HandleAttributes
Definition: psfuncs.h:724
ZwTerminateJobObject
NTSYSAPI NTSTATUS NTAPI ZwTerminateJobObject(_In_ HANDLE JobHandle, _In_ NTSTATUS ExitStatus)
ZwResumeProcess
NTSYSAPI NTSTATUS NTAPI ZwResumeProcess(_In_ HANDLE ProcessHandle)
PsGetThreadFreezeCount
NTKERNELAPI ULONG NTAPI PsGetThreadFreezeCount(_In_ PETHREAD Thread)
ZwCreateJobObject
NTSYSAPI NTSTATUS NTAPI ZwCreateJobObject(_Out_ PHANDLE JobHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
NtSetInformationJobObject
NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationJobObject(_In_ HANDLE JobHandle, _In_ JOBOBJECTINFOCLASS JobInformationClass, _In_bytecount_(JobInformationLength) PVOID JobInformation, _In_ ULONG JobInformationLength)
ZwResumeThread
NTSYSAPI NTSTATUS NTAPI ZwResumeThread(_In_ HANDLE ThreadHandle, _Out_opt_ PULONG SuspendCount)
PsRevertThreadToSelf
NTKERNELAPI VOID NTAPI PsRevertThreadToSelf(_Inout_ PETHREAD Thread)
ZwSuspendProcess
NTSYSAPI NTSTATUS NTAPI ZwSuspendProcess(_In_ HANDLE ProcessHandle)
PsSetProcessSecurityPort
NTKERNELAPI NTSTATUS NTAPI PsSetProcessSecurityPort(_Inout_ PEPROCESS Process, _In_ PVOID SecurityPort)
ZwQueryInformationProcess
NTSYSAPI NTSTATUS NTAPI ZwQueryInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _Out_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength, _Out_opt_ PULONG ReturnLength)
PsGetCurrentThreadProcessId
NTKERNELAPI HANDLE NTAPI PsGetCurrentThreadProcessId(VOID)
Definition: thread.c:755
NtResumeThread
NTSYSCALLAPI NTSTATUS NTAPI NtResumeThread(_In_ HANDLE ThreadHandle, _Out_opt_ PULONG SuspendCount)
ZwOpenThreadToken
NTSYSAPI NTSTATUS NTAPI ZwOpenThreadToken(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle)
ZwQueryInformationJobObject
NTSYSAPI NTSTATUS NTAPI ZwQueryInformationJobObject(_In_ HANDLE JobHandle, _In_ JOBOBJECTINFOCLASS JobInformationClass, _Out_bytecap_(JobInformationLength) PVOID JobInformation, _In_ ULONG JobInformationLength, _Out_ PULONG ReturnLength)
PsIsProtectedProcess
BOOLEAN NTAPI PsIsProtectedProcess(_In_ PEPROCESS Process)
PsChargePoolQuota
NTKERNELAPI VOID NTAPI PsChargePoolQuota(_In_ PEPROCESS Process, _In_ POOL_TYPE PoolType, _In_ SIZE_T Amount)
Charges the pool quota of a given process. The kind of pool quota to charge is determined by the Pool...
Definition: quota.c:775
NtOpenProcessToken
_Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcessToken(_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle)
NtApphelpCacheControl
NTSYSCALLAPI NTSTATUS NTAPI NtApphelpCacheControl(_In_ APPHELPCACHESERVICECLASS Service, _In_opt_ PAPPHELP_CACHE_SERVICE_LOOKUP ServiceData)
Definition: apphelp.c:728
NtSetInformationThread
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationThread(_In_ HANDLE ThreadHandle, _In_ THREADINFOCLASS ThreadInformationClass, _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation, _In_ ULONG ThreadInformationLength)
NtQueryInformationJobObject
NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationJobObject(_In_ HANDLE JobHandle, _In_ JOBOBJECTINFOCLASS JobInformationClass, _Out_bytecap_(JobInformationLength) PVOID JobInformation, _In_ ULONG JobInformationLength, _Out_ PULONG ReturnLength)
ZwAlertResumeThread
NTSYSAPI NTSTATUS NTAPI ZwAlertResumeThread(_In_ HANDLE ThreadHandle, _Out_opt_ PULONG SuspendCount)
ZwRegisterThreadTerminatePort
NTSYSAPI NTSTATUS NTAPI ZwRegisterThreadTerminatePort(_In_ HANDLE TerminationPort)
ZwAssignProcessToJobObject
NTSYSAPI NTSTATUS NTAPI ZwAssignProcessToJobObject(_In_ HANDLE JobHandle, _In_ HANDLE ProcessHandle)
NtTerminateThread
NTSYSCALLAPI NTSTATUS NTAPI NtTerminateThread(_In_ HANDLE ThreadHandle, _In_ NTSTATUS ExitStatus)
NtTerminateProcess
NTSYSCALLAPI NTSTATUS NTAPI NtTerminateProcess(_In_ HANDLE ProcessHandle, _In_ NTSTATUS ExitStatus)
_In_reads_bytes_
#define _In_reads_bytes_(s)
Definition: no_sal2.h:170
_Out_opt_
#define _Out_opt_
Definition: no_sal2.h:214
_Inout_
#define _Inout_
Definition: no_sal2.h:162
_Must_inspect_result_
#define _Must_inspect_result_
Definition: no_sal2.h:62
_Out_
#define _Out_
Definition: no_sal2.h:160
_In_
#define _In_
Definition: no_sal2.h:158
_In_opt_
#define _In_opt_
Definition: no_sal2.h:212
ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40
NTSYSCALLAPI
#define NTSYSCALLAPI
Definition: ntbasedef.h:208
Service
@ Service
Definition: ntsecapi.h:292
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
__kernel_entry
#define __kernel_entry
Definition: specstrings.h:355
_APPHELP_CACHE_SERVICE_LOOKUP
Definition: pstypes.h:986
_CLIENT_ID
Definition: compat.h:824
_CONTEXT
Definition: nt_native.h:1406
_EPROCESS
Definition: pstypes.h:1262
_ETHREAD
Definition: pstypes.h:1103
_INITIAL_TEB
Definition: pstypes.h:692
_JOB_SET_ARRAY
Definition: pstypes.h:1011
_NT_TIB
Definition: compat.h:710
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_SECURITY_QUALITY_OF_SERVICE
Definition: lsa.idl:63
_TEB
Definition: compat.h:836
_WIN32_CALLOUTS_FPNS
Definition: pstypes.h:1683
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
POOL_TYPE
INT POOL_TYPE
Definition: typedefs.h:78
NTAPI
#define NTAPI
Definition: typedefs.h:36
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
ULONG
uint32_t ULONG
Definition: typedefs.h:59
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
PoolType
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3815
FORCEINLINE
#define FORCEINLINE
Definition: wdftypes.h:67
NTKERNELAPI
#define NTKERNELAPI
Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
ClientId
_Out_ PCLIENT_ID ClientId
Definition: kefuncs.h:1151
OpenAsSelf
_In_ ACCESS_MASK _In_ BOOLEAN OpenAsSelf
Definition: zwfuncs.h:700