ReactOS  r75907
psfuncs.h
Go to the documentation of this file.
1 /******************************************************************************
2  * Process Manager Functions *
3  ******************************************************************************/
4 $if (_WDMDDK_)
5 
6 NTKERNELAPI
7 NTSTATUS
8 NTAPI
9 PsWrapApcWow64Thread(
10  _Inout_ PVOID *ApcContext,
11  _Inout_ PVOID *ApcRoutine);
12 
13 /*
14  * PEPROCESS
15  * PsGetCurrentProcess(VOID)
16  */
17 #define PsGetCurrentProcess IoGetCurrentProcess
18 
19 #if !defined(_PSGETCURRENTTHREAD_)
20 #define _PSGETCURRENTTHREAD_
21 _IRQL_requires_max_(DISPATCH_LEVEL)
22 FORCEINLINE
23 PETHREAD
24 NTAPI
25 PsGetCurrentThread(VOID)
26 {
27  return (PETHREAD)KeGetCurrentThread();
28 }
29 #endif /* !_PSGETCURRENTTHREAD_ */
30 
31 $endif (_WDMDDK_)
32 $if (_NTDDK_)
33 
34 __kernel_entry
35 NTSYSCALLAPI
36 NTSTATUS
37 NTAPI
38 NtOpenProcess(
39  _Out_ PHANDLE ProcessHandle,
40  _In_ ACCESS_MASK DesiredAccess,
41  _In_ POBJECT_ATTRIBUTES ObjectAttributes,
42  _In_opt_ PCLIENT_ID ClientId);
43 
44 __kernel_entry
45 NTSYSCALLAPI
46 NTSTATUS
47 NTAPI
48 NtQueryInformationProcess(
49  _In_ HANDLE ProcessHandle,
50  _In_ PROCESSINFOCLASS ProcessInformationClass,
51  _Out_ PVOID ProcessInformation,
52  _In_ ULONG ProcessInformationLength,
53  _Out_opt_ PULONG ReturnLength);
54 $endif (_NTDDK_)
55 $if (_NTIFS_)
56 
57 _Must_inspect_result_
58 _IRQL_requires_max_(APC_LEVEL)
59 NTKERNELAPI
60 NTSTATUS
61 NTAPI
62 PsLookupProcessByProcessId(
63  _In_ HANDLE ProcessId,
64  _Outptr_ PEPROCESS *Process);
65 
66 _Must_inspect_result_
67 _IRQL_requires_max_(APC_LEVEL)
68 NTKERNELAPI
69 NTSTATUS
70 NTAPI
71 PsLookupThreadByThreadId(
72  _In_ HANDLE UniqueThreadId,
73  _Outptr_ PETHREAD *Thread);
74 $endif (_NTIFS_)
75 
76 #if (NTDDI_VERSION >= NTDDI_WIN2K)
77 
78 $if (_WDMDDK_)
79 _IRQL_requires_max_(APC_LEVEL)
80 _Post_satisfies_(return <= 0)
81 _Must_inspect_result_
82 NTKERNELAPI
83 NTSTATUS
84 NTAPI
85 PsCreateSystemThread(
86  _Out_ PHANDLE ThreadHandle,
87  _In_ ULONG DesiredAccess,
88  _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
89  _In_opt_ HANDLE ProcessHandle,
90  _Out_opt_ PCLIENT_ID ClientId,
91  _In_ PKSTART_ROUTINE StartRoutine,
92  _In_opt_ _When_(return==0, __drv_aliasesMem) PVOID StartContext);
93 
94 _IRQL_requires_max_(PASSIVE_LEVEL)
95 NTKERNELAPI
96 NTSTATUS
97 NTAPI
98 PsTerminateSystemThread(
99  _In_ NTSTATUS ExitStatus);
100 
101 $endif (_WDMDDK_)
102 $if (_NTDDK_)
103 
104 _IRQL_requires_max_(PASSIVE_LEVEL)
105 NTKERNELAPI
106 NTSTATUS
107 NTAPI
108 PsSetCreateProcessNotifyRoutine(
109  _In_ PCREATE_PROCESS_NOTIFY_ROUTINE NotifyRoutine,
110  _In_ BOOLEAN Remove);
111 
112 _IRQL_requires_max_(PASSIVE_LEVEL)
113 NTKERNELAPI
114 NTSTATUS
115 NTAPI
116 PsSetCreateThreadNotifyRoutine(
117  _In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine);
118 
119 _IRQL_requires_max_(PASSIVE_LEVEL)
120 NTKERNELAPI
121 NTSTATUS
122 NTAPI
123 PsSetLoadImageNotifyRoutine(
124  _In_ PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine);
125 
126 NTKERNELAPI
127 HANDLE
128 NTAPI
129 PsGetCurrentProcessId(VOID);
130 
131 _IRQL_requires_max_(DISPATCH_LEVEL)
132 NTKERNELAPI
133 HANDLE
134 NTAPI
135 PsGetCurrentThreadId(VOID);
136 
137 NTKERNELAPI
138 BOOLEAN
139 NTAPI
140 PsGetVersion(
141  OUT PULONG MajorVersion OPTIONAL,
142  OUT PULONG MinorVersion OPTIONAL,
143  OUT PULONG BuildNumber OPTIONAL,
144  OUT PUNICODE_STRING CSDVersion OPTIONAL);
145 $endif (_NTDDK_)
146 $if (_NTIFS_)
147 
148 _IRQL_requires_max_(APC_LEVEL)
149 NTKERNELAPI
150 PACCESS_TOKEN
151 NTAPI
152 PsReferenceImpersonationToken(
153  _Inout_ PETHREAD Thread,
154  _Out_ PBOOLEAN CopyOnOpen,
155  _Out_ PBOOLEAN EffectiveOnly,
156  _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel);
157 
158 _IRQL_requires_max_(APC_LEVEL)
159 NTKERNELAPI
160 LARGE_INTEGER
161 NTAPI
162 PsGetProcessExitTime(VOID);
163 
164 _IRQL_requires_max_(DISPATCH_LEVEL)
165 NTKERNELAPI
166 BOOLEAN
167 NTAPI
168 PsIsThreadTerminating(
169  _In_ PETHREAD Thread);
170 
171 _Must_inspect_result_
172 _IRQL_requires_max_(PASSIVE_LEVEL)
173 NTKERNELAPI
174 NTSTATUS
175 NTAPI
176 PsImpersonateClient(
177  _Inout_ PETHREAD Thread,
178  _In_opt_ PACCESS_TOKEN Token,
179  _In_ BOOLEAN CopyOnOpen,
180  _In_ BOOLEAN EffectiveOnly,
181  _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel);
182 
183 _IRQL_requires_max_(PASSIVE_LEVEL)
184 NTKERNELAPI
185 BOOLEAN
186 NTAPI
187 PsDisableImpersonation(
188  _Inout_ PETHREAD Thread,
189  _Inout_ PSE_IMPERSONATION_STATE ImpersonationState);
190 
191 _IRQL_requires_max_(PASSIVE_LEVEL)
192 NTKERNELAPI
193 VOID
194 NTAPI
195 PsRestoreImpersonation(
196  _Inout_ PETHREAD Thread,
197  _In_ PSE_IMPERSONATION_STATE ImpersonationState);
198 
199 _IRQL_requires_max_(PASSIVE_LEVEL)
200 NTKERNELAPI
201 VOID
202 NTAPI
203 PsRevertToSelf(VOID);
204 
205 _IRQL_requires_max_(APC_LEVEL)
206 NTKERNELAPI
207 VOID
208 NTAPI
209 PsChargePoolQuota(
210  _In_ PEPROCESS Process,
211  _In_ POOL_TYPE PoolType,
212  _In_ ULONG_PTR Amount);
213 
214 _IRQL_requires_max_(APC_LEVEL)
215 NTKERNELAPI
216 VOID
217 NTAPI
218 PsReturnPoolQuota(
219  _In_ PEPROCESS Process,
220  _In_ POOL_TYPE PoolType,
221  _In_ ULONG_PTR Amount);
222 
223 _IRQL_requires_max_(PASSIVE_LEVEL)
224 NTKERNELAPI
225 NTSTATUS
226 NTAPI
227 PsAssignImpersonationToken(
228  _In_ PETHREAD Thread,
229  _In_opt_ HANDLE Token);
230 
231 _IRQL_requires_max_(PASSIVE_LEVEL)
232 NTKERNELAPI
233 HANDLE
234 NTAPI
235 PsReferencePrimaryToken(
236  _Inout_ PEPROCESS Process);
237 $endif (_NTIFS_)
238 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
239 $if (_NTDDK_ || _NTIFS_)
240 #if (NTDDI_VERSION >= NTDDI_WINXP)
241 $endif (_NTDDK_ || _NTIFS_)
242 
243 $if (_NTDDK_)
244 _IRQL_requires_max_(DISPATCH_LEVEL)
245 NTKERNELAPI
246 HANDLE
247 NTAPI
248 PsGetProcessId(
249  _In_ PEPROCESS Process);
250 
251 _IRQL_requires_max_(DISPATCH_LEVEL)
252 NTKERNELAPI
253 HANDLE
254 NTAPI
255 PsGetThreadId(
256  _In_ PETHREAD Thread);
257 
258 NTKERNELAPI
259 PEPROCESS
260 NTAPI
261 PsGetThreadProcess(
262  _In_ PETHREAD Thread
263 );
264 
265 NTKERNELAPI
266 NTSTATUS
267 NTAPI
268 PsRemoveCreateThreadNotifyRoutine(
269  _In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine);
270 
271 _IRQL_requires_max_(PASSIVE_LEVEL)
272 NTKERNELAPI
273 NTSTATUS
274 NTAPI
275 PsRemoveLoadImageNotifyRoutine(
276  _In_ PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine);
277 
278 _IRQL_requires_max_(DISPATCH_LEVEL)
279 NTKERNELAPI
280 LONGLONG
281 NTAPI
282 PsGetProcessCreateTimeQuadPart(
283  _In_ PEPROCESS Process);
284 $endif (_NTDDK_)
285 $if (_NTIFS_)
286 
287 _IRQL_requires_max_(PASSIVE_LEVEL)
288 NTKERNELAPI
289 VOID
290 NTAPI
291 PsDereferencePrimaryToken(
292  _In_ PACCESS_TOKEN PrimaryToken);
293 
294 _IRQL_requires_max_(PASSIVE_LEVEL)
295 NTKERNELAPI
296 VOID
297 NTAPI
298 PsDereferenceImpersonationToken(
299  _In_ PACCESS_TOKEN ImpersonationToken);
300 
301 _Must_inspect_result_
302 _IRQL_requires_max_(APC_LEVEL)
303 NTKERNELAPI
304 NTSTATUS
305 NTAPI
306 PsChargeProcessPoolQuota(
307  _In_ PEPROCESS Process,
308  _In_ POOL_TYPE PoolType,
309  _In_ ULONG_PTR Amount);
310 
311 NTKERNELAPI
312 BOOLEAN
313 NTAPI
314 PsIsSystemThread(
315  _In_ PETHREAD Thread);
316 $endif (_NTIFS_)
317 $if (_NTDDK_ || _NTIFS_)
318 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
319 $endif (_NTDDK_ || _NTIFS_)
320 
321 $if (_NTDDK_)
322 #if (NTDDI_VERSION >= NTDDI_WS03)
323 NTKERNELAPI
324 HANDLE
325 NTAPI
326 PsGetThreadProcessId(
327  IN PETHREAD Thread);
328 #endif /* (NTDDI_VERSION >= NTDDI_WS03) */
329 
330 #if (NTDDI_VERSION >= NTDDI_VISTA)
331 
332 NTKERNELAPI
333 BOOLEAN
334 NTAPI
335 PsSetCurrentThreadPrefetching(
336  IN BOOLEAN Prefetching);
337 
338 NTKERNELAPI
339 BOOLEAN
340 NTAPI
341 PsIsCurrentThreadPrefetching(VOID);
342 
343 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
344 
345 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
346 NTKERNELAPI
347 NTSTATUS
348 NTAPI
349 PsSetCreateProcessNotifyRoutineEx(
350  IN PCREATE_PROCESS_NOTIFY_ROUTINE_EX NotifyRoutine,
351  IN BOOLEAN Remove);
352 #endif /* (NTDDI_VERSION >= NTDDI_VISTASP1) */
353 $endif (_NTDDK_)
PVOID
DWORD *typedef PVOID
Definition: winlogon.h:52
_When_
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE _In_opt_ _When_(return==0, __drv_aliasesMem) PVOID StartContext)
PSECURITY_IMPERSONATION_LEVEL
enum _SECURITY_IMPERSONATION_LEVEL * PSECURITY_IMPERSONATION_LEVEL
PsImpersonateClient
NTSTATUS NTAPI PsImpersonateClient(IN PETHREAD Thread, IN PACCESS_TOKEN Token, IN BOOLEAN CopyOnOpen, IN BOOLEAN EffectiveOnly, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:588
ReturnLength
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
IN
#define IN
Definition: typedefs.h:39
ApcContext
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE _In_opt_ PVOID ApcContext
Definition: iofuncs.h:719
_Must_inspect_result_
#define _Must_inspect_result_
Definition: no_sal2.h:314
PsChargeProcessPoolQuota
NTKERNELAPI NTSTATUS NTAPI PsChargeProcessPoolQuota(_In_ PEPROCESS Process, _In_ POOL_TYPE PoolType, _In_ SIZE_T Amount)
PsGetCurrentProcessId
NTKERNELAPI HANDLE NTAPI PsGetCurrentProcessId(VOID)
Definition: process.c:1123
MinorVersion
ULONG MinorVersion
Definition: ros_glue.cpp:5
MajorVersion
ULONG MajorVersion
Definition: ros_glue.cpp:4
ImpersonationState
_Inout_ PSE_IMPERSONATION_STATE ImpersonationState
Definition: psfuncs.h:189
Process
_Outptr_ PEPROCESS * Process
Definition: psfuncs.h:64
PsGetCurrentThread
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
PsGetProcessExitTime
LARGE_INTEGER NTAPI PsGetProcessExitTime(VOID)
Definition: process.c:1013
StartRoutine
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE StartRoutine
Definition: psfuncs.h:87
_OBJECT_ATTRIBUTES
Definition: umtypes.h:169
PsLookupThreadByThreadId
NTSTATUS NTAPI PsLookupThreadByThreadId(IN HANDLE ThreadId, OUT PETHREAD *Thread)
Definition: thread.c:643
ObjectAttributes
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES ObjectAttributes
Definition: psfuncs.h:40
_NTIFS_
#define _NTIFS_
Definition: ifssupp.h:20
_Outptr_
#define _Outptr_
Definition: no_sal2.h:396
CopyOnOpen
_Out_ PBOOLEAN CopyOnOpen
Definition: psfuncs.h:154
PACCESS_TOKEN
PVOID PACCESS_TOKEN
Definition: setypes.h:11
_WDMDDK_
#define _WDMDDK_
Definition: wdm.template.h:26
PsRemoveLoadImageNotifyRoutine
NTSTATUS NTAPI PsRemoveLoadImageNotifyRoutine(IN PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine)
Definition: psnotify.c:127
ProcessId
_In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ PEPROCESS ProcessId
Definition: iotypes.h:1451
NTSYSCALLAPI
#define NTSYSCALLAPI
Definition: ntbasedef.h:196
_EPROCESS
Definition: pstypes.h:1192
PsIsSystemThread
NTKERNELAPI BOOLEAN NTAPI PsIsSystemThread(_In_ PETHREAD Thread)
$endif
$endif(_WDMDDK_) $if(_NTDDK_) __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcess(_Out_ PHANDLE ProcessHandle
Definition: ke.h:202
_In_opt_
#define _In_opt_
Definition: no_sal2.h:213
PsGetVersion
NTKERNELAPI BOOLEAN NTAPI PsGetVersion(OUT PULONG MajorVersion OPTIONAL, OUT PULONG MinorVersion OPTIONAL, OUT PULONG BuildNumber OPTIONAL, OUT PUNICODE_STRING CSDVersion OPTIONAL)
Definition: psmgr.c:660
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:64
NtQueryInformationProcess
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _Out_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength, _Out_opt_ PULONG ReturnLength)
Thread
_Must_inspect_result_ _Outptr_ PETHREAD * Thread
Definition: psfuncs.h:73
PsSetCreateProcessNotifyRoutineEx
NTKERNELAPI NTSTATUS NTAPI PsSetCreateProcessNotifyRoutineEx(IN PCREATE_PROCESS_NOTIFY_ROUTINE_EX NotifyRoutine, IN BOOLEAN Remove)
NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
PsGetThreadProcess
NTKERNELAPI PEPROCESS NTAPI PsGetThreadProcess(_In_ PETHREAD Thread)
PKSTART_ROUTINE
KSTART_ROUTINE * PKSTART_ROUTINE
Definition: ketypes.h:472
SECURITY_IMPERSONATION_LEVEL
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
__drv_aliasesMem
#define __drv_aliasesMem
Definition: btrfs_drv.h:161
PsRestoreImpersonation
VOID NTAPI PsRestoreImpersonation(IN PETHREAD Thread, IN PSE_IMPERSONATION_STATE ImpersonationState)
Definition: security.c:873
FORCEINLINE
#define FORCEINLINE
Definition: ntbasedef.h:213
_Out_
#define _Out_
Definition: no_sal2.h:323
NTKERNELAPI
#define NTKERNELAPI
PsGetCurrentThreadId
PsGetCurrentThreadId
Definition: CrNtStubs.h:7
_ETHREAD
Definition: pstypes.h:1033
return
return(0)
Token
_Must_inspect_result_ _In_opt_ PACCESS_TOKEN Token
Definition: psfuncs.h:178
PsDisableImpersonation
BOOLEAN NTAPI PsDisableImpersonation(IN PETHREAD Thread, OUT PSE_IMPERSONATION_STATE ImpersonationState)
Definition: security.c:823
LONGLONG
int64_t LONGLONG
Definition: typedefs.h:67
_Out_opt_
#define _Out_opt_
Definition: no_sal2.h:339
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
__kernel_entry
#define __kernel_entry
Definition: specstrings.h:50
PsIsCurrentThreadPrefetching
NTKERNELAPI BOOLEAN NTAPI PsIsCurrentThreadPrefetching(VOID)
POOL_TYPE
INT POOL_TYPE
Definition: typedefs.h:77
PsGetThreadProcessId
HANDLE NTAPI PsGetThreadProcessId(IN PETHREAD Thread)
Definition: thread.c:745
PsSetLoadImageNotifyRoutine
NTSTATUS NTAPI PsSetLoadImageNotifyRoutine(IN PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine)
Definition: psnotify.c:176
ImpersonationLevel
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:154
_Inout_
#define _Inout_
Definition: no_sal2.h:244
PsSetCreateThreadNotifyRoutine
NTSTATUS NTAPI PsSetCreateThreadNotifyRoutine(IN PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine)
Definition: psnotify.c:260
NtOpenProcess
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcess(_Out_ PHANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_opt_ PCLIENT_ID ClientId)
PsSetCurrentThreadPrefetching
NTKERNELAPI BOOLEAN NTAPI PsSetCurrentThreadPrefetching(IN BOOLEAN Prefetching)
Amount
_In_ POOL_TYPE _In_ ULONG_PTR Amount
Definition: psfuncs.h:211
Remove
_In_ BOOLEAN Remove
Definition: psfuncs.h:110
PsLookupProcessByProcessId
NTSTATUS NTAPI PsLookupProcessByProcessId(IN HANDLE ProcessId, OUT PEPROCESS *Process)
Definition: process.c:919
PBOOLEAN
char * PBOOLEAN
Definition: retypes.h:11
PoolType
IN REFCLSID IN PUNKNOWN IN POOL_TYPE PoolType
Definition: unknown.h:68
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:411
PsAssignImpersonationToken
NTSTATUS NTAPI PsAssignImpersonationToken(IN PETHREAD Thread, IN HANDLE TokenHandle)
Definition: security.c:480
PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:418
PASSIVE_LEVEL
#define PASSIVE_LEVEL
Definition: env_spec_w32.h:693
ProcessHandle
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE ProcessHandle
Definition: psfuncs.h:87
_SE_IMPERSONATION_STATE
Definition: setypes.h:115
PsRemoveCreateThreadNotifyRoutine
NTKERNELAPI NTSTATUS NTAPI PsRemoveCreateThreadNotifyRoutine(_In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine)
PsReferenceImpersonationToken
PACCESS_TOKEN NTAPI PsReferenceImpersonationToken(IN PETHREAD Thread, OUT PBOOLEAN CopyOnOpen, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:757
_CLIENT_ID
Definition: compat.h:472
BuildNumber
ULONG BuildNumber
Definition: ros_glue.cpp:6
PsGetProcessCreateTimeQuadPart
LONGLONG NTAPI PsGetProcessCreateTimeQuadPart(PEPROCESS Process)
Definition: process.c:1023
ExitStatus
ACPI_EFI_STATUS ExitStatus
Definition: acefiex.h:480
EffectiveOnly
_Out_ PBOOLEAN _Out_ PBOOLEAN EffectiveOnly
Definition: psfuncs.h:154
DISPATCH_LEVEL
#define DISPATCH_LEVEL
Definition: env_spec_w32.h:696
_In_
#define _In_
Definition: no_sal2.h:204
PCREATE_PROCESS_NOTIFY_ROUTINE
VOID(NTAPI * PCREATE_PROCESS_NOTIFY_ROUTINE)(_In_ HANDLE ParentId, _In_ HANDLE ProcessId, _In_ BOOLEAN Create)
Definition: pstypes.h:160
_UNICODE_STRING
Definition: env_spec_w32.h:368
PCREATE_THREAD_NOTIFY_ROUTINE
VOID(NTAPI * PCREATE_THREAD_NOTIFY_ROUTINE)(_In_ HANDLE ProcessId, _In_ HANDLE ThreadId, _In_ BOOLEAN Create)
Definition: pstypes.h:189
HANDLE
DWORD *typedef HANDLE
Definition: winlogon.h:52
NTSTATUS
LONG NTSTATUS
Definition: DriverTester.h:11
PsTerminateSystemThread
NTSTATUS NTAPI PsTerminateSystemThread(IN NTSTATUS ExitStatus)
Definition: kill.c:1144
PsCreateSystemThread
NTSTATUS NTAPI PsCreateSystemThread(OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN HANDLE ProcessHandle, IN PCLIENT_ID ClientId, IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext)
Definition: thread.c:602
PsWrapApcWow64Thread
NTSTATUS NTAPI PsWrapApcWow64Thread(IN OUT PVOID *ApcContext, IN OUT PVOID *ApcRoutine)
Definition: thread.c:932
PULONG
unsigned int * PULONG
Definition: retypes.h:1
_Post_satisfies_
#define _Post_satisfies_(a)
Definition: btrfs_drv.h:167
_LARGE_INTEGER
Definition: typedefs.h:101
PsDereferencePrimaryToken
VOID NTAPI PsDereferencePrimaryToken(IN PACCESS_TOKEN PrimaryToken)
Definition: security.c:810
PsGetThreadId
NTKERNELAPI HANDLE NTAPI PsGetThreadId(_In_ PETHREAD Thread)
OUT
#define OUT
Definition: typedefs.h:40
PROCESSINFOCLASS
enum _PROCESSINFOCLASS PROCESSINFOCLASS
Definition: loader.c:60
ULONG
unsigned int ULONG
Definition: retypes.h:1
PLOAD_IMAGE_NOTIFY_ROUTINE
VOID(NTAPI * PLOAD_IMAGE_NOTIFY_ROUTINE)(_In_ PUNICODE_STRING FullImageName, _In_ HANDLE ProcessId, _In_ PIMAGE_INFO ImageInfo)
Definition: pstypes.h:220
PsReturnPoolQuota
NTKERNELAPI VOID NTAPI PsReturnPoolQuota(_In_ PEPROCESS Process, _In_ POOL_TYPE PoolType, _In_ SIZE_T Amount)
PsGetProcessId
HANDLE NTAPI PsGetProcessId(PEPROCESS Process)
Definition: process.c:1063
KeGetCurrentThread
#define KeGetCurrentThread
Definition: hal.h:44
PsIsThreadTerminating
BOOLEAN NTAPI PsIsThreadTerminating(IN PETHREAD Thread)
Definition: thread.c:868
APC_LEVEL
#define APC_LEVEL
Definition: env_spec_w32.h:695
PCREATE_PROCESS_NOTIFY_ROUTINE_EX
VOID(NTAPI * PCREATE_PROCESS_NOTIFY_ROUTINE_EX)(_Inout_ PEPROCESS Process, _In_ HANDLE ProcessId, _Inout_opt_ PPS_CREATE_NOTIFY_INFO CreateInfo)
Definition: pstypes.h:183
OPTIONAL
IN HDEVINFO IN PSP_DEVINFO_DATA DeviceInfoData OPTIONAL
Definition: devinst.c:44
ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40
PsRevertToSelf
VOID NTAPI PsRevertToSelf(VOID)
Definition: security.c:534
$if
$if(_WDMDDK_) NTKERNELAPI NTSTATUS NTAPI PsWrapApcWow64Thread(_Inout_ PVOID *ApcContext
Definition: ke.h:1
_NTDDK_
#define _NTDDK_
Definition: ntddk.template.h:26
_IRQL_requires_max_
_IRQL_requires_max_(PASSIVE_LEVEL) NTSYSAPI NTSTATUS NTAPI ZwOpenProcessTokenEx(_In_ HANDLE ProcessHandle
Definition: Messaging.c:37
PsSetCreateProcessNotifyRoutine
NTSTATUS NTAPI PsSetCreateProcessNotifyRoutine(IN PCREATE_PROCESS_NOTIFY_ROUTINE NotifyRoutine, IN BOOLEAN Remove)
Definition: psnotify.c:33
ApcRoutine
_Inout_ PVOID * ApcRoutine
Definition: psfuncs.h:11
ClientId
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _In_opt_ PCLIENT_ID ClientId
Definition: psfuncs.h:40
DesiredAccess
_In_ ACCESS_MASK DesiredAccess
Definition: psfuncs.h:715
PsChargePoolQuota
NTKERNELAPI VOID NTAPI PsChargePoolQuota(_In_ PEPROCESS Process, _In_ POOL_TYPE PoolType, _In_ SIZE_T Amount)
PsDereferenceImpersonationToken
VOID NTAPI PsDereferenceImpersonationToken(IN PACCESS_TOKEN ImpersonationToken)
Definition: security.c:796