ReactOS  0.4.15-dev-4870-g846c9aa
psfuncs.h
Go to the documentation of this file.
1 /******************************************************************************
2  * Process Manager Functions *
3  ******************************************************************************/
4 $if (_WDMDDK_)
5 
6 NTKERNELAPI
7 NTSTATUS
8 NTAPI
9 PsWrapApcWow64Thread(
10  _Inout_ PVOID *ApcContext,
11  _Inout_ PVOID *ApcRoutine);
12 
13 /*
14  * PEPROCESS
15  * PsGetCurrentProcess(VOID)
16  */
17 #define PsGetCurrentProcess IoGetCurrentProcess
18 
19 #if !defined(_PSGETCURRENTTHREAD_)
20 #define _PSGETCURRENTTHREAD_
21 _IRQL_requires_max_(DISPATCH_LEVEL)
22 FORCEINLINE
23 PETHREAD
24 NTAPI
25 PsGetCurrentThread(VOID)
26 {
27  return (PETHREAD)KeGetCurrentThread();
28 }
29 #endif /* !_PSGETCURRENTTHREAD_ */
30 
31 $endif (_WDMDDK_)
32 $if (_NTDDK_)
33 
34 __kernel_entry
35 NTSYSCALLAPI
36 NTSTATUS
37 NTAPI
38 NtOpenProcess(
39  _Out_ PHANDLE ProcessHandle,
40  _In_ ACCESS_MASK DesiredAccess,
41  _In_ POBJECT_ATTRIBUTES ObjectAttributes,
42  _In_opt_ PCLIENT_ID ClientId);
43 
44 __kernel_entry
45 NTSYSCALLAPI
46 NTSTATUS
47 NTAPI
48 NtQueryInformationProcess(
49  _In_ HANDLE ProcessHandle,
50  _In_ PROCESSINFOCLASS ProcessInformationClass,
51  _Out_ PVOID ProcessInformation,
52  _In_ ULONG ProcessInformationLength,
53  _Out_opt_ PULONG ReturnLength);
54 $endif (_NTDDK_)
55 $if (_NTIFS_)
56 
57 _Must_inspect_result_
58 _IRQL_requires_max_(APC_LEVEL)
59 NTKERNELAPI
60 NTSTATUS
61 NTAPI
62 PsLookupProcessByProcessId(
63  _In_ HANDLE ProcessId,
64  _Outptr_ PEPROCESS *Process);
65 
66 _Must_inspect_result_
67 _IRQL_requires_max_(APC_LEVEL)
68 NTKERNELAPI
69 NTSTATUS
70 NTAPI
71 PsLookupThreadByThreadId(
72  _In_ HANDLE UniqueThreadId,
73  _Outptr_ PETHREAD *Thread);
74 $endif (_NTIFS_)
75 
76 #if (NTDDI_VERSION >= NTDDI_WIN2K)
77 
78 $if (_WDMDDK_)
79 _IRQL_requires_max_(APC_LEVEL)
80 _Post_satisfies_(return <= 0)
81 _Must_inspect_result_
82 NTKERNELAPI
83 NTSTATUS
84 NTAPI
85 PsCreateSystemThread(
86  _Out_ PHANDLE ThreadHandle,
87  _In_ ULONG DesiredAccess,
88  _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
89  _In_opt_ HANDLE ProcessHandle,
90  _Out_opt_ PCLIENT_ID ClientId,
91  _In_ PKSTART_ROUTINE StartRoutine,
92  _In_opt_ _When_(return==0, __drv_aliasesMem) PVOID StartContext);
93 
94 _IRQL_requires_max_(PASSIVE_LEVEL)
95 NTKERNELAPI
96 NTSTATUS
97 NTAPI
98 PsTerminateSystemThread(
99  _In_ NTSTATUS ExitStatus);
100 
101 $endif (_WDMDDK_)
102 $if (_NTDDK_)
103 
104 _IRQL_requires_max_(PASSIVE_LEVEL)
105 NTKERNELAPI
106 NTSTATUS
107 NTAPI
108 PsSetCreateProcessNotifyRoutine(
109  _In_ PCREATE_PROCESS_NOTIFY_ROUTINE NotifyRoutine,
110  _In_ BOOLEAN Remove);
111 
112 _IRQL_requires_max_(PASSIVE_LEVEL)
113 NTKERNELAPI
114 NTSTATUS
115 NTAPI
116 PsSetCreateThreadNotifyRoutine(
117  _In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine);
118 
119 _IRQL_requires_max_(PASSIVE_LEVEL)
120 NTKERNELAPI
121 NTSTATUS
122 NTAPI
123 PsSetLoadImageNotifyRoutine(
124  _In_ PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine);
125 
126 NTKERNELAPI
127 HANDLE
128 NTAPI
129 PsGetCurrentProcessId(VOID);
130 
131 _IRQL_requires_max_(DISPATCH_LEVEL)
132 NTKERNELAPI
133 HANDLE
134 NTAPI
135 PsGetCurrentThreadId(VOID);
136 
137 NTKERNELAPI
138 BOOLEAN
139 NTAPI
140 PsGetVersion(
141  OUT PULONG MajorVersion OPTIONAL,
142  OUT PULONG MinorVersion OPTIONAL,
143  OUT PULONG BuildNumber OPTIONAL,
144  OUT PUNICODE_STRING CSDVersion OPTIONAL);
145 $endif (_NTDDK_)
146 $if (_NTIFS_)
147 
148 _IRQL_requires_max_(APC_LEVEL)
149 NTKERNELAPI
150 PACCESS_TOKEN
151 NTAPI
152 PsReferenceImpersonationToken(
153  _Inout_ PETHREAD Thread,
154  _Out_ PBOOLEAN CopyOnOpen,
155  _Out_ PBOOLEAN EffectiveOnly,
156  _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel);
157 
158 _IRQL_requires_max_(APC_LEVEL)
159 NTKERNELAPI
160 LARGE_INTEGER
161 NTAPI
162 PsGetProcessExitTime(VOID);
163 
164 _IRQL_requires_max_(DISPATCH_LEVEL)
165 NTKERNELAPI
166 BOOLEAN
167 NTAPI
168 PsIsThreadTerminating(
169  _In_ PETHREAD Thread);
170 
171 _Must_inspect_result_
172 _IRQL_requires_max_(PASSIVE_LEVEL)
173 NTKERNELAPI
174 NTSTATUS
175 NTAPI
176 PsImpersonateClient(
177  _Inout_ PETHREAD Thread,
178  _In_opt_ PACCESS_TOKEN Token,
179  _In_ BOOLEAN CopyOnOpen,
180  _In_ BOOLEAN EffectiveOnly,
181  _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel);
182 
183 _IRQL_requires_max_(PASSIVE_LEVEL)
184 NTKERNELAPI
185 BOOLEAN
186 NTAPI
187 PsDisableImpersonation(
188  _Inout_ PETHREAD Thread,
189  _Inout_ PSE_IMPERSONATION_STATE ImpersonationState);
190 
191 _IRQL_requires_max_(PASSIVE_LEVEL)
192 NTKERNELAPI
193 VOID
194 NTAPI
195 PsRestoreImpersonation(
196  _Inout_ PETHREAD Thread,
197  _In_ PSE_IMPERSONATION_STATE ImpersonationState);
198 
199 _IRQL_requires_max_(PASSIVE_LEVEL)
200 NTKERNELAPI
201 VOID
202 NTAPI
203 PsRevertToSelf(VOID);
204 
205 _IRQL_requires_max_(APC_LEVEL)
206 NTKERNELAPI
207 VOID
208 NTAPI
209 PsChargePoolQuota(
210  _In_ PEPROCESS Process,
211  _In_ POOL_TYPE PoolType,
212  _In_ ULONG_PTR Amount);
213 
214 _IRQL_requires_max_(APC_LEVEL)
215 NTKERNELAPI
216 VOID
217 NTAPI
218 PsReturnPoolQuota(
219  _In_ PEPROCESS Process,
220  _In_ POOL_TYPE PoolType,
221  _In_ ULONG_PTR Amount);
222 
223 _IRQL_requires_max_(PASSIVE_LEVEL)
224 NTKERNELAPI
225 NTSTATUS
226 NTAPI
227 PsAssignImpersonationToken(
228  _In_ PETHREAD Thread,
229  _In_opt_ HANDLE Token);
230 
231 _IRQL_requires_max_(PASSIVE_LEVEL)
232 NTKERNELAPI
233 HANDLE
234 NTAPI
235 PsReferencePrimaryToken(
236  _Inout_ PEPROCESS Process);
237 $endif (_NTIFS_)
238 #endif /* (NTDDI_VERSION >= NTDDI_WIN2K) */
239 $if (_NTDDK_ || _NTIFS_)
240 #if (NTDDI_VERSION >= NTDDI_WINXP)
241 $endif (_NTDDK_ || _NTIFS_)
242 
243 $if (_NTDDK_)
244 _IRQL_requires_max_(DISPATCH_LEVEL)
245 NTKERNELAPI
246 HANDLE
247 NTAPI
248 PsGetProcessId(
249  _In_ PEPROCESS Process);
250 
251 _IRQL_requires_max_(DISPATCH_LEVEL)
252 NTKERNELAPI
253 HANDLE
254 NTAPI
255 PsGetThreadId(
256  _In_ PETHREAD Thread);
257 
258 NTKERNELAPI
259 PEPROCESS
260 NTAPI
261 PsGetThreadProcess(
262  _In_ PETHREAD Thread
263 );
264 
265 NTKERNELAPI
266 NTSTATUS
267 NTAPI
268 PsRemoveCreateThreadNotifyRoutine(
269  _In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine);
270 
271 _IRQL_requires_max_(PASSIVE_LEVEL)
272 NTKERNELAPI
273 NTSTATUS
274 NTAPI
275 PsRemoveLoadImageNotifyRoutine(
276  _In_ PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine);
277 
278 _IRQL_requires_max_(DISPATCH_LEVEL)
279 NTKERNELAPI
280 LONGLONG
281 NTAPI
282 PsGetProcessCreateTimeQuadPart(
283  _In_ PEPROCESS Process);
284 $endif (_NTDDK_)
285 $if (_NTIFS_)
286 
287 _IRQL_requires_max_(PASSIVE_LEVEL)
288 NTKERNELAPI
289 VOID
290 NTAPI
291 PsDereferencePrimaryToken(
292  _In_ PACCESS_TOKEN PrimaryToken);
293 
294 _IRQL_requires_max_(PASSIVE_LEVEL)
295 NTKERNELAPI
296 VOID
297 NTAPI
298 PsDereferenceImpersonationToken(
299  _In_ PACCESS_TOKEN ImpersonationToken);
300 
301 _Must_inspect_result_
302 _IRQL_requires_max_(APC_LEVEL)
303 NTKERNELAPI
304 NTSTATUS
305 NTAPI
306 PsChargeProcessPoolQuota(
307  _In_ PEPROCESS Process,
308  _In_ POOL_TYPE PoolType,
309  _In_ ULONG_PTR Amount);
310 
311 NTKERNELAPI
312 BOOLEAN
313 NTAPI
314 PsIsSystemThread(
315  _In_ PETHREAD Thread);
316 $endif (_NTIFS_)
317 $if (_NTDDK_ || _NTIFS_)
318 #endif /* (NTDDI_VERSION >= NTDDI_WINXP) */
319 $endif (_NTDDK_ || _NTIFS_)
320 
321 $if (_NTDDK_)
322 #if (NTDDI_VERSION >= NTDDI_WS03)
323 NTKERNELAPI
324 HANDLE
325 NTAPI
326 PsGetThreadProcessId(
327  IN PETHREAD Thread);
328 #endif /* (NTDDI_VERSION >= NTDDI_WS03) */
329 
330 #if (NTDDI_VERSION >= NTDDI_WS03SP1)
331 NTKERNELAPI
332 PVOID
333 NTAPI
334 PsGetCurrentThreadTeb(
335  VOID);
336 #endif /* (NTDDI_VERSION >= NTDDI_WS03SP1) */
337 
338 #if (NTDDI_VERSION >= NTDDI_VISTA)
339 
340 NTKERNELAPI
341 BOOLEAN
342 NTAPI
343 PsSetCurrentThreadPrefetching(
344  IN BOOLEAN Prefetching);
345 
346 NTKERNELAPI
347 BOOLEAN
348 NTAPI
349 PsIsCurrentThreadPrefetching(VOID);
350 
351 #endif /* (NTDDI_VERSION >= NTDDI_VISTA) */
352 
353 #if (NTDDI_VERSION >= NTDDI_VISTASP1)
354 NTKERNELAPI
355 NTSTATUS
356 NTAPI
357 PsSetCreateProcessNotifyRoutineEx(
358  IN PCREATE_PROCESS_NOTIFY_ROUTINE_EX NotifyRoutine,
359  IN BOOLEAN Remove);
360 #endif /* (NTDDI_VERSION >= NTDDI_VISTASP1) */
361 $endif (_NTDDK_)
_When_
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE _In_opt_ _When_(return==0, __drv_aliasesMem) PVOID StartContext)
PSECURITY_IMPERSONATION_LEVEL
enum _SECURITY_IMPERSONATION_LEVEL * PSECURITY_IMPERSONATION_LEVEL
PsImpersonateClient
NTSTATUS NTAPI PsImpersonateClient(IN PETHREAD Thread, IN PACCESS_TOKEN Token, IN BOOLEAN CopyOnOpen, IN BOOLEAN EffectiveOnly, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:610
ReturnLength
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
IN
#define IN
Definition: typedefs.h:39
return
return
Definition: dirsup.c:529
ApcContext
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE _In_opt_ PVOID ApcContext
Definition: iofuncs.h:719
ProcessId
IN PLARGE_INTEGER IN PLARGE_INTEGER PEPROCESS ProcessId
Definition: fatprocs.h:2709
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
PsChargeProcessPoolQuota
NTKERNELAPI NTSTATUS NTAPI PsChargeProcessPoolQuota(_In_ PEPROCESS Process, _In_ POOL_TYPE PoolType, _In_ SIZE_T Amount)
Charges the process' quota pool. The type of quota to be charged depends upon the PoolType parameter.
Definition: quota.c:872
PsGetCurrentProcessId
NTKERNELAPI HANDLE NTAPI PsGetCurrentProcessId(VOID)
Definition: process.c:1123
MinorVersion
ULONG MinorVersion
Definition: ros_glue.cpp:5
MajorVersion
ULONG MajorVersion
Definition: ros_glue.cpp:4
_In_opt_
#define _In_opt_
Definition: ms_sal.h:309
ImpersonationState
_Inout_ PSE_IMPERSONATION_STATE ImpersonationState
Definition: psfuncs.h:189
_Inout_
#define _Inout_
Definition: ms_sal.h:378
Process
_Outptr_ PEPROCESS * Process
Definition: psfuncs.h:64
PsGetCurrentThread
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
_Out_
#define _Out_
Definition: ms_sal.h:345
PsGetProcessExitTime
LARGE_INTEGER NTAPI PsGetProcessExitTime(VOID)
Definition: process.c:1013
PCREATE_THREAD_NOTIFY_ROUTINE
VOID(NTAPI * PCREATE_THREAD_NOTIFY_ROUTINE)(_In_ HANDLE ProcessId, _In_ HANDLE ThreadId, _In_ BOOLEAN Create)
Definition: pstypes.h:189
StartRoutine
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE StartRoutine
Definition: psfuncs.h:87
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
PsRevertToSelf
NTKERNELAPI VOID NTAPI PsRevertToSelf(VOID)
Definition: security.c:556
PsLookupThreadByThreadId
NTSTATUS NTAPI PsLookupThreadByThreadId(IN HANDLE ThreadId, OUT PETHREAD *Thread)
Definition: thread.c:643
_Outptr_
#define _Outptr_
Definition: ms_sal.h:427
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ObjectAttributes
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES ObjectAttributes
Definition: psfuncs.h:40
_NTIFS_
#define _NTIFS_
Definition: ifssupp.h:20
CopyOnOpen
_Out_ PBOOLEAN CopyOnOpen
Definition: psfuncs.h:154
_WDMDDK_
#define _WDMDDK_
Definition: wdm.template.h:26
PsRemoveLoadImageNotifyRoutine
NTSTATUS NTAPI PsRemoveLoadImageNotifyRoutine(IN PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine)
Definition: psnotify.c:127
NTSYSCALLAPI
#define NTSYSCALLAPI
Definition: ntbasedef.h:204
_EPROCESS
Definition: pstypes.h:1260
PsIsSystemThread
NTKERNELAPI BOOLEAN NTAPI PsIsSystemThread(_In_ PETHREAD Thread)
$endif
$endif(_WDMDDK_) $if(_NTDDK_) __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcess(_Out_ PHANDLE ProcessHandle
Definition: ke.h:202
PsGetVersion
NTKERNELAPI BOOLEAN NTAPI PsGetVersion(OUT PULONG MajorVersion OPTIONAL, OUT PULONG MinorVersion OPTIONAL, OUT PULONG BuildNumber OPTIONAL, OUT PUNICODE_STRING CSDVersion OPTIONAL)
Definition: psmgr.c:658
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
NtQueryInformationProcess
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _Out_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength, _Out_opt_ PULONG ReturnLength)
Definition: query.c:59
Thread
_Must_inspect_result_ _Outptr_ PETHREAD * Thread
Definition: psfuncs.h:73
PsSetCreateProcessNotifyRoutineEx
NTKERNELAPI NTSTATUS NTAPI PsSetCreateProcessNotifyRoutineEx(IN PCREATE_PROCESS_NOTIFY_ROUTINE_EX NotifyRoutine, IN BOOLEAN Remove)
PROCESSINFOCLASS
enum _PROCESSINFOCLASS PROCESSINFOCLASS
Definition: loader.c:63
NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
PsGetThreadProcess
NTKERNELAPI PEPROCESS NTAPI PsGetThreadProcess(_In_ PETHREAD Thread)
PKSTART_ROUTINE
KSTART_ROUTINE * PKSTART_ROUTINE
Definition: ketypes.h:487
PLOAD_IMAGE_NOTIFY_ROUTINE
VOID(NTAPI * PLOAD_IMAGE_NOTIFY_ROUTINE)(_In_ PUNICODE_STRING FullImageName, _In_ HANDLE ProcessId, _In_ PIMAGE_INFO ImageInfo)
Definition: pstypes.h:220
SECURITY_IMPERSONATION_LEVEL
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
__drv_aliasesMem
#define __drv_aliasesMem
Definition: btrfs_drv.h:203
PsRestoreImpersonation
VOID NTAPI PsRestoreImpersonation(IN PETHREAD Thread, IN PSE_IMPERSONATION_STATE ImpersonationState)
Definition: security.c:965
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
PCREATE_PROCESS_NOTIFY_ROUTINE_EX
VOID(NTAPI * PCREATE_PROCESS_NOTIFY_ROUTINE_EX)(_Inout_ PEPROCESS Process, _In_ HANDLE ProcessId, _Inout_opt_ PPS_CREATE_NOTIFY_INFO CreateInfo)
Definition: pstypes.h:183
_In_
#define _In_
Definition: ms_sal.h:308
NTKERNELAPI
#define NTKERNELAPI
Remove
_In_ BOOLEAN Remove
Definition: psfuncs.h:110
PsGetCurrentThreadId
PsGetCurrentThreadId
Definition: CrNtStubs.h:7
_ETHREAD
Definition: pstypes.h:1101
Token
_Must_inspect_result_ _In_opt_ PACCESS_TOKEN Token
Definition: psfuncs.h:178
PsDisableImpersonation
BOOLEAN NTAPI PsDisableImpersonation(IN PETHREAD Thread, OUT PSE_IMPERSONATION_STATE ImpersonationState)
Definition: security.c:915
LONGLONG
int64_t LONGLONG
Definition: typedefs.h:68
_Post_satisfies_
#define _Post_satisfies_(cond)
Definition: ms_sal.h:588
__kernel_entry
#define __kernel_entry
Definition: specstrings.h:355
PsIsCurrentThreadPrefetching
NTKERNELAPI BOOLEAN NTAPI PsIsCurrentThreadPrefetching(VOID)
POOL_TYPE
INT POOL_TYPE
Definition: typedefs.h:78
PsGetThreadProcessId
HANDLE NTAPI PsGetThreadProcessId(IN PETHREAD Thread)
Definition: thread.c:745
PsSetLoadImageNotifyRoutine
NTSTATUS NTAPI PsSetLoadImageNotifyRoutine(IN PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine)
Definition: psnotify.c:176
ImpersonationLevel
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:154
PCREATE_PROCESS_NOTIFY_ROUTINE
VOID(NTAPI * PCREATE_PROCESS_NOTIFY_ROUTINE)(_In_ HANDLE ParentId, _In_ HANDLE ProcessId, _In_ BOOLEAN Create)
Definition: pstypes.h:160
PsSetCreateThreadNotifyRoutine
NTSTATUS NTAPI PsSetCreateThreadNotifyRoutine(IN PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine)
Definition: psnotify.c:260
NtOpenProcess
__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtOpenProcess(_Out_ PHANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _In_opt_ PCLIENT_ID ClientId)
PsSetCurrentThreadPrefetching
NTKERNELAPI BOOLEAN NTAPI PsSetCurrentThreadPrefetching(IN BOOLEAN Prefetching)
Amount
_In_ POOL_TYPE _In_ ULONG_PTR Amount
Definition: psfuncs.h:211
PsLookupProcessByProcessId
NTSTATUS NTAPI PsLookupProcessByProcessId(IN HANDLE ProcessId, OUT PEPROCESS *Process)
Definition: process.c:919
PBOOLEAN
char * PBOOLEAN
Definition: retypes.h:11
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:454
PsGetCurrentThreadTeb
NTKERNELAPI PVOID NTAPI PsGetCurrentThreadTeb(VOID)
Definition: thread.c:785
PsAssignImpersonationToken
NTSTATUS NTAPI PsAssignImpersonationToken(IN PETHREAD Thread, IN HANDLE TokenHandle)
Definition: security.c:502
PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
PASSIVE_LEVEL
#define PASSIVE_LEVEL
Definition: env_spec_w32.h:693
_Must_inspect_result_
#define _Must_inspect_result_
Definition: ms_sal.h:558
ProcessHandle
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE ProcessHandle
Definition: psfuncs.h:87
_SE_IMPERSONATION_STATE
Definition: setypes.h:115
PsRemoveCreateThreadNotifyRoutine
NTKERNELAPI NTSTATUS NTAPI PsRemoveCreateThreadNotifyRoutine(_In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine)
PsReferenceImpersonationToken
PACCESS_TOKEN NTAPI PsReferenceImpersonationToken(IN PETHREAD Thread, OUT PBOOLEAN CopyOnOpen, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:849
_CLIENT_ID
Definition: compat.h:682
BuildNumber
ULONG BuildNumber
Definition: ros_glue.cpp:6
PsGetProcessCreateTimeQuadPart
LONGLONG NTAPI PsGetProcessCreateTimeQuadPart(PEPROCESS Process)
Definition: process.c:1023
EffectiveOnly
_Out_ PBOOLEAN _Out_ PBOOLEAN EffectiveOnly
Definition: psfuncs.h:154
DISPATCH_LEVEL
#define DISPATCH_LEVEL
Definition: env_spec_w32.h:696
_UNICODE_STRING
Definition: env_spec_w32.h:368
PsTerminateSystemThread
NTSTATUS NTAPI PsTerminateSystemThread(IN NTSTATUS ExitStatus)
Definition: kill.c:1148
ExitStatus
_In_ NTSTATUS ExitStatus
Definition: psfuncs.h:859
PsCreateSystemThread
NTSTATUS NTAPI PsCreateSystemThread(OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN HANDLE ProcessHandle, IN PCLIENT_ID ClientId, IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext)
Definition: thread.c:602
FORCEINLINE
#define FORCEINLINE
Definition: wdftypes.h:67
PsWrapApcWow64Thread
NTSTATUS NTAPI PsWrapApcWow64Thread(IN OUT PVOID *ApcContext, IN OUT PVOID *ApcRoutine)
Definition: thread.c:932
_Out_opt_
#define _Out_opt_
Definition: ms_sal.h:346
PULONG
unsigned int * PULONG
Definition: retypes.h:1
_LARGE_INTEGER
Definition: typedefs.h:102
PsDereferencePrimaryToken
VOID NTAPI PsDereferencePrimaryToken(IN PACCESS_TOKEN PrimaryToken)
Definition: security.c:902
PsGetThreadId
NTKERNELAPI HANDLE NTAPI PsGetThreadId(_In_ PETHREAD Thread)
OUT
#define OUT
Definition: typedefs.h:40
PoolType
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ _Strict_type_match_ POOL_TYPE PoolType
Definition: wdfdevice.h:3810
ULONG
unsigned int ULONG
Definition: retypes.h:1
PsReturnPoolQuota
NTKERNELAPI VOID NTAPI PsReturnPoolQuota(_In_ PEPROCESS Process, _In_ POOL_TYPE PoolType, _In_ SIZE_T Amount)
Returns the pool quota that the process was taking up.
Definition: quota.c:907
PsGetProcessId
HANDLE NTAPI PsGetProcessId(PEPROCESS Process)
Definition: process.c:1063
KeGetCurrentThread
#define KeGetCurrentThread
Definition: hal.h:55
PsIsThreadTerminating
BOOLEAN NTAPI PsIsThreadTerminating(IN PETHREAD Thread)
Definition: thread.c:868
APC_LEVEL
#define APC_LEVEL
Definition: env_spec_w32.h:695
ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40
$if
$if(_WDMDDK_) NTKERNELAPI NTSTATUS NTAPI PsWrapApcWow64Thread(_Inout_ PVOID *ApcContext
Definition: ke.h:1
_NTDDK_
#define _NTDDK_
Definition: ntddk.template.h:26
_IRQL_requires_max_
_IRQL_requires_max_(PASSIVE_LEVEL) NTSYSAPI NTSTATUS NTAPI ZwOpenProcessTokenEx(_In_ HANDLE ProcessHandle
Queries information details about a security descriptor.
Definition: Messaging.c:64
PsSetCreateProcessNotifyRoutine
NTSTATUS NTAPI PsSetCreateProcessNotifyRoutine(IN PCREATE_PROCESS_NOTIFY_ROUTINE NotifyRoutine, IN BOOLEAN Remove)
Definition: psnotify.c:33
ApcRoutine
_Inout_ PVOID * ApcRoutine
Definition: psfuncs.h:11
ClientId
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _In_opt_ PCLIENT_ID ClientId
Definition: psfuncs.h:40
PsChargePoolQuota
NTKERNELAPI VOID NTAPI PsChargePoolQuota(_In_ PEPROCESS Process, _In_ POOL_TYPE PoolType, _In_ SIZE_T Amount)
Charges the pool quota of a given process. The kind of pool quota to charge is determined by the Pool...
Definition: quota.c:775
OPTIONAL
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68
PsDereferenceImpersonationToken
VOID NTAPI PsDereferenceImpersonationToken(IN PACCESS_TOKEN ImpersonationToken)
Definition: security.c:888