psfuncs.h File Reference

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros
#define	PsGetCurrentProcess   IoGetCurrentProcess
#define	_PSGETCURRENTTHREAD_

Functions
	$if (_WDMDDK_) NTKERNELAPI NTSTATUS NTAPI PsWrapApcWow64Thread(_Inout_ PVOID *ApcContext
	_IRQL_requires_max_ (DISPATCH_LEVEL) FORCEINLINE PETHREAD NTAPI PsGetCurrentThread(VOID)
	$endif (_WDMDDK_) $if(_NTDDK_) __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcess(_Out_ PHANDLE ProcessHandle
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI	NtQueryInformationProcess (_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _Out_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength, _Out_opt_ PULONG ReturnLength)
	$endif (_NTDDK_) $if(_NTIFS_) _Must_inspect_result_ _IRQL_requires_max_(APC_LEVEL) NTKERNELAPI NTSTATUS NTAPI PsLookupProcessByProcessId(_In_ HANDLE ProcessId
_Must_inspect_result_	_IRQL_requires_max_ (APC_LEVEL) NTKERNELAPI NTSTATUS NTAPI PsLookupThreadByThreadId(_In_ HANDLE UniqueThreadId
	$endif (_NTIFS_) $if(_WDMDDK_) _IRQL_requires_max_(APC_LEVEL) _Post_satisfies_(return<=0) _Must_inspect_result_ NTKERNELAPI NTSTATUS NTAPI PsCreateSystemThread(_Out_ PHANDLE ThreadHandle
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE _In_opt_	_When_ (return==0, __drv_aliasesMem) PVOID StartContext)
	_IRQL_requires_max_ (PASSIVE_LEVEL) NTKERNELAPI NTSTATUS NTAPI PsTerminateSystemThread(_In_ NTSTATUS ExitStatus)
NTKERNELAPI HANDLE NTAPI	PsGetCurrentProcessId (VOID)
NTKERNELAPI BOOLEAN NTAPI	PsGetVersion (OUT PULONG MajorVersion OPTIONAL, OUT PULONG MinorVersion OPTIONAL, OUT PULONG BuildNumber OPTIONAL, OUT PUNICODE_STRING CSDVersion OPTIONAL)
NTKERNELAPI PEPROCESS NTAPI	PsGetThreadProcess (_In_ PETHREAD Thread)
NTKERNELAPI NTSTATUS NTAPI	PsRemoveCreateThreadNotifyRoutine (_In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine)
NTKERNELAPI BOOLEAN NTAPI	PsIsSystemThread (_In_ PETHREAD Thread)
NTKERNELAPI PVOID NTAPI	PsGetCurrentThreadTeb (VOID)
NTKERNELAPI BOOLEAN NTAPI	PsSetCurrentThreadPrefetching (IN BOOLEAN Prefetching)
NTKERNELAPI BOOLEAN NTAPI	PsIsCurrentThreadPrefetching (VOID)
NTKERNELAPI NTSTATUS NTAPI	PsSetCreateProcessNotifyRoutineEx (IN PCREATE_PROCESS_NOTIFY_ROUTINE_EX NotifyRoutine, IN BOOLEAN Remove)

Variables
_Inout_ PVOID *	ApcRoutine
_In_ ACCESS_MASK	DesiredAccess
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES	ObjectAttributes
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _In_opt_ PCLIENT_ID	ClientId
_Outptr_ PEPROCESS *	Process
_Must_inspect_result_ _Outptr_ PETHREAD *	Thread
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE	ProcessHandle
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE	StartRoutine
_In_ BOOLEAN	Remove
_Out_ PBOOLEAN	CopyOnOpen
_Out_ PBOOLEAN _Out_ PBOOLEAN	EffectiveOnly
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL	ImpersonationLevel
_Must_inspect_result_ _In_opt_ PACCESS_TOKEN	Token
_Inout_ PSE_IMPERSONATION_STATE	ImpersonationState
_In_ POOL_TYPE	PoolType
_In_ POOL_TYPE _In_ ULONG_PTR	Amount

Macro Definition Documentation

_PSGETCURRENTTHREAD_

#define _PSGETCURRENTTHREAD_

Definition at line 20 of file psfuncs.h.

PsGetCurrentProcess

#define PsGetCurrentProcess   IoGetCurrentProcess

Definition at line 17 of file psfuncs.h.

Function Documentation

$endif() [1/3]

$endif

(

_WDMDDK_

)

Definition at line 202 of file ke.h.

{
    ULONGLONG Low;
    LONGLONG High;
} NEON128, *PNEON128;

$endif() [2/3]

$endif

(

_NTDDK_

)

Definition at line 2490 of file iofuncs.h.

{
    PriorityInfo->Size = sizeof(IO_PRIORITY_INFO);
    PriorityInfo->ThreadPriority = 0xffff;
    PriorityInfo->IoPriority = IoPriorityNormal;
    PriorityInfo->PagePriority = 0;
}

$endif() [3/3]

$endif ( _NTIFS_  )

pure virtual

Definition at line 2827 of file rtlfuncs.h.

{
  LARGE_INTEGER ret;
  ret.QuadPart = SignedInteger;
  return ret;
}

$if()

$if

(

_WDMDDK_

)

Kernel definitions for AMD64

Kernel definitions for ARM

Definition at line 1 of file ke.h.

{
    ULONG Dummy;
} KFLOATING_SAVE, *PKFLOATING_SAVE;

_IRQL_requires_max_() [1/3]

_IRQL_requires_max_

(

DISPATCH_LEVEL

)

Definition at line 21 of file psfuncs.h.

{
  return (PETHREAD)KeGetCurrentThread();
}

_IRQL_requires_max_() [2/3]

_Must_inspect_result_ _IRQL_requires_max_

(

APC_LEVEL

)

Definition at line 197 of file cddata.c.

{
    THREAD_CONTEXT ThreadContext = {0};
    PIRP_CONTEXT IrpContext = NULL;
    BOOLEAN Wait;

#ifdef CD_SANITY
    PVOID PreviousTopLevel;
#endif

    NTSTATUS Status;

#if DBG

    KIRQL SaveIrql = KeGetCurrentIrql();

#endif

    ASSERT_OPTIONAL_IRP( Irp );

    UNREFERENCED_PARAMETER( DeviceObject );

    FsRtlEnterFileSystem();

#ifdef CD_SANITY
    PreviousTopLevel = IoGetTopLevelIrp();
#endif

    //
    //  Loop until this request has been completed or posted.
    //

    do {

        //
        //  Use a try-except to handle the exception cases.
        //

        _SEH2_TRY {

            //
            //  If the IrpContext is NULL then this is the first pass through
            //  this loop.
            //

            if (IrpContext == NULL) {

                //
                //  Decide if this request is waitable an allocate the IrpContext.
                //  If the file object in the stack location is NULL then this
                //  is a mount which is always waitable.  Otherwise we look at
                //  the file object flags.
                //

                if (IoGetCurrentIrpStackLocation( Irp )->FileObject == NULL) {

                    Wait = TRUE;

                } else {

                    Wait = CanFsdWait( Irp );
                }

                IrpContext = CdCreateIrpContext( Irp, Wait );

                //
                //  Update the thread context information.
                //

                CdSetThreadContext( IrpContext, &ThreadContext );

#ifdef CD_SANITY
                NT_ASSERT( !CdTestTopLevel ||
                        SafeNodeType( IrpContext->TopLevel ) == CDFS_NTC_IRP_CONTEXT );
#endif

            //
            //  Otherwise cleanup the IrpContext for the retry.
            //

            } else {

                //
                //  Set the MORE_PROCESSING flag to make sure the IrpContext
                //  isn't inadvertently deleted here.  Then cleanup the
                //  IrpContext to perform the retry.
                //

                SetFlag( IrpContext->Flags, IRP_CONTEXT_FLAG_MORE_PROCESSING );
                CdCleanupIrpContext( IrpContext, FALSE );
            }

            //
            //  Case on the major irp code.
            //

            switch (IrpContext->MajorFunction) {

            case IRP_MJ_CREATE :

                Status = CdCommonCreate( IrpContext, Irp );
                break;

            case IRP_MJ_CLOSE :

                Status = CdCommonClose( IrpContext, Irp );
                break;

            case IRP_MJ_READ :

                //
                //  If this is an Mdl complete request, don't go through
                //  common read.
                //

                if (FlagOn( IrpContext->MinorFunction, IRP_MN_COMPLETE )) {

                    Status = CdCompleteMdl( IrpContext, Irp );

                } else {

                    Status = CdCommonRead( IrpContext, Irp );
                }

                break;

            case IRP_MJ_WRITE :

                Status = CdCommonWrite( IrpContext, Irp );
                break;

            case IRP_MJ_QUERY_INFORMATION :

                Status = CdCommonQueryInfo( IrpContext, Irp );
                break;

            case IRP_MJ_SET_INFORMATION :

                Status = CdCommonSetInfo( IrpContext, Irp );
                break;

            case IRP_MJ_QUERY_VOLUME_INFORMATION :

                Status = CdCommonQueryVolInfo( IrpContext, Irp );
                break;

            case IRP_MJ_DIRECTORY_CONTROL :

                Status = CdCommonDirControl( IrpContext, Irp );
                break;

            case IRP_MJ_FILE_SYSTEM_CONTROL :

                Status = CdCommonFsControl( IrpContext, Irp );
                break;

            case IRP_MJ_DEVICE_CONTROL :

                Status = CdCommonDevControl( IrpContext, Irp );
                break;

            case IRP_MJ_LOCK_CONTROL :

                Status = CdCommonLockControl( IrpContext, Irp );
                break;

            case IRP_MJ_CLEANUP :

                Status = CdCommonCleanup( IrpContext, Irp );
                break;

            case IRP_MJ_PNP :

                Status = CdCommonPnp( IrpContext, Irp );
                break;

            case IRP_MJ_SHUTDOWN :
            
                Status = CdCommonShutdown( IrpContext, Irp );
                break;

            default :

                Status = STATUS_INVALID_DEVICE_REQUEST;
                CdCompleteRequest( IrpContext, Irp, Status );
            }

        } _SEH2_EXCEPT( CdExceptionFilter( IrpContext, _SEH2_GetExceptionInformation() )) {

            Status = CdProcessException( IrpContext, Irp, _SEH2_GetExceptionCode() );
        } _SEH2_END;

    } while (Status == STATUS_CANT_WAIT);

#ifdef CD_SANITY
    NT_ASSERT( !CdTestTopLevel ||
            (PreviousTopLevel == IoGetTopLevelIrp()) );
#endif

    FsRtlExitFileSystem();

    NT_ASSERT( SaveIrql == KeGetCurrentIrql( ));

    return Status;
}

_IRQL_requires_max_() [3/3]

_IRQL_requires_max_

(

PASSIVE_LEVEL

)

Definition at line 64 of file Messaging.c.

{
    PFLT_SERVER_PORT_OBJECT PortObject;
    NTSTATUS Status;

    /* The caller must allow at least one connection */
    if (MaxConnections == 0)
    {
        return STATUS_INVALID_PARAMETER;
    }

    /* The request must be for a kernel handle */
    if (!(ObjectAttributes->Attributes & OBJ_KERNEL_HANDLE))
    {
        return STATUS_INVALID_PARAMETER;
    }

    /*
     * Get rundown protection on the target to stop the owner
     * from unloading whilst this port object is open. It gets
     * removed in the FltpServerPortClose callback
     */
    Status = FltObjectReference(Filter);
    if (!NT_SUCCESS(Status))
    {
        return Status;
    }

    /* Create the server port object for this filter */
    Status = ObCreateObject(KernelMode,
                            ServerPortObjectType,
                            ObjectAttributes,
                            KernelMode,
                            NULL,
                            sizeof(FLT_SERVER_PORT_OBJECT),
                            0,
                            0,
                            (PVOID *)&PortObject);
    if (NT_SUCCESS(Status))
    {
        /* Zero out the struct */
        RtlZeroMemory(PortObject, sizeof(FLT_SERVER_PORT_OBJECT));

        /* Increment the ref count on the target filter */
        FltpObjectPointerReference((PFLT_OBJECT)Filter);

        /* Setup the filter port object */
        PortObject->Filter = Filter;
        PortObject->ConnectNotify = ConnectNotifyCallback;
        PortObject->DisconnectNotify = DisconnectNotifyCallback;
        PortObject->MessageNotify = MessageNotifyCallback;
        PortObject->Cookie = ServerPortCookie;
        PortObject->MaxConnections = MaxConnections;

        /* Insert the object */
        Status = ObInsertObject(PortObject,
                                NULL,
                                STANDARD_RIGHTS_ALL | FILE_READ_DATA,
                                0,
                                NULL,
                                (PHANDLE)ServerPort);
        if (NT_SUCCESS(Status))
        {
            /* Lock the connection list */
            ExAcquireFastMutex(&Filter->ConnectionList.mLock);

            /* Add the new port object to the connection list and increment the count */
            InsertTailList(&Filter->ConnectionList.mList, &PortObject->FilterLink);
            Filter->ConnectionList.mCount++;

            /* Unlock the connection list*/
            ExReleaseFastMutex(&Filter->ConnectionList.mLock);
        }
    }

    if (!NT_SUCCESS(Status))
    {
        /* Allow the filter to be cleaned up */
        FltObjectDereference(Filter);
    }

    return Status;
}

_When_()

_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE _In_opt_ _When_	(	return	= =0,
		__drv_aliasesMem
	)

NtQueryInformationProcess()

__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationProcess	(	_In_ HANDLE	ProcessHandle,
		_In_ PROCESSINFOCLASS	ProcessInformationClass,
		_Out_ PVOID	ProcessInformation,
		_In_ ULONG	ProcessInformationLength,
		_Out_opt_ PULONG	ReturnLength
	)

PsGetCurrentProcessId()

NTKERNELAPI HANDLE NTAPI PsGetCurrentProcessId

(

VOID

)

Definition at line 1123 of file process.c.

{
    return (HANDLE)PsGetCurrentProcess()->UniqueProcessId;
}

Referenced by CheckWinstaAttributeAccess(), CmpCreateRegistryRoot(), CmpDoCreateChild(), CmpDoOpen(), CreateProcessNotifyRoutine(), CreateThreadNotifyRoutine(), DbgP(), DdHmgAlloc(), DesktopWindowProc(), DispEchoRequest(), ENTRY_ReferenceEntryByHandle(), ExpLoadBootSymbols(), FileOpenAddress(), FltpCreate(), GDI_CleanupForProcess(), GDIOBJ_hInsertObject(), GDIOBJ_vDereferenceObject(), GDIOBJ_vSetObjectOwner(), GreGetObjectOwner(), handle_gdb_read_mem(), handle_gdb_write_mem(), IntCreateWindowStation(), IntWinStaObjectDelete(), KdInitSystem(), KsecGatherEntropyData(), LpcpDeletePort(), MmLoadSystemImage(), MmUnloadSystemImage(), NtUserLockWindowStation(), NtUserSetLogonNotifyWindow(), NtUserSetWindowStationUser(), NtUserSwitchDesktop(), NtUserUnlockWindowStation(), ObpAllocateObject(), print_error(), ReadMemorySendHandler(), VerifyObjectOwner(), and WriteMemorySendHandler().

PsGetCurrentThreadTeb()

NTKERNELAPI PVOID NTAPI PsGetCurrentThreadTeb

(

VOID

)

Definition at line 785 of file thread.c.

{
    return PsGetCurrentThread()->Tcb.Teb;
}

Referenced by FileOpenAddress().

PsGetThreadProcess()

NTKERNELAPI PEPROCESS NTAPI PsGetThreadProcess

(

_In_ PETHREAD

Thread

)

PsGetVersion()

NTKERNELAPI BOOLEAN NTAPI PsGetVersion	(	OUT PULONG MajorVersion	OPTIONAL,
		OUT PULONG MinorVersion	OPTIONAL,
		OUT PULONG BuildNumber	OPTIONAL,
		OUT PUNICODE_STRING CSDVersion	OPTIONAL
	)

Definition at line 658 of file psmgr.c.

{
    if (MajorVersion) *MajorVersion = NtMajorVersion;
    if (MinorVersion) *MinorVersion = NtMinorVersion;
    if (BuildNumber ) *BuildNumber  = NtBuildNumber & 0x3FFF;

    if (CSDVersion)
    {
        CSDVersion->Length = CmCSDVersionString.Length;
        CSDVersion->MaximumLength = CmCSDVersionString.MaximumLength;
        CSDVersion->Buffer = CmCSDVersionString.Buffer;
    }

    /* Return TRUE if this is a Checked Build */
    return (NtBuildNumber >> 28) == 0xC;
}

PsIsCurrentThreadPrefetching()

NTKERNELAPI BOOLEAN NTAPI PsIsCurrentThreadPrefetching

(

VOID

)

PsIsSystemThread()

NTKERNELAPI BOOLEAN NTAPI PsIsSystemThread

(

_In_ PETHREAD

Thread

)

PsRemoveCreateThreadNotifyRoutine()

NTKERNELAPI NTSTATUS NTAPI PsRemoveCreateThreadNotifyRoutine

(

_In_ PCREATE_THREAD_NOTIFY_ROUTINE

NotifyRoutine

)

PsSetCreateProcessNotifyRoutineEx()

NTKERNELAPI NTSTATUS NTAPI PsSetCreateProcessNotifyRoutineEx	(	IN PCREATE_PROCESS_NOTIFY_ROUTINE_EX	NotifyRoutine,
		IN BOOLEAN	Remove
	)

PsSetCurrentThreadPrefetching()

NTKERNELAPI BOOLEAN NTAPI PsSetCurrentThreadPrefetching

(

IN BOOLEAN

Prefetching

)

Variable Documentation

Amount

_Must_inspect_result_ _In_ POOL_TYPE _In_ ULONG_PTR Amount

Definition at line 211 of file psfuncs.h.

ApcRoutine

_Inout_ PVOID* ApcRoutine

Definition at line 11 of file psfuncs.h.

ClientId

_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID ClientId

Definition at line 40 of file psfuncs.h.

CopyOnOpen

_Must_inspect_result_ _In_opt_ PACCESS_TOKEN _In_ BOOLEAN CopyOnOpen

Definition at line 154 of file psfuncs.h.

Referenced by GetProcessLuid(), NtCloseObjectAuditAlarm(), NtOpenThreadTokenEx(), ObpReferenceDeviceMap(), PsImpersonateClient(), PsReferenceImpersonationToken(), and SeCaptureSubjectContextEx().

DesiredAccess

_In_ ULONG DesiredAccess

Definition at line 40 of file psfuncs.h.

EffectiveOnly

_Must_inspect_result_ _In_opt_ PACCESS_TOKEN _In_ BOOLEAN _In_ BOOLEAN EffectiveOnly

Definition at line 154 of file psfuncs.h.

ImpersonationLevel

_Must_inspect_result_ _In_opt_ PACCESS_TOKEN _In_ BOOLEAN _In_ BOOLEAN _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel

Definition at line 154 of file psfuncs.h.

Referenced by DuplicateToken(), DuplicateTokenEx(), GetProcessLuid(), ImpersonateSelf(), make_impersonation_token(), NtCloseObjectAuditAlarm(), NtOpenThreadTokenEx(), ObpReferenceDeviceMap(), PsAssignImpersonationToken(), PsImpersonateClient(), PsReferenceEffectiveToken(), PsReferenceImpersonationToken(), RtlImpersonateSelf(), SeCreateClientSecurity(), SepCreateClientSecurity(), SepCreateToken(), test_ImpersonateNamedPipeClient(), and test_token_attr().

ImpersonationState

_In_ PSE_IMPERSONATION_STATE ImpersonationState

Definition at line 189 of file psfuncs.h.

Referenced by NtOpenThreadTokenEx(), PsDisableImpersonation(), and PsRestoreImpersonation().

ObjectAttributes

_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes

Definition at line 40 of file psfuncs.h.

PoolType

_Must_inspect_result_ _In_ POOL_TYPE PoolType

Definition at line 211 of file psfuncs.h.

Process

_Outptr_ PEPROCESS* Process

Definition at line 64 of file psfuncs.h.

ProcessHandle

_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE ProcessHandle

Definition at line 87 of file psfuncs.h.

Remove

int Remove

Definition at line 110 of file psfuncs.h.

Referenced by ApphelpCacheUpdateEntry(), co_MsqPeekHardwareMessage(), DECLARE_INTERFACE_(), CIconWatcher::GetListEntry(), MsqPeekMessage(), PsSetCreateProcessNotifyRoutine(), and RtlpCoalesceFreeBlocks().

StartRoutine

_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE StartRoutine

Definition at line 87 of file psfuncs.h.

Referenced by InitThreadDataEx(), KeInitializeThread(), KeInitThread(), KiInitializeContextThread(), KiThreadStartup(), KmtStartThread(), PsCreateSystemThread(), PspCreateThread(), PspSystemThreadStartup(), PspUserThreadStartup(), and RtlpStartWorkerThread().

Thread

_Must_inspect_result_ _Outptr_ PETHREAD* Thread

Definition at line 73 of file psfuncs.h.

Token

_In_opt_ HANDLE Token

Definition at line 178 of file psfuncs.h.