psfuncs.h File Reference

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros
#define	PsGetCurrentProcess   IoGetCurrentProcess
#define	_PSGETCURRENTTHREAD_

Functions
	$if (_WDMDDK_) NTKERNELAPI NTSTATUS NTAPI PsWrapApcWow64Thread(_Inout_ PVOID *ApcContext
	_IRQL_requires_max_ (DISPATCH_LEVEL) FORCEINLINE PETHREAD NTAPI PsGetCurrentThread(VOID)
	$endif (_WDMDDK_) $if(_NTDDK_) __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcess(_Out_ PHANDLE ProcessHandle
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI	NtQueryInformationProcess (_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _Out_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength, _Out_opt_ PULONG ReturnLength)
	$endif (_NTDDK_) $if(_NTIFS_) _Must_inspect_result_ _IRQL_requires_max_(APC_LEVEL) NTKERNELAPI NTSTATUS NTAPI PsLookupProcessByProcessId(_In_ HANDLE ProcessId
_Must_inspect_result_	_IRQL_requires_max_ (APC_LEVEL) NTKERNELAPI NTSTATUS NTAPI PsLookupThreadByThreadId(_In_ HANDLE UniqueThreadId
	$endif (_NTIFS_) $if(_WDMDDK_) _IRQL_requires_max_(APC_LEVEL) _Post_satisfies_(return<=0) _Must_inspect_result_ NTKERNELAPI NTSTATUS NTAPI PsCreateSystemThread(_Out_ PHANDLE ThreadHandle
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE _In_opt_	_When_ (return==0, __drv_aliasesMem) PVOID StartContext)
	_IRQL_requires_max_ (PASSIVE_LEVEL) NTKERNELAPI NTSTATUS NTAPI PsTerminateSystemThread(_In_ NTSTATUS ExitStatus)
NTKERNELAPI HANDLE NTAPI	PsGetCurrentProcessId (VOID)
NTKERNELAPI BOOLEAN NTAPI	PsGetVersion (OUT PULONG MajorVersion OPTIONAL, OUT PULONG MinorVersion OPTIONAL, OUT PULONG BuildNumber OPTIONAL, OUT PUNICODE_STRING CSDVersion OPTIONAL)
NTKERNELAPI PEPROCESS NTAPI	PsGetThreadProcess (_In_ PETHREAD Thread)
NTKERNELAPI NTSTATUS NTAPI	PsRemoveCreateThreadNotifyRoutine (_In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine)
NTKERNELAPI BOOLEAN NTAPI	PsIsSystemThread (_In_ PETHREAD Thread)
NTKERNELAPI PVOID NTAPI	PsGetCurrentThreadTeb (VOID)
NTKERNELAPI BOOLEAN NTAPI	PsSetCurrentThreadPrefetching (IN BOOLEAN Prefetching)
NTKERNELAPI BOOLEAN NTAPI	PsIsCurrentThreadPrefetching (VOID)
NTKERNELAPI NTSTATUS NTAPI	PsSetCreateProcessNotifyRoutineEx (IN PCREATE_PROCESS_NOTIFY_ROUTINE_EX NotifyRoutine, IN BOOLEAN Remove)

Variables
_Inout_ PVOID *	ApcRoutine
_In_ ACCESS_MASK	DesiredAccess
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES	ObjectAttributes
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _In_opt_ PCLIENT_ID	ClientId
_Outptr_ PEPROCESS *	Process
_Must_inspect_result_ _Outptr_ PETHREAD *	Thread
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE	ProcessHandle
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE	StartRoutine
_In_ BOOLEAN	Remove
_Out_ PBOOLEAN	CopyOnOpen
_Out_ PBOOLEAN _Out_ PBOOLEAN	EffectiveOnly
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL	ImpersonationLevel
_Must_inspect_result_ _In_opt_ PACCESS_TOKEN	Token
_Inout_ PSE_IMPERSONATION_STATE	ImpersonationState
_In_ POOL_TYPE	PoolType
_In_ POOL_TYPE _In_ ULONG_PTR	Amount

Macro Definition Documentation

_PSGETCURRENTTHREAD_

#define _PSGETCURRENTTHREAD_

Definition at line 20 of file psfuncs.h.

PsGetCurrentProcess

#define PsGetCurrentProcess   IoGetCurrentProcess

Definition at line 17 of file psfuncs.h.

Function Documentation

$endif() [1/3]

$endif

(

_WDMDDK_

)

Definition at line 202 of file ke.h.

{
    ULONGLONG Low;
    LONGLONG High;
} NEON128, *PNEON128;

$endif() [2/3]

$endif

(

_NTDDK_

)

Definition at line 2494 of file iofuncs.h.

{
    PriorityInfo->Size = sizeof(IO_PRIORITY_INFO);
    PriorityInfo->ThreadPriority = 0xffff;
    PriorityInfo->IoPriority = IoPriorityNormal;
    PriorityInfo->PagePriority = 0;
}

$endif() [3/3]

$endif ( _NTIFS_  )

pure virtual

Definition at line 2827 of file rtlfuncs.h.

{
  LARGE_INTEGER ret;
  ret.QuadPart = SignedInteger;
  return ret;
}

$if()

$if

(

_WDMDDK_

)

Kernel definitions for AMD64

Kernel definitions for ARM

Definition at line 1 of file ke.h.

{
    ULONG Dummy;
} KFLOATING_SAVE, *PKFLOATING_SAVE;

_IRQL_requires_max_() [1/3]

_IRQL_requires_max_

(

DISPATCH_LEVEL

)

Definition at line 21 of file psfuncs.h.

{
  return (PETHREAD)KeGetCurrentThread();
}

_IRQL_requires_max_() [2/3]

_Must_inspect_result_ _IRQL_requires_max_

(

APC_LEVEL

)

Definition at line 197 of file cddata.c.

{
    THREAD_CONTEXT ThreadContext = {0};
    PIRP_CONTEXT IrpContext = NULL;
    BOOLEAN Wait;

#ifdef CD_SANITY
    PVOID PreviousTopLevel;
#endif

    NTSTATUS Status;

#if DBG

    KIRQL SaveIrql = KeGetCurrentIrql();

#endif

    ASSERT_OPTIONAL_IRP( Irp );

    UNREFERENCED_PARAMETER( DeviceObject );

    FsRtlEnterFileSystem();

#ifdef CD_SANITY
    PreviousTopLevel = IoGetTopLevelIrp();
#endif

    //
    //  Loop until this request has been completed or posted.
    //

    do {

        //
        //  Use a try-except to handle the exception cases.
        //

        _SEH2_TRY {

            //
            //  If the IrpContext is NULL then this is the first pass through
            //  this loop.
            //

            if (IrpContext == NULL) {

                //
                //  Decide if this request is waitable an allocate the IrpContext.
                //  If the file object in the stack location is NULL then this
                //  is a mount which is always waitable.  Otherwise we look at
                //  the file object flags.
                //

                if (IoGetCurrentIrpStackLocation( Irp )->FileObject == NULL) {

                    Wait = TRUE;

                } else {

                    Wait = CanFsdWait( Irp );
                }

                IrpContext = CdCreateIrpContext( Irp, Wait );

                //
                //  Update the thread context information.
                //

                CdSetThreadContext( IrpContext, &ThreadContext );

#ifdef CD_SANITY
                NT_ASSERT( !CdTestTopLevel ||
                        SafeNodeType( IrpContext->TopLevel ) == CDFS_NTC_IRP_CONTEXT );
#endif

            //
            //  Otherwise cleanup the IrpContext for the retry.
            //

            } else {

                //
                //  Set the MORE_PROCESSING flag to make sure the IrpContext
                //  isn't inadvertently deleted here.  Then cleanup the
                //  IrpContext to perform the retry.
                //

                SetFlag( IrpContext->Flags, IRP_CONTEXT_FLAG_MORE_PROCESSING );
                CdCleanupIrpContext( IrpContext, FALSE );
            }

            //
            //  Case on the major irp code.
            //

            switch (IrpContext->MajorFunction) {

            case IRP_MJ_CREATE :

                Status = CdCommonCreate( IrpContext, Irp );
                break;

            case IRP_MJ_CLOSE :

                Status = CdCommonClose( IrpContext, Irp );
                break;

            case IRP_MJ_READ :

                //
                //  If this is an Mdl complete request, don't go through
                //  common read.
                //

                if (FlagOn( IrpContext->MinorFunction, IRP_MN_COMPLETE )) {

                    Status = CdCompleteMdl( IrpContext, Irp );

                } else {

                    Status = CdCommonRead( IrpContext, Irp );
                }

                break;

            case IRP_MJ_WRITE :

                Status = CdCommonWrite( IrpContext, Irp );
                break;

            case IRP_MJ_QUERY_INFORMATION :

                Status = CdCommonQueryInfo( IrpContext, Irp );
                break;

            case IRP_MJ_SET_INFORMATION :

                Status = CdCommonSetInfo( IrpContext, Irp );
                break;

            case IRP_MJ_QUERY_VOLUME_INFORMATION :

                Status = CdCommonQueryVolInfo( IrpContext, Irp );
                break;

            case IRP_MJ_DIRECTORY_CONTROL :

                Status = CdCommonDirControl( IrpContext, Irp );
                break;

            case IRP_MJ_FILE_SYSTEM_CONTROL :

                Status = CdCommonFsControl( IrpContext, Irp );
                break;

            case IRP_MJ_DEVICE_CONTROL :

                Status = CdCommonDevControl( IrpContext, Irp );
                break;

            case IRP_MJ_LOCK_CONTROL :

                Status = CdCommonLockControl( IrpContext, Irp );
                break;

            case IRP_MJ_CLEANUP :

                Status = CdCommonCleanup( IrpContext, Irp );
                break;

            case IRP_MJ_PNP :

                Status = CdCommonPnp( IrpContext, Irp );
                break;

            case IRP_MJ_SHUTDOWN :
            
                Status = CdCommonShutdown( IrpContext, Irp );
                break;

            default :

                Status = STATUS_INVALID_DEVICE_REQUEST;
                CdCompleteRequest( IrpContext, Irp, Status );
            }

        } _SEH2_EXCEPT( CdExceptionFilter( IrpContext, _SEH2_GetExceptionInformation() )) {

            Status = CdProcessException( IrpContext, Irp, _SEH2_GetExceptionCode() );
        } _SEH2_END;

    } while (Status == STATUS_CANT_WAIT);

#ifdef CD_SANITY
    NT_ASSERT( !CdTestTopLevel ||
            (PreviousTopLevel == IoGetTopLevelIrp()) );
#endif

    FsRtlExitFileSystem();

    NT_ASSERT( SaveIrql == KeGetCurrentIrql( ));

    return Status;
}

_IRQL_requires_max_() [3/3]

_IRQL_requires_max_

(

PASSIVE_LEVEL

)

Definition at line 64 of file Messaging.c.

{
    PFLT_SERVER_PORT_OBJECT PortObject;
    NTSTATUS Status;

    /* The caller must allow at least one connection */
    if (MaxConnections == 0)
    {
        return STATUS_INVALID_PARAMETER;
    }

    /* The request must be for a kernel handle */
    if (!(ObjectAttributes->Attributes & OBJ_KERNEL_HANDLE))
    {
        return STATUS_INVALID_PARAMETER;
    }

    /*
     * Get rundown protection on the target to stop the owner
     * from unloading whilst this port object is open. It gets
     * removed in the FltpServerPortClose callback
     */
    Status = FltObjectReference(Filter);
    if (!NT_SUCCESS(Status))
    {
        return Status;
    }

    /* Create the server port object for this filter */
    Status = ObCreateObject(KernelMode,
                            ServerPortObjectType,
                            ObjectAttributes,
                            KernelMode,
                            NULL,
                            sizeof(FLT_SERVER_PORT_OBJECT),
                            0,
                            0,
                            (PVOID *)&PortObject);
    if (NT_SUCCESS(Status))
    {
        /* Zero out the struct */
        RtlZeroMemory(PortObject, sizeof(FLT_SERVER_PORT_OBJECT));

        /* Increment the ref count on the target filter */
        FltpObjectPointerReference((PFLT_OBJECT)Filter);

        /* Setup the filter port object */
        PortObject->Filter = Filter;
        PortObject->ConnectNotify = ConnectNotifyCallback;
        PortObject->DisconnectNotify = DisconnectNotifyCallback;
        PortObject->MessageNotify = MessageNotifyCallback;
        PortObject->Cookie = ServerPortCookie;
        PortObject->MaxConnections = MaxConnections;

        /* Insert the object */
        Status = ObInsertObject(PortObject,
                                NULL,
                                STANDARD_RIGHTS_ALL | FILE_READ_DATA,
                                0,
                                NULL,
                                (PHANDLE)ServerPort);
        if (NT_SUCCESS(Status))
        {
            /* Lock the connection list */
            ExAcquireFastMutex(&Filter->ConnectionList.mLock);

            /* Add the new port object to the connection list and increment the count */
            InsertTailList(&Filter->ConnectionList.mList, &PortObject->FilterLink);
            Filter->ConnectionList.mCount++;

            /* Unlock the connection list*/
            ExReleaseFastMutex(&Filter->ConnectionList.mLock);
        }
    }

    if (!NT_SUCCESS(Status))
    {
        /* Allow the filter to be cleaned up */
        FltObjectDereference(Filter);
    }

    return Status;
}

_When_()

_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE _In_opt_ _When_	(	return	= =0,
		__drv_aliasesMem
	)

NtQueryInformationProcess()

__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationProcess	(	_In_ HANDLE	ProcessHandle,
		_In_ PROCESSINFOCLASS	ProcessInformationClass,
		_Out_ PVOID	ProcessInformation,
		_In_ ULONG	ProcessInformationLength,
		_Out_opt_ PULONG	ReturnLength
	)

Definition at line 59 of file query.c.

{
    PEPROCESS Process;
    KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
    NTSTATUS Status;
    ULONG Length = 0;
    HANDLE DebugPort = 0;
    PPROCESS_BASIC_INFORMATION ProcessBasicInfo =
        (PPROCESS_BASIC_INFORMATION)ProcessInformation;
    PKERNEL_USER_TIMES ProcessTime = (PKERNEL_USER_TIMES)ProcessInformation;
    ULONG UserTime, KernelTime;
    PPROCESS_PRIORITY_CLASS PsPriorityClass = (PPROCESS_PRIORITY_CLASS)ProcessInformation;
    ULONG HandleCount;
    PPROCESS_SESSION_INFORMATION SessionInfo =
        (PPROCESS_SESSION_INFORMATION)ProcessInformation;
    PVM_COUNTERS VmCounters = (PVM_COUNTERS)ProcessInformation;
    PIO_COUNTERS IoCounters = (PIO_COUNTERS)ProcessInformation;
    PQUOTA_LIMITS QuotaLimits = (PQUOTA_LIMITS)ProcessInformation;
    PUNICODE_STRING ImageName;
    ULONG Cookie, ExecuteOptions = 0;
    ULONG_PTR Wow64 = 0;
    PROCESS_VALUES ProcessValues;
    ULONG Flags;
    PAGED_CODE();

    /* Check for user-mode caller */
    if (PreviousMode != KernelMode)
    {
        /* Prepare to probe parameters */
        _SEH2_TRY
        {
            /* Probe the buffer */
            ProbeForRead(ProcessInformation,
                         ProcessInformationLength,
                         sizeof(ULONG));

            /* Probe the return length if required */
            if (ReturnLength) ProbeForWriteUlong(ReturnLength);
        }
        _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
        {
            /* Return the exception code */
            _SEH2_YIELD(return _SEH2_GetExceptionCode());
        }
        _SEH2_END;
    }

    if (((ProcessInformationClass == ProcessCookie) ||
         (ProcessInformationClass == ProcessImageInformation)) &&
        (ProcessHandle != NtCurrentProcess()))
    {
        /*
         * Retrieving the process cookie is only allowed for the calling process
         * itself! XP only allows NtCurrentProcess() as process handles even if
         * a real handle actually represents the current process.
         */
        return STATUS_INVALID_PARAMETER;
    }

    /* Check the information class */
    switch (ProcessInformationClass)
    {
        /* Basic process information */
        case ProcessBasicInformation:

            if (ProcessInformationLength != sizeof(PROCESS_BASIC_INFORMATION))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set return length */
            Length = sizeof(PROCESS_BASIC_INFORMATION);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Protect writes with SEH */
            _SEH2_TRY
            {
                /* Write all the information from the EPROCESS/KPROCESS */
                ProcessBasicInfo->ExitStatus = Process->ExitStatus;
                ProcessBasicInfo->PebBaseAddress = Process->Peb;
                ProcessBasicInfo->AffinityMask = Process->Pcb.Affinity;
                ProcessBasicInfo->UniqueProcessId = (ULONG_PTR)Process->
                                                    UniqueProcessId;
                ProcessBasicInfo->InheritedFromUniqueProcessId =
                    (ULONG_PTR)Process->InheritedFromUniqueProcessId;
                ProcessBasicInfo->BasePriority = Process->Pcb.BasePriority;

            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        /* Process quota limits */
        case ProcessQuotaLimits:

            if (ProcessInformationLength != sizeof(QUOTA_LIMITS))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            Length = sizeof(QUOTA_LIMITS);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Indicate success */
            Status = STATUS_SUCCESS;

            _SEH2_TRY
            {
                /* Set max/min working set sizes */
                QuotaLimits->MaximumWorkingSetSize =
                        Process->Vm.MaximumWorkingSetSize << PAGE_SHIFT;
                QuotaLimits->MinimumWorkingSetSize =
                        Process->Vm.MinimumWorkingSetSize << PAGE_SHIFT;

                /* Set default time limits */
                QuotaLimits->TimeLimit.LowPart = MAXULONG;
                QuotaLimits->TimeLimit.HighPart = MAXULONG;

                /* Is quota block a default one? */
                if (Process->QuotaBlock == &PspDefaultQuotaBlock)
                {
                    /* Set default pools and pagefile limits */
                    QuotaLimits->PagedPoolLimit = (SIZE_T)-1;
                    QuotaLimits->NonPagedPoolLimit = (SIZE_T)-1;
                    QuotaLimits->PagefileLimit = (SIZE_T)-1;
                }
                else
                {
                    /* Get limits from non-default quota block */
                    QuotaLimits->PagedPoolLimit =
                        Process->QuotaBlock->QuotaEntry[PagedPool].Limit;
                    QuotaLimits->NonPagedPoolLimit =
                        Process->QuotaBlock->QuotaEntry[NonPagedPool].Limit;
                    QuotaLimits->PagefileLimit =
                        Process->QuotaBlock->QuotaEntry[2].Limit;
                }
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        case ProcessIoCounters:

            if (ProcessInformationLength != sizeof(IO_COUNTERS))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            Length = sizeof(IO_COUNTERS);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Query IO counters from the process */
            KeQueryValuesProcess(&Process->Pcb, &ProcessValues);

            _SEH2_TRY
            {
                RtlCopyMemory(IoCounters, &ProcessValues.IoInfo, sizeof(IO_COUNTERS));
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Ignore exception */
            }
            _SEH2_END;

            /* Set status to success in any case */
            Status = STATUS_SUCCESS;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        /* Timing */
        case ProcessTimes:

            /* Set the return length */
            if (ProcessInformationLength != sizeof(KERNEL_USER_TIMES))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            Length = sizeof(KERNEL_USER_TIMES);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Protect writes with SEH */
            _SEH2_TRY
            {
                /* Copy time information from EPROCESS/KPROCESS */
                KernelTime = KeQueryRuntimeProcess(&Process->Pcb, &UserTime);
                ProcessTime->CreateTime = Process->CreateTime;
                ProcessTime->UserTime.QuadPart = (LONGLONG)UserTime * KeMaximumIncrement;
                ProcessTime->KernelTime.QuadPart = (LONGLONG)KernelTime * KeMaximumIncrement;
                ProcessTime->ExitTime = Process->ExitTime;
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        /* Process Debug Port */
        case ProcessDebugPort:

            if (ProcessInformationLength != sizeof(HANDLE))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set return length */
            Length = sizeof(HANDLE);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Protect write with SEH */
            _SEH2_TRY
            {
                /* Return whether or not we have a debug port */
                *(PHANDLE)ProcessInformation = (Process->DebugPort ?
                                                (HANDLE)-1 : NULL);
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        case ProcessHandleCount:

            if (ProcessInformationLength != sizeof(ULONG))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set the return length*/
            Length = sizeof(ULONG);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Count the number of handles this process has */
            HandleCount = ObGetProcessHandleCount(Process);

            /* Protect write in SEH */
            _SEH2_TRY
            {
                /* Return the count of handles */
                *(PULONG)ProcessInformation = HandleCount;
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get the exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        /* Session ID for the process */
        case ProcessSessionInformation:

            if (ProcessInformationLength != sizeof(PROCESS_SESSION_INFORMATION))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set the return length*/
            Length = sizeof(PROCESS_SESSION_INFORMATION);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Enter SEH for write safety */
            _SEH2_TRY
            {
                /* Write back the Session ID */
                SessionInfo->SessionId = PsGetProcessSessionId(Process);
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get the exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        /* Virtual Memory Statistics */
        case ProcessVmCounters:

            /* Validate the input length */
            if ((ProcessInformationLength != sizeof(VM_COUNTERS)) &&
                (ProcessInformationLength != sizeof(VM_COUNTERS_EX)))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Enter SEH for write safety */
            _SEH2_TRY
            {
                /* Return data from EPROCESS */
                VmCounters->PeakVirtualSize = Process->PeakVirtualSize;
                VmCounters->VirtualSize = Process->VirtualSize;
                VmCounters->PageFaultCount = Process->Vm.PageFaultCount;
                VmCounters->PeakWorkingSetSize = Process->Vm.PeakWorkingSetSize;
                VmCounters->WorkingSetSize = Process->Vm.WorkingSetSize;
                VmCounters->QuotaPeakPagedPoolUsage = Process->QuotaPeak[PsPagedPool];
                VmCounters->QuotaPagedPoolUsage = Process->QuotaUsage[PsPagedPool];
                VmCounters->QuotaPeakNonPagedPoolUsage = Process->QuotaPeak[PsNonPagedPool];
                VmCounters->QuotaNonPagedPoolUsage = Process->QuotaUsage[PsNonPagedPool];
                VmCounters->PagefileUsage = Process->QuotaUsage[PsPageFile] << PAGE_SHIFT;
                VmCounters->PeakPagefileUsage = Process->QuotaPeak[PsPageFile] << PAGE_SHIFT;
                //VmCounters->PrivateUsage = Process->CommitCharge << PAGE_SHIFT;
                //

                /* Set the return length */
                Length = ProcessInformationLength;
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get the exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        /* Hard Error Processing Mode */
        case ProcessDefaultHardErrorMode:

            if (ProcessInformationLength != sizeof(ULONG))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set the return length*/
            Length = sizeof(ULONG);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Enter SEH for writing back data */
            _SEH2_TRY
            {
                /* Write the current processing mode */
                *(PULONG)ProcessInformation = Process->
                                              DefaultHardErrorProcessing;
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get the exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        /* Priority Boosting status */
        case ProcessPriorityBoost:

            if (ProcessInformationLength != sizeof(ULONG))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set the return length */
            Length = sizeof(ULONG);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Enter SEH for writing back data */
            _SEH2_TRY
            {
                /* Return boost status */
                *(PULONG)ProcessInformation = Process->Pcb.DisableBoost ?
                                              TRUE : FALSE;
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get the exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        /* DOS Device Map */
        case ProcessDeviceMap:

            if (ProcessInformationLength == sizeof(PROCESS_DEVICEMAP_INFORMATION_EX))
            {
                /* Protect read in SEH */
                _SEH2_TRY
                {
                    PPROCESS_DEVICEMAP_INFORMATION_EX DeviceMapEx = ProcessInformation;

                    Flags = DeviceMapEx->Flags;
                }
                _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
                {
                    /* Get the exception code */
                    Status = _SEH2_GetExceptionCode();
                    _SEH2_YIELD(break);
                }
                _SEH2_END;

                /* Only one flag is supported and it needs LUID mappings */
                if ((Flags & ~PROCESS_LUID_DOSDEVICES_ONLY) != 0 ||
                    !ObIsLUIDDeviceMapsEnabled())
                {
                    Status = STATUS_INVALID_PARAMETER;
                    break;
                }
            }
            else
            {
                /* This has to be the size of the Query union field for x64 compatibility! */
                if (ProcessInformationLength != RTL_FIELD_SIZE(PROCESS_DEVICEMAP_INFORMATION, Query))
                {
                    Status = STATUS_INFO_LENGTH_MISMATCH;
                    break;
                }

                /* No flags for standard call */
                Flags = 0;
            }

            /* Set the return length */
            Length = ProcessInformationLength;

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Query the device map information */
            Status = ObQueryDeviceMapInformation(Process,
                                                 ProcessInformation,
                                                 Flags);

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        /* Priority class */
        case ProcessPriorityClass:

            if (ProcessInformationLength != sizeof(PROCESS_PRIORITY_CLASS))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set the return length*/
            Length = sizeof(PROCESS_PRIORITY_CLASS);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Enter SEH for writing back data */
            _SEH2_TRY
            {
                /* Return current priority class */
                PsPriorityClass->PriorityClass = Process->PriorityClass;
                PsPriorityClass->Foreground = FALSE;
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get the exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        case ProcessImageFileName:

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Get the image path */
            Status = SeLocateProcessImageName(Process, &ImageName);
            if (NT_SUCCESS(Status))
            {
                /* Set return length */
                Length = ImageName->MaximumLength +
                         sizeof(OBJECT_NAME_INFORMATION);

                /* Make sure it's large enough */
                if (Length <= ProcessInformationLength)
                {
                    /* Enter SEH to protect write */
                    _SEH2_TRY
                    {
                        /* Copy it */
                        RtlCopyMemory(ProcessInformation,
                                      ImageName,
                                      Length);

                        /* Update pointer */
                        ((PUNICODE_STRING)ProcessInformation)->Buffer =
                            (PWSTR)((PUNICODE_STRING)ProcessInformation + 1);
                   }
                    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
                    {
                        /* Get the exception code */
                        Status = _SEH2_GetExceptionCode();
                    }
                    _SEH2_END;
                }
                else
                {
                    /* Buffer too small */
                    Status = STATUS_INFO_LENGTH_MISMATCH;
                }

                /* Free the image path */
                ExFreePoolWithTag(ImageName, TAG_SEPA);
            }
            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        case ProcessDebugFlags:

            if (ProcessInformationLength != sizeof(ULONG))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set the return length*/
            Length = sizeof(ULONG);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Enter SEH for writing back data */
            _SEH2_TRY
            {
                /* Return the debug flag state */
                *(PULONG)ProcessInformation = Process->NoDebugInherit ? 0 : 1;
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get the exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        case ProcessBreakOnTermination:

            if (ProcessInformationLength != sizeof(ULONG))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set the return length */
            Length = sizeof(ULONG);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Enter SEH for writing back data */
            _SEH2_TRY
            {
                /* Return the BreakOnTermination state */
                *(PULONG)ProcessInformation = Process->BreakOnTermination;
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get the exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        /* Per-process security cookie */
        case ProcessCookie:

            /* Get the current process and cookie */
            Process = PsGetCurrentProcess();
            Cookie = Process->Cookie;
            if (!Cookie)
            {
                LARGE_INTEGER SystemTime;
                ULONG NewCookie;
                PKPRCB Prcb;

                /* Generate a new cookie */
                KeQuerySystemTime(&SystemTime);
                Prcb = KeGetCurrentPrcb();
                NewCookie = Prcb->KeSystemCalls ^ Prcb->InterruptTime ^
                            SystemTime.u.LowPart ^ SystemTime.u.HighPart;

                /* Set the new cookie or return the current one */
                Cookie = InterlockedCompareExchange((LONG*)&Process->Cookie,
                                                    NewCookie,
                                                    Cookie);
                if (!Cookie) Cookie = NewCookie;

                /* Set return length */
                Length = sizeof(ULONG);
            }

            /* Indicate success */
            Status = STATUS_SUCCESS;

            /* Enter SEH to protect write */
            _SEH2_TRY
            {
                /* Write back the cookie */
                *(PULONG)ProcessInformation = Cookie;
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get the exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;
            break;

        case ProcessImageInformation:

            if (ProcessInformationLength != sizeof(SECTION_IMAGE_INFORMATION))
            {
                /* Break out */
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set the length required and validate it */
            Length = sizeof(SECTION_IMAGE_INFORMATION);

            /* Enter SEH to protect write */
            _SEH2_TRY
            {
                MmGetImageInformation((PSECTION_IMAGE_INFORMATION)ProcessInformation);
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get the exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Indicate success */
            Status = STATUS_SUCCESS;
            break;

        case ProcessDebugObjectHandle:

            if (ProcessInformationLength != sizeof(HANDLE))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set the return length */
            Length = sizeof(HANDLE);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Get the debug port */
            Status = DbgkOpenProcessDebugPort(Process, PreviousMode, &DebugPort);

            /* Let go of the process */
            ObDereferenceObject(Process);

            /* Protect write in SEH */
            _SEH2_TRY
            {
                /* Return debug port's handle */
                *(PHANDLE)ProcessInformation = DebugPort;
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get the exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;
            break;

        case ProcessHandleTracing:
            DPRINT1("Handle tracing Not implemented: %lx\n", ProcessInformationClass);
            Status = STATUS_NOT_IMPLEMENTED;
            break;

        case ProcessLUIDDeviceMapsEnabled:

            if (ProcessInformationLength != sizeof(ULONG))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set the return length */
            Length = sizeof(ULONG);

            /* Indicate success */
            Status = STATUS_SUCCESS;

            /* Protect write in SEH */
            _SEH2_TRY
            {
                /* Query Ob */
                *(PULONG)ProcessInformation = ObIsLUIDDeviceMapsEnabled();
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get the exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;
            break;

        case ProcessWx86Information:

            if (ProcessInformationLength != sizeof(ULONG))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set the return length */
            Length = sizeof(ULONG);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Protect write in SEH */
            _SEH2_TRY
            {
                /* Return if the flag is set */
                *(PULONG)ProcessInformation = (ULONG)Process->VdmAllowed;
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get the exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        case ProcessWow64Information:

            if (ProcessInformationLength != sizeof(ULONG_PTR))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set return length */
            Length = sizeof(ULONG_PTR);

            /* Reference the process */
            Status = ObReferenceObjectByHandle(ProcessHandle,
                                               PROCESS_QUERY_INFORMATION,
                                               PsProcessType,
                                               PreviousMode,
                                               (PVOID*)&Process,
                                               NULL);
            if (!NT_SUCCESS(Status)) break;

            /* Make sure the process isn't dying */
            if (ExAcquireRundownProtection(&Process->RundownProtect))
            {
                /* Get the WOW64 process structure */
#ifdef _WIN64
                Wow64 = (ULONG_PTR)Process->Wow64Process;
#else
                Wow64 = 0;
#endif
                /* Release the lock */
                ExReleaseRundownProtection(&Process->RundownProtect);
            }

            /* Protect write with SEH */
            _SEH2_TRY
            {
                /* Return whether or not we have a debug port */
                *(PULONG_PTR)ProcessInformation = Wow64;
            }
            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
            {
                /* Get exception code */
                Status = _SEH2_GetExceptionCode();
            }
            _SEH2_END;

            /* Dereference the process */
            ObDereferenceObject(Process);
            break;

        case ProcessExecuteFlags:

            if (ProcessInformationLength != sizeof(ULONG))
            {
                Status = STATUS_INFO_LENGTH_MISMATCH;
                break;
            }

            /* Set return length */
            Length = sizeof(ULONG);

            if (ProcessHandle != NtCurrentProcess())
            {
                return STATUS_INVALID_PARAMETER;
            }

            /* Get the options */
            Status = MmGetExecuteOptions(&ExecuteOptions);
            if (NT_SUCCESS(Status))
            {
                /* Protect write with SEH */
                _SEH2_TRY
                {
                    /* Return them */
                    *(PULONG)ProcessInformation = ExecuteOptions;
                }
                _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
                {
                    /* Get exception code */
                    Status = _SEH2_GetExceptionCode();
                }
                _SEH2_END;
            }
            break;

        case ProcessLdtInformation:
            DPRINT1("VDM/16-bit not implemented: %lx\n", ProcessInformationClass);
            Status = STATUS_NOT_IMPLEMENTED;
            break;

        case ProcessWorkingSetWatch:
            DPRINT1("WS Watch Not implemented: %lx\n", ProcessInformationClass);
            Status = STATUS_NOT_IMPLEMENTED;
            break;

        case ProcessPooledUsageAndLimits:
            DPRINT1("Pool limits Not implemented: %lx\n", ProcessInformationClass);
            Status = STATUS_NOT_IMPLEMENTED;
            break;

        /* Not supported by Server 2003 */
        default:
            DPRINT1("Unsupported info class: %lx\n", ProcessInformationClass);
            Status = STATUS_INVALID_INFO_CLASS;
    }

    /* Protect write with SEH */
    _SEH2_TRY
    {
        /* Check if caller wanted return length */
        if ((ReturnLength) && (Length)) *ReturnLength = Length;
    }
    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
    {
        /* Get exception code */
        Status = _SEH2_GetExceptionCode();
    }
    _SEH2_END;

    return Status;
}

Referenced by _main(), BaseInitializeStaticServerData(), check_live_target(), CheckRemoteDebuggerPresent(), CON_API_NOCONSOLE(), EmptyWorkingSet(), EnumProcessModules(), FindModule(), get_shiminfo(), GetDriveTypeW(), GetErrorMode(), GetExitCodeProcess(), GetLogicalDrives(), GetPriorityClass(), GetProcessAffinityMask(), GetProcessHandleCount(), GetProcessId(), GetProcessImageFileNameA(), GetProcessImageFileNameW(), GetProcessIoCounters(), GetProcessMemoryInfo(), GetProcessPriorityBoost(), GetProcessTimes(), GetProcessVersion(), GetProcessWorkingSetSizeEx(), GetSourcePaths(), GetWsChanges(), GlobalMemoryStatusEx(), InitFunctionPtrs(), Is64BitSystem(), IsCriticalProcess(), IsWow64Process(), PerfDataGetCommandLine(), PrintProcess(), ProcessIdToSessionId(), PsaEnumerateProcessModules(), QueryFlag(), QueryFullProcessImageNameW(), QuerySetProcessValidator(), RtlpQueryRemoteProcessModules(), SmpApiLoop(), SmpCreateVolumeDescriptors(), SmpGetProcessMuSessionId(), Test_ProcessPriorityClassAlignment(), Test_ProcessTimes(), Test_ProcessWx86Information(), UnhandledExceptionFilter(), UserpGetClientFileName(), and Wow64QueryFlag().

PsGetCurrentProcessId()

NTKERNELAPI HANDLE NTAPI PsGetCurrentProcessId

(

VOID

)

Definition at line 1123 of file process.c.

{
    return (HANDLE)PsGetCurrentProcess()->UniqueProcessId;
}

Referenced by CheckWinstaAttributeAccess(), CmpCreateRegistryRoot(), CmpDoCreateChild(), CmpDoOpen(), CreateProcessNotifyRoutine(), CreateThreadNotifyRoutine(), DbgP(), DdHmgAlloc(), DesktopWindowProc(), DispEchoRequest(), ENTRY_ReferenceEntryByHandle(), ExpLoadBootSymbols(), FileOpenAddress(), FltpCreate(), GDI_CleanupForProcess(), GDIOBJ_hInsertObject(), GDIOBJ_vDereferenceObject(), GDIOBJ_vSetObjectOwner(), GreGetObjectOwner(), handle_gdb_read_mem(), handle_gdb_write_mem(), IntCreateWindowStation(), IntWinStaObjectDelete(), KdInitSystem(), KsecGatherEntropyData(), LpcpDeletePort(), MmLoadSystemImage(), MmUnloadSystemImage(), NtUserLockWindowStation(), NtUserSetLogonNotifyWindow(), NtUserSetWindowStationUser(), NtUserSwitchDesktop(), NtUserUnlockWindowStation(), ObpAllocateObject(), print_error(), ReadMemorySendHandler(), VerifyObjectOwner(), and WriteMemorySendHandler().

PsGetCurrentThreadTeb()

NTKERNELAPI PVOID NTAPI PsGetCurrentThreadTeb

(

VOID

)

Definition at line 785 of file thread.c.

{
    return PsGetCurrentThread()->Tcb.Teb;
}

Referenced by FileOpenAddress().

PsGetThreadProcess()

NTKERNELAPI PEPROCESS NTAPI PsGetThreadProcess

(

_In_ PETHREAD

Thread

)

PsGetVersion()

NTKERNELAPI BOOLEAN NTAPI PsGetVersion	(	OUT PULONG MajorVersion	OPTIONAL,
		OUT PULONG MinorVersion	OPTIONAL,
		OUT PULONG BuildNumber	OPTIONAL,
		OUT PUNICODE_STRING CSDVersion	OPTIONAL
	)

Definition at line 658 of file psmgr.c.

{
    if (MajorVersion) *MajorVersion = NtMajorVersion;
    if (MinorVersion) *MinorVersion = NtMinorVersion;
    if (BuildNumber ) *BuildNumber  = NtBuildNumber & 0x3FFF;

    if (CSDVersion)
    {
        CSDVersion->Length = CmCSDVersionString.Length;
        CSDVersion->MaximumLength = CmCSDVersionString.MaximumLength;
        CSDVersion->Buffer = CmCSDVersionString.Buffer;
    }

    /* Return TRUE if this is a Checked Build */
    return (NtBuildNumber >> 28) == 0xC;
}

PsIsCurrentThreadPrefetching()

NTKERNELAPI BOOLEAN NTAPI PsIsCurrentThreadPrefetching

(

VOID

)

PsIsSystemThread()

NTKERNELAPI BOOLEAN NTAPI PsIsSystemThread

(

_In_ PETHREAD

Thread

)

PsRemoveCreateThreadNotifyRoutine()

NTKERNELAPI NTSTATUS NTAPI PsRemoveCreateThreadNotifyRoutine

(

_In_ PCREATE_THREAD_NOTIFY_ROUTINE

NotifyRoutine

)

PsSetCreateProcessNotifyRoutineEx()

NTKERNELAPI NTSTATUS NTAPI PsSetCreateProcessNotifyRoutineEx	(	IN PCREATE_PROCESS_NOTIFY_ROUTINE_EX	NotifyRoutine,
		IN BOOLEAN	Remove
	)

PsSetCurrentThreadPrefetching()

NTKERNELAPI BOOLEAN NTAPI PsSetCurrentThreadPrefetching

(

IN BOOLEAN

Prefetching

)

Variable Documentation

Amount

_Must_inspect_result_ _In_ POOL_TYPE _In_ ULONG_PTR Amount

Definition at line 211 of file psfuncs.h.

ApcRoutine

_Inout_ PVOID* ApcRoutine

Definition at line 11 of file psfuncs.h.

ClientId

_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID ClientId

Definition at line 40 of file psfuncs.h.

CopyOnOpen

_Must_inspect_result_ _In_opt_ PACCESS_TOKEN _In_ BOOLEAN CopyOnOpen

Definition at line 154 of file psfuncs.h.

Referenced by GetProcessLuid(), NtCloseObjectAuditAlarm(), NtOpenThreadTokenEx(), ObpReferenceDeviceMap(), PsImpersonateClient(), PsReferenceImpersonationToken(), and SeCaptureSubjectContextEx().

DesiredAccess

_In_ ULONG DesiredAccess

Definition at line 40 of file psfuncs.h.

EffectiveOnly

_Must_inspect_result_ _In_opt_ PACCESS_TOKEN _In_ BOOLEAN _In_ BOOLEAN EffectiveOnly

Definition at line 154 of file psfuncs.h.

ImpersonationLevel

_Must_inspect_result_ _In_opt_ PACCESS_TOKEN _In_ BOOLEAN _In_ BOOLEAN _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel

Definition at line 154 of file psfuncs.h.

Referenced by DuplicateToken(), DuplicateTokenEx(), GetProcessLuid(), FxRequest::Impersonate(), ImpersonateSelf(), make_impersonation_token(), NtCloseObjectAuditAlarm(), NtOpenThreadTokenEx(), ObpReferenceDeviceMap(), PsAssignImpersonationToken(), PsImpersonateClient(), PsReferenceEffectiveToken(), PsReferenceImpersonationToken(), RtlImpersonateSelf(), SeCreateClientSecurity(), SepCreateClientSecurity(), SepCreateToken(), SeTokenCanImpersonate(), test_ImpersonateNamedPipeClient(), and test_token_attr().

ImpersonationState

_In_ PSE_IMPERSONATION_STATE ImpersonationState

Definition at line 189 of file psfuncs.h.

Referenced by NtOpenThreadTokenEx(), PsDisableImpersonation(), and PsRestoreImpersonation().

ObjectAttributes

_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes

Definition at line 40 of file psfuncs.h.

PoolType

_Must_inspect_result_ _In_ POOL_TYPE PoolType

Definition at line 211 of file psfuncs.h.

Process

_Outptr_ PEPROCESS* Process

Definition at line 64 of file psfuncs.h.

ProcessHandle

_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE ProcessHandle

Definition at line 87 of file psfuncs.h.

Remove

int Remove

Definition at line 110 of file psfuncs.h.

Referenced by ApphelpCacheUpdateEntry(), co_MsqPeekHardwareMessage(), DECLARE_INTERFACE_(), CIconWatcher::GetListEntry(), MsqPeekMessage(), PsSetCreateProcessNotifyRoutine(), and RtlpCoalesceFreeBlocks().

StartRoutine

_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE StartRoutine

Definition at line 87 of file psfuncs.h.

Referenced by InitThreadDataEx(), KeInitializeThread(), KeInitThread(), KiInitializeContextThread(), KiThreadStartup(), KmtStartThread(), PsCreateSystemThread(), PspCreateThread(), PspSystemThreadStartup(), PspUserThreadStartup(), and RtlpStartWorkerThread().

Thread

_Must_inspect_result_ _Outptr_ PETHREAD* Thread

Definition at line 73 of file psfuncs.h.

Token

_In_opt_ HANDLE Token

Definition at line 178 of file psfuncs.h.