#include <ntoskrnl.h>#include <debug.h>
Include dependency graph for query.c:
Go to the source code of this file.
Macros | |
| #define | NDEBUG |
Functions | |
| NTSTATUS NTAPI | PsReferenceProcessFilePointer (IN PEPROCESS Process, OUT PFILE_OBJECT *FileObject) |
| NTSTATUS NTAPI | NtQueryInformationProcess (IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, OUT PVOID ProcessInformation, IN ULONG ProcessInformationLength, OUT PULONG ReturnLength OPTIONAL) |
| NTSTATUS NTAPI | NtSetInformationProcess (IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, IN PVOID ProcessInformation, IN ULONG ProcessInformationLength) |
| NTSTATUS NTAPI | NtSetInformationThread (IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength) |
| NTSTATUS NTAPI | NtQueryInformationThread (IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, OUT PVOID ThreadInformation, IN ULONG ThreadInformationLength, OUT PULONG ReturnLength OPTIONAL) |
Variables | |
| ULONG | PspTraceLevel = 0 |
Macro Definition Documentation
◆ NDEBUG
Function Documentation
◆ NtQueryInformationProcess()
| NTSTATUS NTAPI NtQueryInformationProcess | ( | IN HANDLE | ProcessHandle, |
| IN PROCESSINFOCLASS | ProcessInformationClass, | ||
| OUT PVOID | ProcessInformation, | ||
| IN ULONG | ProcessInformationLength, | ||
| OUT PULONG ReturnLength | OPTIONAL | ||
| ) |
Definition at line 59 of file query.c.
struct _VM_COUNTERS_ * PVM_COUNTERS
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
Definition: ketypes.h:866
Definition: winternl.h:871
NTKERNELAPI VOID FASTCALL ExReleaseRundownProtection(_Inout_ PEX_RUNDOWN_REF RunRef)
Definition: pstypes.h:105
Definition: winternl.h:884
NTSTATUS NTAPI SeLocateProcessImageName(IN PEPROCESS Process, OUT PUNICODE_STRING *ProcessImageName)
Definition: audit.c:122
struct _KERNEL_USER_TIMES KERNEL_USER_TIMES
Definition: winternl.h:394
Definition: ke.h:39
Definition: winternl.h:868
NTSTATUS NTAPI ObQueryDeviceMapInformation(IN PEPROCESS Process, OUT PPROCESS_DEVICEMAP_INFORMATION DeviceMapInfo, IN ULONG Flags)
Definition: pstypes.h:1199
Definition: ketypes.h:11
Definition: winternl.h:396
Definition: winternl.h:875
Definition: winternl.h:857
Definition: winternl.h:1059
Definition: winternl.h:888
SIZE_T QuotaPeakNonPagedPoolUsage
Definition: winternl.h:1612
struct _QUOTA_LIMITS QUOTA_LIMITS
Definition: winternl.h:859
Definition: pstypes.h:358
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:496
VOID NTAPI MmGetImageInformation(OUT PSECTION_IMAGE_INFORMATION ImageInformation)
Definition: section.c:1754
struct _LARGE_INTEGER::@2241 u
Definition: jmorecfg.h:365
ULONG NTAPI ObGetProcessHandleCount(IN PEPROCESS Process)
Definition: obhandle.c:59
Definition: winternl.h:860
Definition: winternl.h:887
struct _QUOTA_LIMITS * PQUOTA_LIMITS
NTSTATUS NTAPI MmGetExecuteOptions(IN PULONG ExecuteOptions)
Definition: pagfault.c:2521
Definition: pstypes.h:82
struct _OBJECT_NAME_INFORMATION OBJECT_NAME_INFORMATION
struct _KERNEL_USER_TIMES * PKERNEL_USER_TIMES
NTSTATUS NTAPI DbgkOpenProcessDebugPort(IN PEPROCESS Process, IN KPROCESSOR_MODE PreviousMode, OUT HANDLE *DebugHandle)
Definition: dbgkobj.c:1526
Definition: winternl.h:892
ULONG_PTR InheritedFromUniqueProcessId
Definition: pstypes.h:340
Definition: winternl.h:401
struct _PROCESS_SESSION_INFORMATION * PPROCESS_SESSION_INFORMATION
Definition: winternl.h:891
VOID NTAPI KeQueryValuesProcess(IN PKPROCESS Process, PPROCESS_VALUES Values)
Definition: procobj.c:522
Definition: lsa.idl:286
struct _SECTION_IMAGE_INFORMATION SECTION_IMAGE_INFORMATION
struct _PROCESS_BASIC_INFORMATION * PPROCESS_BASIC_INFORMATION
Definition: winternl.h:878
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
Definition: winternl.h:1322
Definition: ketypes.h:555
Definition: winternl.h:880
Definition: winternl.h:398
Definition: ketypes.h:867
Definition: winternl.h:874
Definition: winternl.h:870
Definition: winternl.h:858
Definition: env_spec_w32.h:368
Definition: winternl.h:889
struct _PROCESS_PRIORITY_CLASS * PPROCESS_PRIORITY_CLASS
struct _PROCESS_SESSION_INFORMATION PROCESS_SESSION_INFORMATION
ULONG NTAPI KeQueryRuntimeProcess(IN PKPROCESS Process, OUT PULONG UserTime)
Definition: procobj.c:857
Definition: winternl.h:866
struct _IO_COUNTERS IO_COUNTERS
Definition: winternl.h:395
Definition: winternl.h:876
Definition: typedefs.h:101
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
Definition: winternl.h:879
Definition: mmdrv.h:129
Definition: winternl.h:886
ULONG NTAPI PsGetProcessSessionId(IN PEPROCESS Process)
Definition: process.c:1163
Definition: winternl.h:397
struct _PROCESS_BASIC_INFORMATION PROCESS_BASIC_INFORMATION
Definition: nsiface.idl:2306
Definition: winternl.h:1604
Definition: mmtypes.h:330
Definition: pstypes.h:383
struct _PROCESS_PRIORITY_CLASS PROCESS_PRIORITY_CLASS
struct _IO_COUNTERS * PIO_COUNTERS
Definition: pstypes.h:370
Referenced by _main(), BaseInitializeStaticServerData(), CheckRemoteDebuggerPresent(), CON_API_NOCONSOLE(), EmptyWorkingSet(), EnumProcessModules(), FindModule(), get_shiminfo(), GetDriveTypeW(), GetErrorMode(), GetExitCodeProcess(), GetLogicalDrives(), GetPriorityClass(), GetProcessAffinityMask(), GetProcessHandleCount(), GetProcessId(), GetProcessImageFileNameA(), GetProcessImageFileNameW(), GetProcessIoCounters(), GetProcessMemoryInfo(), GetProcessPriorityBoost(), GetProcessTimes(), GetProcessVersion(), GetProcessWorkingSetSizeEx(), GetSourcePaths(), GetWsChanges(), GlobalMemoryStatusEx(), InitFunctionPtrs(), Is64BitSystem(), IsCriticalProcess(), IsWow64Process(), PerfDataGetCommandLine(), PrintProcess(), ProcessIdToSessionId(), PsaEnumerateProcessModules(), QueryFlag(), RtlpQueryRemoteProcessModules(), SmpApiLoop(), SmpCreateVolumeDescriptors(), SmpGetProcessMuSessionId(), Test_ProcessPriorityClassAlignment(), Test_ProcessTimes(), Test_ProcessWx86Information(), UnhandledExceptionFilter(), UserpGetClientFileName(), and Wow64QueryFlag().
◆ NtQueryInformationThread()
| NTSTATUS NTAPI NtQueryInformationThread | ( | IN HANDLE | ThreadHandle, |
| IN THREADINFOCLASS | ThreadInformationClass, | ||
| OUT PVOID | ThreadInformation, | ||
| IN ULONG | ThreadInformationLength, | ||
| OUT PULONG ReturnLength | OPTIONAL | ||
| ) |
Definition at line 2497 of file query.c.
struct _THREAD_BASIC_INFORMATION THREAD_BASIC_INFORMATION
Definition: compat.h:599
Definition: compat.h:593
struct _KERNEL_USER_TIMES KERNEL_USER_TIMES
Definition: ketypes.h:11
_Must_inspect_result_ FORCEINLINE BOOLEAN IsListEmpty(_In_ const LIST_ENTRY *ListHead)
Definition: rtlfuncs.h:57
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
Definition: winternl.h:1059
NTSTATUS NTAPI PspQueryDescriptorThread(IN PETHREAD Thread, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength, OUT PULONG ReturnLength OPTIONAL)
Definition: psldt.c:43
Definition: compat.h:609
Definition: compat.h:604
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:496
Definition: jmorecfg.h:365
struct _KERNEL_USER_TIMES * PKERNEL_USER_TIMES
Definition: pstypes.h:1040
struct _THREAD_BASIC_INFORMATION * PTHREAD_BASIC_INFORMATION
Definition: compat.h:594
Definition: compat.h:613
union _LARGE_INTEGER LARGE_INTEGER
_Requires_lock_held_ Interrupt _Releases_lock_ Interrupt _In_ _IRQL_restores_ KIRQL OldIrql
Definition: kefuncs.h:790
Definition: compat.h:602
Definition: compat.h:605
_In_ THREADINFOCLASS _In_ ULONG ThreadInformationLength
Definition: psfuncs.h:835
Definition: compat.h:583
Definition: nsiface.idl:2306
BOOLEAN NTAPI PsIsThreadTerminating(IN PETHREAD Thread)
Definition: thread.c:868
Definition: compat.h:607
LONG NTAPI KeQueryBasePriorityThread(IN PKTHREAD Thread)
Definition: thrdobj.c:61
Referenced by CreateRemoteThread(), CsrCreateProcess(), CsrCreateRemoteThread(), CsrCreateThread(), CsrInsertThread(), CsrSbCreateSession(), DbgUiConvertStateChangeStructure(), ExitThread(), fetch_thread_info(), GetExitCodeThread(), GetProcessIdOfThread(), GetThreadId(), GetThreadIOPendingFlag(), GetThreadPriority(), GetThreadPriorityBoost(), GetThreadSelectorEntry(), GetThreadTimes(), i386_stack_walk(), init_funcs(), InitFunctionPtrs(), PrintThreads(), RtlFreeUserThreadStack(), RtlpIsIoPending(), SetThreadAffinityMask(), TerminateThread(), and Test_ThreadBasicInformationClass().
◆ NtSetInformationProcess()
| NTSTATUS NTAPI NtSetInformationProcess | ( | IN HANDLE | ProcessHandle, |
| IN PROCESSINFOCLASS | ProcessInformationClass, | ||
| IN PVOID | ProcessInformation, | ||
| IN ULONG | ProcessInformationLength | ||
| ) |
Definition at line 1112 of file query.c.
1576 DPRINT1("Privilege to change priority from %lx to %lx lacking\n", BasePriority, Process->Pcb.BasePriority);
BOOLEAN NTAPI KeSetDisableBoostThread(IN OUT PKTHREAD Thread, IN BOOLEAN Disable)
Definition: thrdobj.c:95
#define LOW_PRIORITY
Definition: winternl.h:864
KAFFINITY NTAPI KeSetAffinityProcess(IN PKPROCESS Process, IN KAFFINITY Affinity)
Definition: procobj.c:265
Definition: pstypes.h:919
Definition: winternl.h:871
BOOLEAN NTAPI KeSetAutoAlignmentProcess(IN PKPROCESS Process, IN BOOLEAN Enable)
Definition: procobj.c:313
NTKERNELAPI VOID FASTCALL ExReleaseRundownProtection(_Inout_ PEX_RUNDOWN_REF RunRef)
BOOLEAN NTAPI KeSetDisableBoostProcess(IN PKPROCESS Process, IN BOOLEAN Disable)
Definition: procobj.c:331
struct _PROCESS_ACCESS_TOKEN * PPROCESS_ACCESS_TOKEN
NTSTATUS NTAPI ObSetDeviceMap(IN PEPROCESS Process, IN HANDLE DirectoryHandle)
Definition: devicemap.c:24
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE Token
Definition: ntifs.template.h:711
Definition: pstypes.h:146
Definition: winternl.h:868
BOOLEAN NTAPI SeSinglePrivilegeCheck(IN LUID PrivilegeValue, IN KPROCESSOR_MODE PreviousMode)
Definition: priv.c:524
Definition: pstypes.h:1199
Definition: winternl.h:862
Definition: winternl.h:875
Definition: winternl.h:857
static __inline NTSTATUS DefaultSetInfoBufferCheck(ULONG Class, const INFORMATION_CLASS_INFO *ClassList, ULONG ClassListEntries, PVOID Buffer, ULONG BufferLength, KPROCESSOR_MODE PreviousMode)
Definition: probe.h:8
Definition: winternl.h:869
Definition: winternl.h:888
NTSTATUS NTAPI PspSetQuotaLimits(_In_ PEPROCESS Process, _In_ ULONG Unused, _In_ PVOID QuotaLimits, _In_ ULONG QuotaLimitsLength, _In_ KPROCESSOR_MODE PreviousMode)
Definition: quota.c:293
VOID NTAPI KeBoostPriorityThread(IN PKTHREAD Thread, IN KPRIORITY Increment)
Definition: thrdobj.c:229
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:496
Definition: jmorecfg.h:365
#define InterlockedCompareExchangePointer
Definition: interlocked.h:129
Definition: winternl.h:887
Definition: winternl.h:877
NTSTATUS NTAPI PspSetPrimaryToken(IN PEPROCESS Process, IN HANDLE TokenHandle OPTIONAL, IN PACCESS_TOKEN Token OPTIONAL)
Definition: security.c:215
Definition: pstypes.h:1040
Definition: pstypes.h:414
#define HIGH_PRIORITY
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
#define PROCESS_PRIORITY_CLASS_ABOVE_NORMAL
Definition: pstypes.h:112
struct _PROCESS_SESSION_INFORMATION * PPROCESS_SESSION_INFORMATION
Definition: pstypes.h:413
struct _PROCESS_FOREGROUND_BACKGROUND * PPROCESS_FOREGROUND_BACKGROUND
_In_ ULONG _In_ ULONG _In_ ULONG _Out_ PKIRQL _Out_ PKAFFINITY Affinity
Definition: halfuncs.h:170
Definition: winternl.h:878
NTSTATUS NTAPI MmSetExecuteOptions(IN ULONG ExecuteOptions)
Definition: pagfault.c:2563
Definition: winternl.h:1322
Definition: winternl.h:872
KPRIORITY NTAPI KeSetPriorityAndQuantumProcess(IN PKPROCESS Process, IN KPRIORITY Priority, IN UCHAR Quantum OPTIONAL)
Definition: procobj.c:349
Definition: typedefs.h:118
Definition: winternl.h:880
Definition: winternl.h:398
VOID NTAPI PsSetProcessPriorityByClass(IN PEPROCESS Process, IN PSPROCESSPRIORITYMODE Type)
Definition: process.c:1325
Definition: winternl.h:874
FORCEINLINE VOID ExAcquirePushLockShared(PEX_PUSH_LOCK PushLock)
Definition: ex.h:1091
Definition: winternl.h:889
struct _PROCESS_PRIORITY_CLASS * PPROCESS_PRIORITY_CLASS
Definition: winternl.h:867
Definition: winternl.h:881
NTSTATUS NTAPI MmSetMemoryPriorityProcess(IN PEPROCESS Process, IN UCHAR MemoryPriority)
Definition: procsup.c:469
Definition: winternl.h:866
Definition: winternl.h:861
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
Definition: winternl.h:879
FORCEINLINE VOID ExReleasePushLockShared(PEX_PUSH_LOCK PushLock)
Definition: ex.h:1199
Definition: mmdrv.h:129
ULONG NTAPI PsGetProcessSessionId(IN PEPROCESS Process)
Definition: process.c:1163
BOOLEAN NTAPI SeCheckPrivilegedObject(IN LUID PrivilegeValue, IN HANDLE ObjectHandle, IN ACCESS_MASK DesiredAccess, IN KPROCESSOR_MODE PreviousMode)
Definition: priv.c:560
Definition: nsiface.idl:2306
Definition: winternl.h:873
Definition: pstypes.h:383
Definition: winternl.h:865
Referenced by _main(), CreateProcessAsUserCommon(), CreateProcessInternalW(), CSR_API(), CsrCreateProcess(), CsrpSetDefaultProcessHardErrorMode(), CsrSbCreateSession(), CsrSetBackgroundPriority(), CsrSetForegroundPriority(), CsrSetToNormalPriority(), CsrSetToShutdownPriority(), EmptyWorkingSet(), InitFunctionPtrs(), InitializeProcessForWsWatch(), LdrpInitializeProcess(), SetErrorMode(), SetPriorityClass(), SetProcessAffinityMask(), SetProcessPriorityBoost(), SetProcessWorkingSetSizeEx(), SmpInit(), SmpSbCreateSession(), SmpSetProcessMuSessionId(), Test_ProcBasePriorityClass(), Test_ProcessWx86InformationClass(), Test_ProcForegroundBackgroundClass(), and Test_ProcRaisePriorityClass().
◆ NtSetInformationThread()
| NTSTATUS NTAPI NtSetInformationThread | ( | IN HANDLE | ThreadHandle, |
| IN THREADINFOCLASS | ThreadInformationClass, | ||
| IN PVOID | ThreadInformation, | ||
| IN ULONG | ThreadInformationLength | ||
| ) |
Definition at line 2014 of file query.c.
BOOLEAN NTAPI KeSetDisableBoostThread(IN OUT PKTHREAD Thread, IN BOOLEAN Disable)
Definition: thrdobj.c:95
#define LOW_PRIORITY
Definition: compat.h:610
FORCEINLINE _Post_maybenull_ _Must_inspect_result_ _In_ SIZE_T _In_ ULONG _In_ EX_POOL_PRIORITY Priority
Definition: exfuncs.h:700
KAFFINITY NTAPI KeSetAffinityThread(IN PKTHREAD Thread, IN KAFFINITY Affinity)
Definition: thrdobj.c:1303
NTKERNELAPI VOID FASTCALL ExReleaseRundownProtection(_Inout_ PEX_RUNDOWN_REF RunRef)
BOOLEAN NTAPI SeSinglePrivilegeCheck(IN LUID PrivilegeValue, IN KPROCESSOR_MODE PreviousMode)
Definition: priv.c:524
LONG NTAPI KeSetBasePriorityThread(IN PKTHREAD Thread, IN LONG Increment)
Definition: thrdobj.c:1184
Definition: pstypes.h:1199
Definition: compat.h:595
static __inline NTSTATUS DefaultSetInfoBufferCheck(ULONG Class, const INFORMATION_CLASS_INFO *ClassList, ULONG ClassListEntries, PVOID Buffer, ULONG BufferLength, KPROCESSOR_MODE PreviousMode)
Definition: probe.h:8
Definition: compat.h:596
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:496
Definition: pstypes.h:1040
#define HIGH_PRIORITY
_In_ ULONG _In_ ULONG _In_ ULONG _Out_ PKIRQL _Out_ PKAFFINITY Affinity
Definition: halfuncs.h:170
Definition: compat.h:598
PETHREAD NTAPI PsGetNextProcessThread(IN PEPROCESS Process, IN PETHREAD Thread OPTIONAL)
Definition: process.c:75
NTSTATUS NTAPI PsAssignImpersonationToken(IN PETHREAD Thread, IN HANDLE TokenHandle)
Definition: security.c:502
Definition: compat.h:602
FORCEINLINE VOID ExAcquirePushLockShared(PEX_PUSH_LOCK PushLock)
Definition: ex.h:1091
Definition: compat.h:493
KPRIORITY NTAPI KeSetPriorityThread(IN PKTHREAD Thread, IN KPRIORITY Priority)
Definition: thrdobj.c:1327
_In_ THREADINFOCLASS _In_ ULONG ThreadInformationLength
Definition: psfuncs.h:835
Definition: compat.h:603
Definition: compat.h:611
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
FORCEINLINE VOID ExReleasePushLockShared(PEX_PUSH_LOCK PushLock)
Definition: ex.h:1199
Definition: compat.h:597
UCHAR NTAPI KeSetIdealProcessorThread(IN PKTHREAD Thread, IN UCHAR Processor)
Definition: thrdobj.c:1075
Definition: compat.h:606
Definition: nsiface.idl:2306
Definition: compat.h:607
Referenced by BaseGetNamedObjectDirectory(), BaseProcessStartup(), CsrRevertToSelf(), ImpersonateLoggedOnUser(), init_funcs(), InitFunctionPtrs(), InitializeDeviceData(), KdpDebugLogInit(), MiInitBalancerThread(), NpGetUserNamep(), RevertToSelf(), RtlpExecuteIoWorkItem(), RtlpExecuteWorkItem(), SetThreadAffinityMask(), SetThreadIdealProcessor(), SetThreadPriority(), SetThreadPriorityBoost(), SetThreadToken(), START_TEST(), Test_ThreadPriorityClass(), and TlsFree().
◆ PsReferenceProcessFilePointer()
| NTSTATUS NTAPI PsReferenceProcessFilePointer | ( | IN PEPROCESS | Process, |
| OUT PFILE_OBJECT * | FileObject | ||
| ) |
Definition at line 24 of file query.c.
PFILE_OBJECT NTAPI MmGetFileObjectForSection(IN PVOID Section)
Definition: section.c:1681
NTKERNELAPI VOID FASTCALL ExReleaseRundownProtection(_Inout_ PEX_RUNDOWN_REF RunRef)
Definition: mmtypes.h:813
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
Definition: nsiface.idl:2306
Referenced by SeLocateProcessImageName().
