ReactOS 0.4.16-dev-1401-gf1332c7
query.c
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS Kernel
3 * LICENSE: GPL - See COPYING in the top level directory
4 * FILE: ntoskrnl/ps/query.c
5 * PURPOSE: Process Manager: Thread/Process Query/Set Information
6 * PROGRAMMERS: Alex Ionescu (alex.ionescu@reactos.org)
7 * Thomas Weidenmueller (w3seek@reactos.org)
8 * Eric Kohl
9 */
10
11/* INCLUDES ******************************************************************/
12
13#include <ntoskrnl.h>
14#define NDEBUG
15#include <debug.h>
16
17/* Debugging Level */
18ULONG PspTraceLevel = 0;
19
20/* PRIVATE FUNCTIONS *********************************************************/
21
22NTSTATUS
23NTAPI
24PsReferenceProcessFilePointer(IN PEPROCESS Process,
25 OUT PFILE_OBJECT *FileObject)
26{
27 PSECTION Section;
28 PAGED_CODE();
29
30 /* Lock the process */
31 if (!ExAcquireRundownProtection(&Process->RundownProtect))
32 {
33 return STATUS_PROCESS_IS_TERMINATING;
34 }
35
36 /* Get the section */
37 Section = Process->SectionObject;
38 if (Section)
39 {
40 /* Get the file object and reference it */
41 *FileObject = MmGetFileObjectForSection((PVOID)Section);
42 ObReferenceObject(*FileObject);
43 }
44
45 /* Release the protection */
46 ExReleaseRundownProtection(&Process->RundownProtect);
47
48 /* Return status */
49 return Section ? STATUS_SUCCESS : STATUS_UNSUCCESSFUL;
50}
51
52/* PUBLIC FUNCTIONS **********************************************************/
53
54/*
55 * @implemented
56 */
57NTSTATUS
58NTAPI
59NtQueryInformationProcess(
60 _In_ HANDLE ProcessHandle,
61 _In_ PROCESSINFOCLASS ProcessInformationClass,
62 _Out_ PVOID ProcessInformation,
63 _In_ ULONG ProcessInformationLength,
64 _Out_opt_ PULONG ReturnLength)
65{
66 PEPROCESS Process;
67 KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
68 NTSTATUS Status;
69 ULONG Length = 0;
70
71 PAGED_CODE();
72
73 /* Verify Information Class validity */
74 Status = DefaultQueryInfoBufferCheck(ProcessInformationClass,
75 PsProcessInfoClass,
76 RTL_NUMBER_OF(PsProcessInfoClass),
77 ICIF_PROBE_READ,
78 ProcessInformation,
79 ProcessInformationLength,
80 ReturnLength,
81 NULL,
82 PreviousMode);
83 if (!NT_SUCCESS(Status))
84 {
85 DPRINT1("NtQueryInformationProcess(): Information verification class failed! (Status -> 0x%lx, ProcessInformationClass -> %lx)\n", Status, ProcessInformationClass);
86 return Status;
87 }
88
89 if (((ProcessInformationClass == ProcessCookie) ||
90 (ProcessInformationClass == ProcessImageInformation)) &&
91 (ProcessHandle != NtCurrentProcess()))
92 {
93 /*
94 * Retrieving the process cookie is only allowed for the calling process
95 * itself! XP only allows NtCurrentProcess() as process handles even if
96 * a real handle actually represents the current process.
97 */
98 return STATUS_INVALID_PARAMETER;
99 }
100
101 /* Check the information class */
102 switch (ProcessInformationClass)
103 {
104 /* Basic process information */
105 case ProcessBasicInformation:
106 {
107 PPROCESS_BASIC_INFORMATION ProcessBasicInfo = (PPROCESS_BASIC_INFORMATION)ProcessInformation;
108
109 if (ProcessInformationLength != sizeof(PROCESS_BASIC_INFORMATION))
110 {
111 Status = STATUS_INFO_LENGTH_MISMATCH;
112 break;
113 }
114
115 /* Set return length */
116 Length = sizeof(PROCESS_BASIC_INFORMATION);
117
118 /* Reference the process */
119 Status = ObReferenceObjectByHandle(ProcessHandle,
120 PROCESS_QUERY_INFORMATION,
121 PsProcessType,
122 PreviousMode,
123 (PVOID*)&Process,
124 NULL);
125 if (!NT_SUCCESS(Status)) break;
126
127 /* Protect writes with SEH */
128 _SEH2_TRY
129 {
130 /* Write all the information from the EPROCESS/KPROCESS */
131 ProcessBasicInfo->ExitStatus = Process->ExitStatus;
132 ProcessBasicInfo->PebBaseAddress = Process->Peb;
133 ProcessBasicInfo->AffinityMask = Process->Pcb.Affinity;
134 ProcessBasicInfo->UniqueProcessId = (ULONG_PTR)Process->
135 UniqueProcessId;
136 ProcessBasicInfo->InheritedFromUniqueProcessId =
137 (ULONG_PTR)Process->InheritedFromUniqueProcessId;
138 ProcessBasicInfo->BasePriority = Process->Pcb.BasePriority;
139
140 }
141 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
142 {
143 /* Get exception code */
144 Status = _SEH2_GetExceptionCode();
145 }
146 _SEH2_END;
147
148 /* Dereference the process */
149 ObDereferenceObject(Process);
150 break;
151 }
152
153 /* Process quota limits */
154 case ProcessQuotaLimits:
155 {
156 QUOTA_LIMITS_EX QuotaLimits;
157 BOOLEAN Extended;
158
159 if (ProcessInformationLength != sizeof(QUOTA_LIMITS) &&
160 ProcessInformationLength != sizeof(QUOTA_LIMITS_EX))
161 {
162 Status = STATUS_INFO_LENGTH_MISMATCH;
163 break;
164 }
165
166 /* Set return length */
167 Length = ProcessInformationLength;
168 Extended = (Length == sizeof(QUOTA_LIMITS_EX));
169
170 /* Reference the process */
171 Status = ObReferenceObjectByHandle(ProcessHandle,
172 PROCESS_QUERY_INFORMATION,
173 PsProcessType,
174 PreviousMode,
175 (PVOID*)&Process,
176 NULL);
177 if (!NT_SUCCESS(Status)) break;
178
179 /* Indicate success */
180 Status = STATUS_SUCCESS;
181
182 RtlZeroMemory(&QuotaLimits, sizeof(QuotaLimits));
183
184 /* Get max/min working set sizes */
185 QuotaLimits.MaximumWorkingSetSize =
186 Process->Vm.MaximumWorkingSetSize << PAGE_SHIFT;
187 QuotaLimits.MinimumWorkingSetSize =
188 Process->Vm.MinimumWorkingSetSize << PAGE_SHIFT;
189
190 /* Get default time limits */
191 QuotaLimits.TimeLimit.QuadPart = -1LL;
192
193 /* Is quota block a default one? */
194 if (Process->QuotaBlock == &PspDefaultQuotaBlock)
195 {
196 /* Get default pools and pagefile limits */
197 QuotaLimits.PagedPoolLimit = (SIZE_T)-1;
198 QuotaLimits.NonPagedPoolLimit = (SIZE_T)-1;
199 QuotaLimits.PagefileLimit = (SIZE_T)-1;
200 }
201 else
202 {
203 /* Get limits from non-default quota block */
204 QuotaLimits.PagedPoolLimit =
205 Process->QuotaBlock->QuotaEntry[PsPagedPool].Limit;
206 QuotaLimits.NonPagedPoolLimit =
207 Process->QuotaBlock->QuotaEntry[PsNonPagedPool].Limit;
208 QuotaLimits.PagefileLimit =
209 Process->QuotaBlock->QuotaEntry[PsPageFile].Limit;
210 }
211
212 /* Get additional information, if needed */
213 if (Extended)
214 {
215 QuotaLimits.Flags |= (Process->Vm.Flags.MaximumWorkingSetHard ?
216 QUOTA_LIMITS_HARDWS_MAX_ENABLE : QUOTA_LIMITS_HARDWS_MAX_DISABLE);
217 QuotaLimits.Flags |= (Process->Vm.Flags.MinimumWorkingSetHard ?
218 QUOTA_LIMITS_HARDWS_MIN_ENABLE : QUOTA_LIMITS_HARDWS_MIN_DISABLE);
219
220 /* FIXME: Get the correct information */
221 //QuotaLimits.WorkingSetLimit = (SIZE_T)-1; // Not used on Win2k3, it is set to 0
222 QuotaLimits.CpuRateLimit.RateData = 0;
223 }
224
225 /* Protect writes with SEH */
226 _SEH2_TRY
227 {
228 RtlCopyMemory(ProcessInformation, &QuotaLimits, Length);
229 }
230 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
231 {
232 /* Get exception code */
233 Status = _SEH2_GetExceptionCode();
234 }
235 _SEH2_END;
236
237 /* Dereference the process */
238 ObDereferenceObject(Process);
239 break;
240 }
241
242 case ProcessIoCounters:
243 {
244 PIO_COUNTERS IoCounters = (PIO_COUNTERS)ProcessInformation;
245 PROCESS_VALUES ProcessValues;
246
247 if (ProcessInformationLength != sizeof(IO_COUNTERS))
248 {
249 Status = STATUS_INFO_LENGTH_MISMATCH;
250 break;
251 }
252
253 Length = sizeof(IO_COUNTERS);
254
255 /* Reference the process */
256 Status = ObReferenceObjectByHandle(ProcessHandle,
257 PROCESS_QUERY_INFORMATION,
258 PsProcessType,
259 PreviousMode,
260 (PVOID*)&Process,
261 NULL);
262 if (!NT_SUCCESS(Status)) break;
263
264 /* Query IO counters from the process */
265 KeQueryValuesProcess(&Process->Pcb, &ProcessValues);
266
267 _SEH2_TRY
268 {
269 RtlCopyMemory(IoCounters, &ProcessValues.IoInfo, sizeof(IO_COUNTERS));
270 }
271 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
272 {
273 /* Ignore exception */
274 }
275 _SEH2_END;
276
277 /* Set status to success in any case */
278 Status = STATUS_SUCCESS;
279
280 /* Dereference the process */
281 ObDereferenceObject(Process);
282 break;
283 }
284
285 /* Timing */
286 case ProcessTimes:
287 {
288 PKERNEL_USER_TIMES ProcessTime = (PKERNEL_USER_TIMES)ProcessInformation;
289 ULONG UserTime, KernelTime;
290
291 /* Set the return length */
292 if (ProcessInformationLength != sizeof(KERNEL_USER_TIMES))
293 {
294 Status = STATUS_INFO_LENGTH_MISMATCH;
295 break;
296 }
297
298 Length = sizeof(KERNEL_USER_TIMES);
299
300 /* Reference the process */
301 Status = ObReferenceObjectByHandle(ProcessHandle,
302 PROCESS_QUERY_INFORMATION,
303 PsProcessType,
304 PreviousMode,
305 (PVOID*)&Process,
306 NULL);
307 if (!NT_SUCCESS(Status)) break;
308
309 /* Protect writes with SEH */
310 _SEH2_TRY
311 {
312 /* Copy time information from EPROCESS/KPROCESS */
313 KernelTime = KeQueryRuntimeProcess(&Process->Pcb, &UserTime);
314 ProcessTime->CreateTime = Process->CreateTime;
315 ProcessTime->UserTime.QuadPart = (LONGLONG)UserTime * KeMaximumIncrement;
316 ProcessTime->KernelTime.QuadPart = (LONGLONG)KernelTime * KeMaximumIncrement;
317 ProcessTime->ExitTime = Process->ExitTime;
318 }
319 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
320 {
321 /* Get exception code */
322 Status = _SEH2_GetExceptionCode();
323 }
324 _SEH2_END;
325
326 /* Dereference the process */
327 ObDereferenceObject(Process);
328 break;
329 }
330
331 /* Process Debug Port */
332 case ProcessDebugPort:
333
334 if (ProcessInformationLength != sizeof(HANDLE))
335 {
336 Status = STATUS_INFO_LENGTH_MISMATCH;
337 break;
338 }
339
340 /* Set return length */
341 Length = sizeof(HANDLE);
342
343 /* Reference the process */
344 Status = ObReferenceObjectByHandle(ProcessHandle,
345 PROCESS_QUERY_INFORMATION,
346 PsProcessType,
347 PreviousMode,
348 (PVOID*)&Process,
349 NULL);
350 if (!NT_SUCCESS(Status)) break;
351
352 /* Protect write with SEH */
353 _SEH2_TRY
354 {
355 /* Return whether or not we have a debug port */
356 *(PHANDLE)ProcessInformation = (Process->DebugPort ?
357 (HANDLE)-1 : NULL);
358 }
359 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
360 {
361 /* Get exception code */
362 Status = _SEH2_GetExceptionCode();
363 }
364 _SEH2_END;
365
366 /* Dereference the process */
367 ObDereferenceObject(Process);
368 break;
369
370 case ProcessHandleCount:
371 {
372 ULONG HandleCount;
373
374 if (ProcessInformationLength != sizeof(ULONG))
375 {
376 Status = STATUS_INFO_LENGTH_MISMATCH;
377 break;
378 }
379
380 /* Set the return length*/
381 Length = sizeof(ULONG);
382
383 /* Reference the process */
384 Status = ObReferenceObjectByHandle(ProcessHandle,
385 PROCESS_QUERY_INFORMATION,
386 PsProcessType,
387 PreviousMode,
388 (PVOID*)&Process,
389 NULL);
390 if (!NT_SUCCESS(Status)) break;
391
392 /* Count the number of handles this process has */
393 HandleCount = ObGetProcessHandleCount(Process);
394
395 /* Protect write in SEH */
396 _SEH2_TRY
397 {
398 /* Return the count of handles */
399 *(PULONG)ProcessInformation = HandleCount;
400 }
401 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
402 {
403 /* Get the exception code */
404 Status = _SEH2_GetExceptionCode();
405 }
406 _SEH2_END;
407
408 /* Dereference the process */
409 ObDereferenceObject(Process);
410 break;
411 }
412
413 /* Session ID for the process */
414 case ProcessSessionInformation:
415 {
416 PPROCESS_SESSION_INFORMATION SessionInfo = (PPROCESS_SESSION_INFORMATION)ProcessInformation;
417
418 if (ProcessInformationLength != sizeof(PROCESS_SESSION_INFORMATION))
419 {
420 Status = STATUS_INFO_LENGTH_MISMATCH;
421 break;
422 }
423
424 /* Set the return length*/
425 Length = sizeof(PROCESS_SESSION_INFORMATION);
426
427 /* Reference the process */
428 Status = ObReferenceObjectByHandle(ProcessHandle,
429 PROCESS_QUERY_INFORMATION,
430 PsProcessType,
431 PreviousMode,
432 (PVOID*)&Process,
433 NULL);
434 if (!NT_SUCCESS(Status)) break;
435
436 /* Enter SEH for write safety */
437 _SEH2_TRY
438 {
439 /* Write back the Session ID */
440 SessionInfo->SessionId = PsGetProcessSessionId(Process);
441 }
442 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
443 {
444 /* Get the exception code */
445 Status = _SEH2_GetExceptionCode();
446 }
447 _SEH2_END;
448
449 /* Dereference the process */
450 ObDereferenceObject(Process);
451 break;
452 }
453
454 /* Virtual Memory Statistics */
455 case ProcessVmCounters:
456 {
457 PVM_COUNTERS VmCounters = (PVM_COUNTERS)ProcessInformation;
458
459 /* Validate the input length */
460 if ((ProcessInformationLength != sizeof(VM_COUNTERS)) &&
461 (ProcessInformationLength != sizeof(VM_COUNTERS_EX)))
462 {
463 Status = STATUS_INFO_LENGTH_MISMATCH;
464 break;
465 }
466
467 /* Reference the process */
468 Status = ObReferenceObjectByHandle(ProcessHandle,
469 PROCESS_QUERY_INFORMATION,
470 PsProcessType,
471 PreviousMode,
472 (PVOID*)&Process,
473 NULL);
474 if (!NT_SUCCESS(Status)) break;
475
476 /* Enter SEH for write safety */
477 _SEH2_TRY
478 {
479 /* Return data from EPROCESS */
480 VmCounters->PeakVirtualSize = Process->PeakVirtualSize;
481 VmCounters->VirtualSize = Process->VirtualSize;
482 VmCounters->PageFaultCount = Process->Vm.PageFaultCount;
483 VmCounters->PeakWorkingSetSize = Process->Vm.PeakWorkingSetSize;
484 VmCounters->WorkingSetSize = Process->Vm.WorkingSetSize;
485 VmCounters->QuotaPeakPagedPoolUsage = Process->QuotaPeak[PsPagedPool];
486 VmCounters->QuotaPagedPoolUsage = Process->QuotaUsage[PsPagedPool];
487 VmCounters->QuotaPeakNonPagedPoolUsage = Process->QuotaPeak[PsNonPagedPool];
488 VmCounters->QuotaNonPagedPoolUsage = Process->QuotaUsage[PsNonPagedPool];
489 VmCounters->PagefileUsage = Process->QuotaUsage[PsPageFile] << PAGE_SHIFT;
490 VmCounters->PeakPagefileUsage = Process->QuotaPeak[PsPageFile] << PAGE_SHIFT;
491 //VmCounters->PrivateUsage = Process->CommitCharge << PAGE_SHIFT;
492 //
493
494 /* Set the return length */
495 Length = ProcessInformationLength;
496 }
497 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
498 {
499 /* Get the exception code */
500 Status = _SEH2_GetExceptionCode();
501 }
502 _SEH2_END;
503
504 /* Dereference the process */
505 ObDereferenceObject(Process);
506 break;
507 }
508
509 /* Hard Error Processing Mode */
510 case ProcessDefaultHardErrorMode:
511
512 if (ProcessInformationLength != sizeof(ULONG))
513 {
514 Status = STATUS_INFO_LENGTH_MISMATCH;
515 break;
516 }
517
518 /* Set the return length*/
519 Length = sizeof(ULONG);
520
521 /* Reference the process */
522 Status = ObReferenceObjectByHandle(ProcessHandle,
523 PROCESS_QUERY_INFORMATION,
524 PsProcessType,
525 PreviousMode,
526 (PVOID*)&Process,
527 NULL);
528 if (!NT_SUCCESS(Status)) break;
529
530 /* Enter SEH for writing back data */
531 _SEH2_TRY
532 {
533 /* Write the current processing mode */
534 *(PULONG)ProcessInformation = Process->
535 DefaultHardErrorProcessing;
536 }
537 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
538 {
539 /* Get the exception code */
540 Status = _SEH2_GetExceptionCode();
541 }
542 _SEH2_END;
543
544 /* Dereference the process */
545 ObDereferenceObject(Process);
546 break;
547
548 /* Priority Boosting status */
549 case ProcessPriorityBoost:
550
551 if (ProcessInformationLength != sizeof(ULONG))
552 {
553 Status = STATUS_INFO_LENGTH_MISMATCH;
554 break;
555 }
556
557 /* Set the return length */
558 Length = sizeof(ULONG);
559
560 /* Reference the process */
561 Status = ObReferenceObjectByHandle(ProcessHandle,
562 PROCESS_QUERY_INFORMATION,
563 PsProcessType,
564 PreviousMode,
565 (PVOID*)&Process,
566 NULL);
567 if (!NT_SUCCESS(Status)) break;
568
569 /* Enter SEH for writing back data */
570 _SEH2_TRY
571 {
572 /* Return boost status */
573 *(PULONG)ProcessInformation = Process->Pcb.DisableBoost ?
574 TRUE : FALSE;
575 }
576 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
577 {
578 /* Get the exception code */
579 Status = _SEH2_GetExceptionCode();
580 }
581 _SEH2_END;
582
583 /* Dereference the process */
584 ObDereferenceObject(Process);
585 break;
586
587 /* DOS Device Map */
588 case ProcessDeviceMap:
589 {
590 ULONG Flags;
591
592 if (ProcessInformationLength == sizeof(PROCESS_DEVICEMAP_INFORMATION_EX))
593 {
594 /* Protect read in SEH */
595 _SEH2_TRY
596 {
597 PPROCESS_DEVICEMAP_INFORMATION_EX DeviceMapEx = ProcessInformation;
598
599 Flags = DeviceMapEx->Flags;
600 }
601 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
602 {
603 /* Get the exception code */
604 Status = _SEH2_GetExceptionCode();
605 _SEH2_YIELD(break);
606 }
607 _SEH2_END;
608
609 /* Only one flag is supported and it needs LUID mappings */
610 if ((Flags & ~PROCESS_LUID_DOSDEVICES_ONLY) != 0 ||
611 !ObIsLUIDDeviceMapsEnabled())
612 {
613 Status = STATUS_INVALID_PARAMETER;
614 break;
615 }
616 }
617 else
618 {
619 /* This has to be the size of the Query union field for x64 compatibility! */
620 if (ProcessInformationLength != RTL_FIELD_SIZE(PROCESS_DEVICEMAP_INFORMATION, Query))
621 {
622 Status = STATUS_INFO_LENGTH_MISMATCH;
623 break;
624 }
625
626 /* No flags for standard call */
627 Flags = 0;
628 }
629
630 /* Set the return length */
631 Length = ProcessInformationLength;
632
633 /* Reference the process */
634 Status = ObReferenceObjectByHandle(ProcessHandle,
635 PROCESS_QUERY_INFORMATION,
636 PsProcessType,
637 PreviousMode,
638 (PVOID*)&Process,
639 NULL);
640 if (!NT_SUCCESS(Status)) break;
641
642 /* Query the device map information */
643 Status = ObQueryDeviceMapInformation(Process,
644 ProcessInformation,
645 Flags);
646
647 /* Dereference the process */
648 ObDereferenceObject(Process);
649 break;
650 }
651
652 /* Priority class */
653 case ProcessPriorityClass:
654 {
655 PPROCESS_PRIORITY_CLASS PsPriorityClass = (PPROCESS_PRIORITY_CLASS)ProcessInformation;
656
657 if (ProcessInformationLength != sizeof(PROCESS_PRIORITY_CLASS))
658 {
659 Status = STATUS_INFO_LENGTH_MISMATCH;
660 break;
661 }
662
663 /* Set the return length*/
664 Length = sizeof(PROCESS_PRIORITY_CLASS);
665
666 /* Reference the process */
667 Status = ObReferenceObjectByHandle(ProcessHandle,
668 PROCESS_QUERY_INFORMATION,
669 PsProcessType,
670 PreviousMode,
671 (PVOID*)&Process,
672 NULL);
673 if (!NT_SUCCESS(Status)) break;
674
675 /* Enter SEH for writing back data */
676 _SEH2_TRY
677 {
678 /* Return current priority class */
679 PsPriorityClass->PriorityClass = Process->PriorityClass;
680 PsPriorityClass->Foreground = FALSE;
681 }
682 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
683 {
684 /* Get the exception code */
685 Status = _SEH2_GetExceptionCode();
686 }
687 _SEH2_END;
688
689 /* Dereference the process */
690 ObDereferenceObject(Process);
691 break;
692 }
693
694 case ProcessImageFileName:
695 {
696 PUNICODE_STRING ImageName;
697
698 /* Reference the process */
699 Status = ObReferenceObjectByHandle(ProcessHandle,
700 PROCESS_QUERY_INFORMATION,
701 PsProcessType,
702 PreviousMode,
703 (PVOID*)&Process,
704 NULL);
705 if (!NT_SUCCESS(Status)) break;
706
707 /* Get the image path */
708 Status = SeLocateProcessImageName(Process, &ImageName);
709 if (NT_SUCCESS(Status))
710 {
711 /* Set return length */
712 Length = ImageName->MaximumLength +
713 sizeof(OBJECT_NAME_INFORMATION);
714
715 /* Make sure it's large enough */
716 if (Length <= ProcessInformationLength)
717 {
718 /* Enter SEH to protect write */
719 _SEH2_TRY
720 {
721 /* Copy it */
722 RtlCopyMemory(ProcessInformation,
723 ImageName,
724 Length);
725
726 /* Update pointer */
727 ((PUNICODE_STRING)ProcessInformation)->Buffer =
728 (PWSTR)((PUNICODE_STRING)ProcessInformation + 1);
729 }
730 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
731 {
732 /* Get the exception code */
733 Status = _SEH2_GetExceptionCode();
734 }
735 _SEH2_END;
736 }
737 else
738 {
739 /* Buffer too small */
740 Status = STATUS_INFO_LENGTH_MISMATCH;
741 }
742
743 /* Free the image path */
744 ExFreePoolWithTag(ImageName, TAG_SEPA);
745 }
746 /* Dereference the process */
747 ObDereferenceObject(Process);
748 break;
749 }
750
751 case ProcessDebugFlags:
752
753 if (ProcessInformationLength != sizeof(ULONG))
754 {
755 Status = STATUS_INFO_LENGTH_MISMATCH;
756 break;
757 }
758
759 /* Set the return length*/
760 Length = sizeof(ULONG);
761
762 /* Reference the process */
763 Status = ObReferenceObjectByHandle(ProcessHandle,
764 PROCESS_QUERY_INFORMATION,
765 PsProcessType,
766 PreviousMode,
767 (PVOID*)&Process,
768 NULL);
769 if (!NT_SUCCESS(Status)) break;
770
771 /* Enter SEH for writing back data */
772 _SEH2_TRY
773 {
774 /* Return the debug flag state */
775 *(PULONG)ProcessInformation = Process->NoDebugInherit ? 0 : 1;
776 }
777 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
778 {
779 /* Get the exception code */
780 Status = _SEH2_GetExceptionCode();
781 }
782 _SEH2_END;
783
784 /* Dereference the process */
785 ObDereferenceObject(Process);
786 break;
787
788 case ProcessBreakOnTermination:
789
790 if (ProcessInformationLength != sizeof(ULONG))
791 {
792 Status = STATUS_INFO_LENGTH_MISMATCH;
793 break;
794 }
795
796 /* Set the return length */
797 Length = sizeof(ULONG);
798
799 /* Reference the process */
800 Status = ObReferenceObjectByHandle(ProcessHandle,
801 PROCESS_QUERY_INFORMATION,
802 PsProcessType,
803 PreviousMode,
804 (PVOID*)&Process,
805 NULL);
806 if (!NT_SUCCESS(Status)) break;
807
808 /* Enter SEH for writing back data */
809 _SEH2_TRY
810 {
811 /* Return the BreakOnTermination state */
812 *(PULONG)ProcessInformation = Process->BreakOnTermination;
813 }
814 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
815 {
816 /* Get the exception code */
817 Status = _SEH2_GetExceptionCode();
818 }
819 _SEH2_END;
820
821 /* Dereference the process */
822 ObDereferenceObject(Process);
823 break;
824
825 /* Per-process security cookie */
826 case ProcessCookie:
827 {
828 ULONG Cookie;
829
830 if (ProcessInformationLength != sizeof(ULONG))
831 {
832 /* Length size wrong, bail out */
833 Status = STATUS_INFO_LENGTH_MISMATCH;
834 break;
835 }
836
837 /* Get the current process and cookie */
838 Process = PsGetCurrentProcess();
839 Cookie = Process->Cookie;
840 if (!Cookie)
841 {
842 LARGE_INTEGER SystemTime;
843 ULONG NewCookie;
844 PKPRCB Prcb;
845
846 /* Generate a new cookie */
847 KeQuerySystemTime(&SystemTime);
848 Prcb = KeGetCurrentPrcb();
849 NewCookie = Prcb->KeSystemCalls ^ Prcb->InterruptTime ^
850 SystemTime.u.LowPart ^ SystemTime.u.HighPart;
851
852 /* Set the new cookie or return the current one */
853 Cookie = InterlockedCompareExchange((LONG*)&Process->Cookie,
854 NewCookie,
855 Cookie);
856 if (!Cookie) Cookie = NewCookie;
857
858 /* Set return length */
859 Length = sizeof(ULONG);
860 }
861
862 /* Indicate success */
863 Status = STATUS_SUCCESS;
864
865 /* Enter SEH to protect write */
866 _SEH2_TRY
867 {
868 /* Write back the cookie */
869 *(PULONG)ProcessInformation = Cookie;
870 }
871 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
872 {
873 /* Get the exception code */
874 Status = _SEH2_GetExceptionCode();
875 }
876 _SEH2_END;
877 break;
878 }
879
880 case ProcessImageInformation:
881
882 if (ProcessInformationLength != sizeof(SECTION_IMAGE_INFORMATION))
883 {
884 /* Break out */
885 Status = STATUS_INFO_LENGTH_MISMATCH;
886 break;
887 }
888
889 /* Set the length required and validate it */
890 Length = sizeof(SECTION_IMAGE_INFORMATION);
891
892 /* Indicate success */
893 Status = STATUS_SUCCESS;
894
895 /* Enter SEH to protect write */
896 _SEH2_TRY
897 {
898 MmGetImageInformation((PSECTION_IMAGE_INFORMATION)ProcessInformation);
899 }
900 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
901 {
902 /* Get the exception code */
903 Status = _SEH2_GetExceptionCode();
904 }
905 _SEH2_END;
906 break;
907
908 case ProcessDebugObjectHandle:
909 {
910 HANDLE DebugPort = NULL;
911
912 if (ProcessInformationLength != sizeof(HANDLE))
913 {
914 Status = STATUS_INFO_LENGTH_MISMATCH;
915 break;
916 }
917
918 /* Set the return length */
919 Length = sizeof(HANDLE);
920
921 /* Reference the process */
922 Status = ObReferenceObjectByHandle(ProcessHandle,
923 PROCESS_QUERY_INFORMATION,
924 PsProcessType,
925 PreviousMode,
926 (PVOID*)&Process,
927 NULL);
928 if (!NT_SUCCESS(Status)) break;
929
930 /* Get the debug port. Continue even if this fails. */
931 Status = DbgkOpenProcessDebugPort(Process, PreviousMode, &DebugPort);
932
933 /* Let go of the process */
934 ObDereferenceObject(Process);
935
936 /* Protect write in SEH */
937 _SEH2_TRY
938 {
939 /* Return debug port's handle */
940 *(PHANDLE)ProcessInformation = DebugPort;
941 }
942 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
943 {
944 if (DebugPort)
945 ObCloseHandle(DebugPort, PreviousMode);
946
947 /* Get the exception code.
948 * Note: This overwrites any previous failure status. */
949 Status = _SEH2_GetExceptionCode();
950 }
951 _SEH2_END;
952 break;
953 }
954
955 case ProcessHandleTracing:
956 DPRINT1("Handle tracing Not implemented: %lx\n", ProcessInformationClass);
957 Status = STATUS_NOT_IMPLEMENTED;
958 break;
959
960 case ProcessLUIDDeviceMapsEnabled:
961
962 if (ProcessInformationLength != sizeof(ULONG))
963 {
964 Status = STATUS_INFO_LENGTH_MISMATCH;
965 break;
966 }
967
968 /* Set the return length */
969 Length = sizeof(ULONG);
970
971 /* Indicate success */
972 Status = STATUS_SUCCESS;
973
974 /* Protect write in SEH */
975 _SEH2_TRY
976 {
977 /* Query Ob */
978 *(PULONG)ProcessInformation = ObIsLUIDDeviceMapsEnabled();
979 }
980 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
981 {
982 /* Get the exception code */
983 Status = _SEH2_GetExceptionCode();
984 }
985 _SEH2_END;
986 break;
987
988 case ProcessWx86Information:
989
990 if (ProcessInformationLength != sizeof(ULONG))
991 {
992 Status = STATUS_INFO_LENGTH_MISMATCH;
993 break;
994 }
995
996 /* Set the return length */
997 Length = sizeof(ULONG);
998
999 /* Reference the process */
1000 Status = ObReferenceObjectByHandle(ProcessHandle,
1001 PROCESS_QUERY_INFORMATION,
1002 PsProcessType,
1003 PreviousMode,
1004 (PVOID*)&Process,
1005 NULL);
1006 if (!NT_SUCCESS(Status)) break;
1007
1008 /* Protect write in SEH */
1009 _SEH2_TRY
1010 {
1011 /* Return if the flag is set */
1012 *(PULONG)ProcessInformation = (ULONG)Process->VdmAllowed;
1013 }
1014 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1015 {
1016 /* Get the exception code */
1017 Status = _SEH2_GetExceptionCode();
1018 }
1019 _SEH2_END;
1020
1021 /* Dereference the process */
1022 ObDereferenceObject(Process);
1023 break;
1024
1025 case ProcessWow64Information:
1026 {
1027 ULONG_PTR Wow64 = 0;
1028
1029 if (ProcessInformationLength != sizeof(ULONG_PTR))
1030 {
1031 Status = STATUS_INFO_LENGTH_MISMATCH;
1032 break;
1033 }
1034
1035 /* Set return length */
1036 Length = sizeof(ULONG_PTR);
1037
1038 /* Reference the process */
1039 Status = ObReferenceObjectByHandle(ProcessHandle,
1040 PROCESS_QUERY_INFORMATION,
1041 PsProcessType,
1042 PreviousMode,
1043 (PVOID*)&Process,
1044 NULL);
1045 if (!NT_SUCCESS(Status)) break;
1046
1047#ifdef _WIN64
1048 /* Make sure the process isn't dying */
1049 if (ExAcquireRundownProtection(&Process->RundownProtect))
1050 {
1051 /* Get the WOW64 process structure */
1052 Wow64 = (ULONG_PTR)Process->Wow64Process;
1053 /* Release the lock */
1054 ExReleaseRundownProtection(&Process->RundownProtect);
1055 }
1056#endif
1057
1058 /* Dereference the process */
1059 ObDereferenceObject(Process);
1060
1061 /* Protect write with SEH */
1062 _SEH2_TRY
1063 {
1064 /* Return the Wow64 process information */
1065 *(PULONG_PTR)ProcessInformation = Wow64;
1066 }
1067 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1068 {
1069 /* Get exception code */
1070 Status = _SEH2_GetExceptionCode();
1071 }
1072 _SEH2_END;
1073 break;
1074 }
1075
1076 case ProcessExecuteFlags:
1077 {
1078 ULONG ExecuteOptions = 0;
1079
1080 if (ProcessInformationLength != sizeof(ULONG))
1081 {
1082 Status = STATUS_INFO_LENGTH_MISMATCH;
1083 break;
1084 }
1085
1086 /* Set return length */
1087 Length = sizeof(ULONG);
1088
1089 if (ProcessHandle != NtCurrentProcess())
1090 {
1091 Status = STATUS_INVALID_PARAMETER;
1092 break;
1093 }
1094
1095 /* Get the options */
1096 Status = MmGetExecuteOptions(&ExecuteOptions);
1097 if (NT_SUCCESS(Status))
1098 {
1099 /* Protect write with SEH */
1100 _SEH2_TRY
1101 {
1102 /* Return them */
1103 *(PULONG)ProcessInformation = ExecuteOptions;
1104 }
1105 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1106 {
1107 /* Get exception code */
1108 Status = _SEH2_GetExceptionCode();
1109 }
1110 _SEH2_END;
1111 }
1112 break;
1113 }
1114
1115 case ProcessLdtInformation:
1116 DPRINT1("VDM/16-bit not implemented: %lx\n", ProcessInformationClass);
1117 Status = STATUS_NOT_IMPLEMENTED;
1118 break;
1119
1120 case ProcessWorkingSetWatch:
1121 DPRINT1("WS Watch Not implemented: %lx\n", ProcessInformationClass);
1122 Status = STATUS_NOT_IMPLEMENTED;
1123 break;
1124
1125 case ProcessPooledUsageAndLimits:
1126 DPRINT1("Pool limits Not implemented: %lx\n", ProcessInformationClass);
1127 Status = STATUS_NOT_IMPLEMENTED;
1128 break;
1129
1130 /* Not supported by Server 2003 */
1131 default:
1132 DPRINT1("Unsupported info class: %lx\n", ProcessInformationClass);
1133 Status = STATUS_INVALID_INFO_CLASS;
1134 }
1135
1136 /* Check if caller wants the return length and if there is one */
1137 if (ReturnLength != NULL && Length != 0)
1138 {
1139 /* Protect write with SEH */
1140 _SEH2_TRY
1141 {
1142 *ReturnLength = Length;
1143 }
1144 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1145 {
1146 /* Get exception code.
1147 * Note: This overwrites any previous failure status. */
1148 Status = _SEH2_GetExceptionCode();
1149 }
1150 _SEH2_END;
1151 }
1152
1153 return Status;
1154}
1155
1156/*
1157 * @implemented
1158 */
1159NTSTATUS
1160NTAPI
1161NtSetInformationProcess(IN HANDLE ProcessHandle,
1162 IN PROCESSINFOCLASS ProcessInformationClass,
1163 IN PVOID ProcessInformation,
1164 IN ULONG ProcessInformationLength)
1165{
1166 PEPROCESS Process;
1167 KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
1168 ACCESS_MASK Access;
1169 NTSTATUS Status;
1170 HANDLE PortHandle = NULL;
1171 HANDLE TokenHandle = NULL;
1172 HANDLE DirectoryHandle = NULL;
1173 PROCESS_SESSION_INFORMATION SessionInfo = {0};
1174 PROCESS_PRIORITY_CLASS PriorityClass = {0};
1175 PROCESS_FOREGROUND_BACKGROUND Foreground = {0};
1176 PVOID ExceptionPort;
1177 ULONG Break;
1178 KAFFINITY ValidAffinity, Affinity = 0;
1179 KPRIORITY BasePriority = 0;
1180 UCHAR MemoryPriority = 0;
1181 BOOLEAN DisableBoost = 0;
1182 ULONG DefaultHardErrorMode = 0;
1183 ULONG DebugFlags = 0, EnableFixup = 0, Boost = 0;
1184 ULONG NoExecute = 0, VdmPower = 0;
1185 BOOLEAN HasPrivilege;
1186 PLIST_ENTRY Next;
1187 PETHREAD Thread;
1188 PAGED_CODE();
1189
1190 /* Verify Information Class validity */
1191 Status = DefaultSetInfoBufferCheck(ProcessInformationClass,
1192 PsProcessInfoClass,
1193 RTL_NUMBER_OF(PsProcessInfoClass),
1194 ProcessInformation,
1195 ProcessInformationLength,
1196 PreviousMode);
1197 if (!NT_SUCCESS(Status))
1198 {
1199 DPRINT1("NtSetInformationProcess(): Information verification class failed! (Status -> 0x%lx, ProcessInformationClass -> %lx)\n", Status, ProcessInformationClass);
1200 return Status;
1201 }
1202
1203 /* Check what class this is */
1204 Access = PROCESS_SET_INFORMATION;
1205 if (ProcessInformationClass == ProcessSessionInformation)
1206 {
1207 /* Setting the Session ID needs a special mask */
1208 Access |= PROCESS_SET_SESSIONID;
1209 }
1210 else if (ProcessInformationClass == ProcessExceptionPort)
1211 {
1212 /* Setting the exception port needs a special mask */
1213 Access |= PROCESS_SUSPEND_RESUME;
1214 }
1215
1216 /* Reference the process */
1217 Status = ObReferenceObjectByHandle(ProcessHandle,
1218 Access,
1219 PsProcessType,
1220 PreviousMode,
1221 (PVOID*)&Process,
1222 NULL);
1223 if (!NT_SUCCESS(Status)) return Status;
1224
1225 /* Check what kind of information class this is */
1226 switch (ProcessInformationClass)
1227 {
1228 case ProcessWx86Information:
1229
1230 /* Check buffer length */
1231 if (ProcessInformationLength != sizeof(ULONG))
1232 {
1233 Status = STATUS_INFO_LENGTH_MISMATCH;
1234 break;
1235 }
1236
1237 /* Use SEH for capture */
1238 _SEH2_TRY
1239 {
1240 /* Capture the boolean */
1241 VdmPower = *(PULONG)ProcessInformation;
1242 }
1243 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1244 {
1245 /* Get the exception code */
1246 Status = _SEH2_GetExceptionCode();
1247 _SEH2_YIELD(break);
1248 }
1249 _SEH2_END;
1250
1251 /* Getting VDM powers requires the SeTcbPrivilege */
1252 if (!SeSinglePrivilegeCheck(SeTcbPrivilege, PreviousMode))
1253 {
1254 /* We don't hold the privilege, bail out */
1255 Status = STATUS_PRIVILEGE_NOT_HELD;
1256 DPRINT1("Need TCB privilege\n");
1257 break;
1258 }
1259
1260 /* Set or clear the flag */
1261 if (VdmPower)
1262 {
1263 PspSetProcessFlag(Process, PSF_VDM_ALLOWED_BIT);
1264 }
1265 else
1266 {
1267 PspClearProcessFlag(Process, PSF_VDM_ALLOWED_BIT);
1268 }
1269 break;
1270
1271 /* Error/Exception Port */
1272 case ProcessExceptionPort:
1273
1274 /* Check buffer length */
1275 if (ProcessInformationLength != sizeof(HANDLE))
1276 {
1277 Status = STATUS_INFO_LENGTH_MISMATCH;
1278 break;
1279 }
1280
1281 /* Use SEH for capture */
1282 _SEH2_TRY
1283 {
1284 /* Capture the handle */
1285 PortHandle = *(PHANDLE)ProcessInformation;
1286 }
1287 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1288 {
1289 /* Get the exception code */
1290 Status = _SEH2_GetExceptionCode();
1291 _SEH2_YIELD(break);
1292 }
1293 _SEH2_END;
1294
1295 /* Setting the error port requires the SeTcbPrivilege */
1296 if (!SeSinglePrivilegeCheck(SeTcbPrivilege, PreviousMode))
1297 {
1298 /* We don't hold the privilege, bail out */
1299 Status = STATUS_PRIVILEGE_NOT_HELD;
1300 break;
1301 }
1302
1303 /* Get the LPC Port */
1304 Status = ObReferenceObjectByHandle(PortHandle,
1305 0,
1306 LpcPortObjectType,
1307 PreviousMode,
1308 (PVOID)&ExceptionPort,
1309 NULL);
1310 if (!NT_SUCCESS(Status)) break;
1311
1312 /* Change the pointer */
1313 if (InterlockedCompareExchangePointer(&Process->ExceptionPort,
1314 ExceptionPort,
1315 NULL))
1316 {
1317 /* We already had one, fail */
1318 ObDereferenceObject(ExceptionPort);
1319 Status = STATUS_PORT_ALREADY_SET;
1320 }
1321 break;
1322
1323 /* Security Token */
1324 case ProcessAccessToken:
1325
1326 /* Check buffer length */
1327 if (ProcessInformationLength != sizeof(PROCESS_ACCESS_TOKEN))
1328 {
1329 Status = STATUS_INFO_LENGTH_MISMATCH;
1330 break;
1331 }
1332
1333 /* Use SEH for capture */
1334 _SEH2_TRY
1335 {
1336 /* Save the token handle */
1337 TokenHandle = ((PPROCESS_ACCESS_TOKEN)ProcessInformation)->
1338 Token;
1339 }
1340 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1341 {
1342 /* Get the exception code */
1343 Status = _SEH2_GetExceptionCode();
1344 _SEH2_YIELD(break);
1345 }
1346 _SEH2_END;
1347
1348 /* Assign the actual token */
1349 Status = PspSetPrimaryToken(Process, TokenHandle, NULL);
1350 break;
1351
1352 /* Hard error processing */
1353 case ProcessDefaultHardErrorMode:
1354
1355 /* Check buffer length */
1356 if (ProcessInformationLength != sizeof(ULONG))
1357 {
1358 Status = STATUS_INFO_LENGTH_MISMATCH;
1359 break;
1360 }
1361
1362 /* Enter SEH for direct buffer read */
1363 _SEH2_TRY
1364 {
1365 DefaultHardErrorMode = *(PULONG)ProcessInformation;
1366 }
1367 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1368 {
1369 /* Get exception code */
1370 Status = _SEH2_GetExceptionCode();
1371 _SEH2_YIELD(break);
1372 }
1373 _SEH2_END;
1374
1375 /* Set the mode */
1376 Process->DefaultHardErrorProcessing = DefaultHardErrorMode;
1377
1378 /* Call Ke for the update */
1379 if (DefaultHardErrorMode & SEM_NOALIGNMENTFAULTEXCEPT)
1380 {
1381 KeSetAutoAlignmentProcess(&Process->Pcb, TRUE);
1382 }
1383 else
1384 {
1385 KeSetAutoAlignmentProcess(&Process->Pcb, FALSE);
1386 }
1387 Status = STATUS_SUCCESS;
1388 break;
1389
1390 /* Session ID */
1391 case ProcessSessionInformation:
1392
1393 /* Check buffer length */
1394 if (ProcessInformationLength != sizeof(PROCESS_SESSION_INFORMATION))
1395 {
1396 Status = STATUS_INFO_LENGTH_MISMATCH;
1397 break;
1398 }
1399
1400 /* Enter SEH for capture */
1401 _SEH2_TRY
1402 {
1403 /* Capture the caller's buffer */
1404 SessionInfo = *(PPROCESS_SESSION_INFORMATION)ProcessInformation;
1405 }
1406 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1407 {
1408 /* Get the exception code */
1409 Status = _SEH2_GetExceptionCode();
1410 _SEH2_YIELD(break);
1411 }
1412 _SEH2_END;
1413
1414 /* Setting the session id requires the SeTcbPrivilege */
1415 if (!SeSinglePrivilegeCheck(SeTcbPrivilege, PreviousMode))
1416 {
1417 /* We don't hold the privilege, bail out */
1418 Status = STATUS_PRIVILEGE_NOT_HELD;
1419 break;
1420 }
1421
1422#if 0 // OLD AND DEPRECATED CODE!!!!
1423
1424 /* FIXME - update the session id for the process token */
1425 //Status = PsLockProcess(Process, FALSE);
1426 if (!NT_SUCCESS(Status)) break;
1427
1428 /* Write the session ID in the EPROCESS */
1429 Process->Session = UlongToPtr(SessionInfo.SessionId); // HACK!!!
1430
1431 /* Check if the process also has a PEB */
1432 if (Process->Peb)
1433 {
1434 /*
1435 * Attach to the process to make sure we're in the right
1436 * context to access the PEB structure
1437 */
1438 KeAttachProcess(&Process->Pcb);
1439
1440 /* Enter SEH for write to user-mode PEB */
1441 _SEH2_TRY
1442 {
1443 /* Write the session ID */
1444 Process->Peb->SessionId = SessionInfo.SessionId;
1445 }
1446 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1447 {
1448 /* Get exception code */
1449 Status = _SEH2_GetExceptionCode();
1450 }
1451 _SEH2_END;
1452
1453 /* Detach from the process */
1454 KeDetachProcess();
1455 }
1456
1457 /* Unlock the process */
1458 //PsUnlockProcess(Process);
1459
1460#endif
1461
1462 /*
1463 * Since we cannot change the session ID of the given
1464 * process anymore because it is set once and for all
1465 * at process creation time and because it is stored
1466 * inside the Process->Session structure managed by MM,
1467 * we fake changing it: we just return success if the
1468 * user-defined value is the same as the session ID of
1469 * the process, and otherwise we fail.
1470 */
1471 if (SessionInfo.SessionId == PsGetProcessSessionId(Process))
1472 {
1473 Status = STATUS_SUCCESS;
1474 }
1475 else
1476 {
1477 Status = STATUS_ACCESS_DENIED;
1478 }
1479
1480 break;
1481
1482 case ProcessPriorityClass:
1483
1484 /* Check buffer length */
1485 if (ProcessInformationLength != sizeof(PROCESS_PRIORITY_CLASS))
1486 {
1487 Status = STATUS_INFO_LENGTH_MISMATCH;
1488 break;
1489 }
1490
1491 /* Enter SEH for capture */
1492 _SEH2_TRY
1493 {
1494 /* Capture the caller's buffer */
1495 PriorityClass = *(PPROCESS_PRIORITY_CLASS)ProcessInformation;
1496 }
1497 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1498 {
1499 /* Return the exception code */
1500 Status = _SEH2_GetExceptionCode();
1501 _SEH2_YIELD(break);
1502 }
1503 _SEH2_END;
1504
1505 /* Check for invalid PriorityClass value */
1506 if (PriorityClass.PriorityClass > PROCESS_PRIORITY_CLASS_ABOVE_NORMAL)
1507 {
1508 Status = STATUS_INVALID_PARAMETER;
1509 break;
1510 }
1511
1512 if ((PriorityClass.PriorityClass != Process->PriorityClass) &&
1513 (PriorityClass.PriorityClass == PROCESS_PRIORITY_CLASS_REALTIME))
1514 {
1515 /* Check the privilege */
1516 HasPrivilege = SeCheckPrivilegedObject(SeIncreaseBasePriorityPrivilege,
1517 ProcessHandle,
1518 PROCESS_SET_INFORMATION,
1519 PreviousMode);
1520 if (!HasPrivilege)
1521 {
1522 ObDereferenceObject(Process);
1523 DPRINT1("Privilege to change priority to realtime lacking\n");
1524 return STATUS_PRIVILEGE_NOT_HELD;
1525 }
1526 }
1527
1528 /* Check if we have a job */
1529 if (Process->Job)
1530 {
1531 DPRINT1("Jobs not yet supported\n");
1532 }
1533
1534 /* Set process priority class */
1535 Process->PriorityClass = PriorityClass.PriorityClass;
1536
1537 /* Set process priority mode (foreground or background) */
1538 PsSetProcessPriorityByClass(Process,
1539 PriorityClass.Foreground ?
1540 PsProcessPriorityForeground :
1541 PsProcessPriorityBackground);
1542 Status = STATUS_SUCCESS;
1543 break;
1544
1545 case ProcessForegroundInformation:
1546
1547 /* Check buffer length */
1548 if (ProcessInformationLength != sizeof(PROCESS_FOREGROUND_BACKGROUND))
1549 {
1550 Status = STATUS_INFO_LENGTH_MISMATCH;
1551 break;
1552 }
1553
1554 /* Enter SEH for capture */
1555 _SEH2_TRY
1556 {
1557 /* Capture the caller's buffer */
1558 Foreground = *(PPROCESS_FOREGROUND_BACKGROUND)ProcessInformation;
1559 }
1560 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1561 {
1562 /* Return the exception code */
1563 Status = _SEH2_GetExceptionCode();
1564 _SEH2_YIELD(break);
1565 }
1566 _SEH2_END;
1567
1568 /* Set process priority mode (foreground or background) */
1569 PsSetProcessPriorityByClass(Process,
1570 Foreground.Foreground ?
1571 PsProcessPriorityForeground :
1572 PsProcessPriorityBackground);
1573 Status = STATUS_SUCCESS;
1574 break;
1575
1576 case ProcessBasePriority:
1577
1578 /* Validate input length */
1579 if (ProcessInformationLength != sizeof(KPRIORITY))
1580 {
1581 Status = STATUS_INFO_LENGTH_MISMATCH;
1582 break;
1583 }
1584
1585 /* Enter SEH for direct buffer read */
1586 _SEH2_TRY
1587 {
1588 BasePriority = *(KPRIORITY*)ProcessInformation;
1589 }
1590 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1591 {
1592 /* Get exception code */
1593 Break = 0;
1594 Status = _SEH2_GetExceptionCode();
1595 _SEH2_YIELD(break);
1596 }
1597 _SEH2_END;
1598
1599 /* Extract the memory priority out of there */
1600 if (BasePriority & 0x80000000)
1601 {
1602 MemoryPriority = MEMORY_PRIORITY_FOREGROUND;
1603 BasePriority &= ~0x80000000;
1604 }
1605 else
1606 {
1607 MemoryPriority = MEMORY_PRIORITY_BACKGROUND;
1608 }
1609
1610 /* Validate the number */
1611 if ((BasePriority > HIGH_PRIORITY) || (BasePriority <= LOW_PRIORITY))
1612 {
1613 ObDereferenceObject(Process);
1614 return STATUS_INVALID_PARAMETER;
1615 }
1616
1617 /* Check if the new base is higher */
1618 if (BasePriority > Process->Pcb.BasePriority)
1619 {
1620 HasPrivilege = SeCheckPrivilegedObject(SeIncreaseBasePriorityPrivilege,
1621 ProcessHandle,
1622 PROCESS_SET_INFORMATION,
1623 PreviousMode);
1624 if (!HasPrivilege)
1625 {
1626 ObDereferenceObject(Process);
1627 DPRINT1("Privilege to change priority from %lx to %lx lacking\n", BasePriority, Process->Pcb.BasePriority);
1628 return STATUS_PRIVILEGE_NOT_HELD;
1629 }
1630 }
1631
1632 /* Call Ke */
1633 KeSetPriorityAndQuantumProcess(&Process->Pcb, BasePriority, 0);
1634
1635 /* Now set the memory priority */
1636 MmSetMemoryPriorityProcess(Process, MemoryPriority);
1637 Status = STATUS_SUCCESS;
1638 break;
1639
1640 case ProcessRaisePriority:
1641
1642 /* Validate input length */
1643 if (ProcessInformationLength != sizeof(ULONG))
1644 {
1645 Status = STATUS_INFO_LENGTH_MISMATCH;
1646 break;
1647 }
1648
1649 /* Enter SEH for direct buffer read */
1650 _SEH2_TRY
1651 {
1652 Boost = *(PULONG)ProcessInformation;
1653 }
1654 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1655 {
1656 /* Get exception code */
1657 Break = 0;
1658 Status = _SEH2_GetExceptionCode();
1659 _SEH2_YIELD(break);
1660 }
1661 _SEH2_END;
1662
1663 /* Make sure the process isn't dying */
1664 if (ExAcquireRundownProtection(&Process->RundownProtect))
1665 {
1666 /* Lock it */
1667 KeEnterCriticalRegion();
1668 ExAcquirePushLockShared(&Process->ProcessLock);
1669
1670 /* Loop the threads */
1671 for (Next = Process->ThreadListHead.Flink;
1672 Next != &Process->ThreadListHead;
1673 Next = Next->Flink)
1674 {
1675 /* Call Ke for the thread */
1676 Thread = CONTAINING_RECORD(Next, ETHREAD, ThreadListEntry);
1677 KeBoostPriorityThread(&Thread->Tcb, Boost);
1678 }
1679
1680 /* Release the lock and rundown */
1681 ExReleasePushLockShared(&Process->ProcessLock);
1682 KeLeaveCriticalRegion();
1683 ExReleaseRundownProtection(&Process->RundownProtect);
1684
1685 /* Set success code */
1686 Status = STATUS_SUCCESS;
1687 }
1688 else
1689 {
1690 /* Avoid race conditions */
1691 Status = STATUS_PROCESS_IS_TERMINATING;
1692 }
1693 break;
1694
1695 case ProcessBreakOnTermination:
1696
1697 /* Check buffer length */
1698 if (ProcessInformationLength != sizeof(ULONG))
1699 {
1700 Status = STATUS_INFO_LENGTH_MISMATCH;
1701 break;
1702 }
1703
1704 /* Enter SEH for direct buffer read */
1705 _SEH2_TRY
1706 {
1707 Break = *(PULONG)ProcessInformation;
1708 }
1709 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1710 {
1711 /* Get exception code */
1712 Break = 0;
1713 Status = _SEH2_GetExceptionCode();
1714 _SEH2_YIELD(break);
1715 }
1716 _SEH2_END;
1717
1718 /* Setting 'break on termination' requires the SeDebugPrivilege */
1719 if (!SeSinglePrivilegeCheck(SeDebugPrivilege, PreviousMode))
1720 {
1721 /* We don't hold the privilege, bail out */
1722 Status = STATUS_PRIVILEGE_NOT_HELD;
1723 break;
1724 }
1725
1726 /* Set or clear the flag */
1727 if (Break)
1728 {
1729 PspSetProcessFlag(Process, PSF_BREAK_ON_TERMINATION_BIT);
1730 }
1731 else
1732 {
1733 PspClearProcessFlag(Process, PSF_BREAK_ON_TERMINATION_BIT);
1734 }
1735
1736 break;
1737
1738 case ProcessAffinityMask:
1739
1740 /* Check buffer length */
1741 if (ProcessInformationLength != sizeof(KAFFINITY))
1742 {
1743 Status = STATUS_INFO_LENGTH_MISMATCH;
1744 break;
1745 }
1746
1747 /* Enter SEH for direct buffer read */
1748 _SEH2_TRY
1749 {
1750 Affinity = *(PKAFFINITY)ProcessInformation;
1751 }
1752 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1753 {
1754 /* Get exception code */
1755 Break = 0;
1756 Status = _SEH2_GetExceptionCode();
1757 _SEH2_YIELD(break);
1758 }
1759 _SEH2_END;
1760
1761 /* Make sure it's valid for the CPUs present */
1762 ValidAffinity = Affinity & KeActiveProcessors;
1763 if (!Affinity || (ValidAffinity != Affinity))
1764 {
1765 Status = STATUS_INVALID_PARAMETER;
1766 break;
1767 }
1768
1769 /* Check if it's within job affinity limits */
1770 if (Process->Job)
1771 {
1772 /* Not yet implemented */
1773 UNIMPLEMENTED;
1774 Status = STATUS_NOT_IMPLEMENTED;
1775 break;
1776 }
1777
1778 /* Make sure the process isn't dying */
1779 if (ExAcquireRundownProtection(&Process->RundownProtect))
1780 {
1781 /* Lock it */
1782 KeEnterCriticalRegion();
1783 ExAcquirePushLockShared(&Process->ProcessLock);
1784
1785 /* Call Ke to do the work */
1786 KeSetAffinityProcess(&Process->Pcb, ValidAffinity);
1787
1788 /* Release the lock and rundown */
1789 ExReleasePushLockShared(&Process->ProcessLock);
1790 KeLeaveCriticalRegion();
1791 ExReleaseRundownProtection(&Process->RundownProtect);
1792
1793 /* Set success code */
1794 Status = STATUS_SUCCESS;
1795 }
1796 else
1797 {
1798 /* Avoid race conditions */
1799 Status = STATUS_PROCESS_IS_TERMINATING;
1800 }
1801 break;
1802
1803 /* Priority Boosting status */
1804 case ProcessPriorityBoost:
1805
1806 /* Validate input length */
1807 if (ProcessInformationLength != sizeof(ULONG))
1808 {
1809 Status = STATUS_INFO_LENGTH_MISMATCH;
1810 break;
1811 }
1812
1813 /* Enter SEH for direct buffer read */
1814 _SEH2_TRY
1815 {
1816 DisableBoost = *(PBOOLEAN)ProcessInformation;
1817 }
1818 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1819 {
1820 /* Get exception code */
1821 Break = 0;
1822 Status = _SEH2_GetExceptionCode();
1823 _SEH2_YIELD(break);
1824 }
1825 _SEH2_END;
1826
1827 /* Make sure the process isn't dying */
1828 if (ExAcquireRundownProtection(&Process->RundownProtect))
1829 {
1830 /* Lock it */
1831 KeEnterCriticalRegion();
1832 ExAcquirePushLockShared(&Process->ProcessLock);
1833
1834 /* Call Ke to do the work */
1835 KeSetDisableBoostProcess(&Process->Pcb, DisableBoost);
1836
1837 /* Loop the threads too */
1838 for (Next = Process->ThreadListHead.Flink;
1839 Next != &Process->ThreadListHead;
1840 Next = Next->Flink)
1841 {
1842 /* Call Ke for the thread */
1843 Thread = CONTAINING_RECORD(Next, ETHREAD, ThreadListEntry);
1844 KeSetDisableBoostThread(&Thread->Tcb, DisableBoost);
1845 }
1846
1847 /* Release the lock and rundown */
1848 ExReleasePushLockShared(&Process->ProcessLock);
1849 KeLeaveCriticalRegion();
1850 ExReleaseRundownProtection(&Process->RundownProtect);
1851
1852 /* Set success code */
1853 Status = STATUS_SUCCESS;
1854 }
1855 else
1856 {
1857 /* Avoid race conditions */
1858 Status = STATUS_PROCESS_IS_TERMINATING;
1859 }
1860 break;
1861
1862 case ProcessDebugFlags:
1863
1864 /* Check buffer length */
1865 if (ProcessInformationLength != sizeof(ULONG))
1866 {
1867 Status = STATUS_INFO_LENGTH_MISMATCH;
1868 break;
1869 }
1870
1871 /* Enter SEH for direct buffer read */
1872 _SEH2_TRY
1873 {
1874 DebugFlags = *(PULONG)ProcessInformation;
1875 }
1876 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1877 {
1878 /* Get exception code */
1879 Status = _SEH2_GetExceptionCode();
1880 _SEH2_YIELD(break);
1881 }
1882 _SEH2_END;
1883
1884 /* Set the mode */
1885 if (DebugFlags & ~1)
1886 {
1887 Status = STATUS_INVALID_PARAMETER;
1888 }
1889 else
1890 {
1891 if (DebugFlags & 1)
1892 {
1893 PspClearProcessFlag(Process, PSF_NO_DEBUG_INHERIT_BIT);
1894 }
1895 else
1896 {
1897 PspSetProcessFlag(Process, PSF_NO_DEBUG_INHERIT_BIT);
1898 }
1899 }
1900
1901 /* Done */
1902 Status = STATUS_SUCCESS;
1903 break;
1904
1905 case ProcessEnableAlignmentFaultFixup:
1906
1907 /* Check buffer length */
1908 if (ProcessInformationLength != sizeof(BOOLEAN))
1909 {
1910 Status = STATUS_INFO_LENGTH_MISMATCH;
1911 break;
1912 }
1913
1914 /* Enter SEH for direct buffer read */
1915 _SEH2_TRY
1916 {
1917 EnableFixup = *(PULONG)ProcessInformation;
1918 }
1919 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1920 {
1921 /* Get exception code */
1922 Status = _SEH2_GetExceptionCode();
1923 _SEH2_YIELD(break);
1924 }
1925 _SEH2_END;
1926
1927 /* Set the mode */
1928 if (EnableFixup)
1929 {
1930 Process->DefaultHardErrorProcessing |= SEM_NOALIGNMENTFAULTEXCEPT;
1931 }
1932 else
1933 {
1934 Process->DefaultHardErrorProcessing &= ~SEM_NOALIGNMENTFAULTEXCEPT;
1935 }
1936
1937 /* Call Ke for the update */
1938 KeSetAutoAlignmentProcess(&Process->Pcb, FALSE);
1939 Status = STATUS_SUCCESS;
1940 break;
1941
1942 case ProcessUserModeIOPL:
1943
1944 /* Only TCB can do this */
1945 if (!SeSinglePrivilegeCheck(SeTcbPrivilege, PreviousMode))
1946 {
1947 /* We don't hold the privilege, bail out */
1948 DPRINT1("Need TCB to set IOPL\n");
1949 Status = STATUS_PRIVILEGE_NOT_HELD;
1950 break;
1951 }
1952
1953 /* Only supported on x86 */
1954#if defined (_X86_)
1955 Ke386SetIOPL();
1956#elif defined(_M_AMD64)
1957 /* On x64 this function isn't implemented.
1958 On Windows 2003 it returns success.
1959 On Vista+ it returns STATUS_NOT_IMPLEMENTED. */
1960 if ((ExGetPreviousMode() != KernelMode) &&
1961 (RtlRosGetAppcompatVersion() > _WIN32_WINNT_WS03))
1962 {
1963 Status = STATUS_NOT_IMPLEMENTED;
1964 }
1965#else
1966 Status = STATUS_NOT_IMPLEMENTED;
1967#endif
1968 /* Done */
1969 break;
1970
1971 case ProcessExecuteFlags:
1972
1973 /* Check buffer length */
1974 if (ProcessInformationLength != sizeof(ULONG))
1975 {
1976 Status = STATUS_INFO_LENGTH_MISMATCH;
1977 break;
1978 }
1979
1980 if (ProcessHandle != NtCurrentProcess())
1981 {
1982 Status = STATUS_INVALID_PARAMETER;
1983 break;
1984 }
1985
1986 /* Enter SEH for direct buffer read */
1987 _SEH2_TRY
1988 {
1989 NoExecute = *(PULONG)ProcessInformation;
1990 }
1991 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1992 {
1993 /* Get exception code */
1994 Status = _SEH2_GetExceptionCode();
1995 _SEH2_YIELD(break);
1996 }
1997 _SEH2_END;
1998
1999 /* Call Mm for the update */
2000 Status = MmSetExecuteOptions(NoExecute);
2001 break;
2002
2003 case ProcessDeviceMap:
2004
2005 /* Check buffer length */
2006 if (ProcessInformationLength != sizeof(HANDLE))
2007 {
2008 Status = STATUS_INFO_LENGTH_MISMATCH;
2009 break;
2010 }
2011
2012 /* Use SEH for capture */
2013 _SEH2_TRY
2014 {
2015 /* Capture the handle */
2016 DirectoryHandle = *(PHANDLE)ProcessInformation;
2017 }
2018 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2019 {
2020 /* Get the exception code */
2021 Status = _SEH2_GetExceptionCode();
2022 _SEH2_YIELD(break);
2023 }
2024 _SEH2_END;
2025
2026 /* Call Ob to set the device map */
2027 Status = ObSetDeviceMap(Process, DirectoryHandle);
2028 break;
2029
2030
2031 /* We currently don't implement any of these */
2032 case ProcessLdtInformation:
2033 case ProcessLdtSize:
2034 case ProcessIoPortHandlers:
2035 DPRINT1("VDM/16-bit Request not implemented: %lx\n", ProcessInformationClass);
2036 Status = STATUS_NOT_IMPLEMENTED;
2037 break;
2038
2039 case ProcessQuotaLimits:
2040
2041 Status = PspSetQuotaLimits(Process,
2042 1,
2043 ProcessInformation,
2044 ProcessInformationLength,
2045 PreviousMode);
2046 break;
2047
2048 case ProcessWorkingSetWatch:
2049 DPRINT1("WS watch not implemented\n");
2050 Status = STATUS_NOT_IMPLEMENTED;
2051 break;
2052
2053 case ProcessHandleTracing:
2054 DPRINT1("Handle tracing not implemented\n");
2055 Status = STATUS_NOT_IMPLEMENTED;
2056 break;
2057
2058 /* Anything else is invalid */
2059 default:
2060 DPRINT1("Invalid Server 2003 Info Class: %lx\n", ProcessInformationClass);
2061 Status = STATUS_INVALID_INFO_CLASS;
2062 }
2063
2064 /* Dereference and return status */
2065 ObDereferenceObject(Process);
2066 return Status;
2067}
2068
2069/*
2070 * @implemented
2071 */
2072NTSTATUS
2073NTAPI
2074NtSetInformationThread(IN HANDLE ThreadHandle,
2075 IN THREADINFOCLASS ThreadInformationClass,
2076 IN PVOID ThreadInformation,
2077 IN ULONG ThreadInformationLength)
2078{
2079 PETHREAD Thread;
2080 KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
2081 NTSTATUS Status;
2082 HANDLE TokenHandle = NULL;
2083 KPRIORITY Priority = 0;
2084 KAFFINITY Affinity = 0, CombinedAffinity;
2085 PVOID Address = NULL;
2086 PEPROCESS Process;
2087 ULONG_PTR DisableBoost = 0;
2088 ULONG_PTR IdealProcessor = 0;
2089 ULONG_PTR Break = 0;
2090 PTEB Teb;
2091 ULONG_PTR TlsIndex = 0;
2092 PVOID *ExpansionSlots;
2093 PETHREAD ProcThread;
2094 BOOLEAN HasPrivilege;
2095 PAGED_CODE();
2096
2097 /* Verify Information Class validity */
2098 Status = DefaultSetInfoBufferCheck(ThreadInformationClass,
2099 PsThreadInfoClass,
2100 RTL_NUMBER_OF(PsThreadInfoClass),
2101 ThreadInformation,
2102 ThreadInformationLength,
2103 PreviousMode);
2104 if (!NT_SUCCESS(Status))
2105 {
2106 DPRINT1("NtSetInformationThread(): Information verification class failed! (Status -> 0x%lx, ThreadInformationClass -> %lx)\n", Status, ThreadInformationClass);
2107 return Status;
2108 }
2109
2110 /* Check what kind of information class this is */
2111 switch (ThreadInformationClass)
2112 {
2113 /* Thread priority */
2114 case ThreadPriority:
2115
2116 /* Check buffer length */
2117 if (ThreadInformationLength != sizeof(KPRIORITY))
2118 {
2119 Status = STATUS_INFO_LENGTH_MISMATCH;
2120 break;
2121 }
2122
2123 /* Use SEH for capture */
2124 _SEH2_TRY
2125 {
2126 /* Get the priority */
2127 Priority = *(PLONG)ThreadInformation;
2128 }
2129 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2130 {
2131 /* Get the exception code */
2132 Status = _SEH2_GetExceptionCode();
2133 _SEH2_YIELD(break);
2134 }
2135 _SEH2_END;
2136
2137 /* Validate it */
2138 if ((Priority > HIGH_PRIORITY) ||
2139 (Priority <= LOW_PRIORITY))
2140 {
2141 /* Fail */
2142 Status = STATUS_INVALID_PARAMETER;
2143 break;
2144 }
2145
2146 /* Check for the required privilege */
2147 if (Priority >= LOW_REALTIME_PRIORITY)
2148 {
2149 HasPrivilege = SeCheckPrivilegedObject(SeIncreaseBasePriorityPrivilege,
2150 ThreadHandle,
2151 THREAD_SET_INFORMATION,
2152 PreviousMode);
2153 if (!HasPrivilege)
2154 {
2155 DPRINT1("Privilege to change priority to %lx lacking\n", Priority);
2156 return STATUS_PRIVILEGE_NOT_HELD;
2157 }
2158 }
2159
2160 /* Reference the thread */
2161 Status = ObReferenceObjectByHandle(ThreadHandle,
2162 THREAD_SET_INFORMATION,
2163 PsThreadType,
2164 PreviousMode,
2165 (PVOID*)&Thread,
2166 NULL);
2167 if (!NT_SUCCESS(Status))
2168 break;
2169
2170 /* Set the priority */
2171 KeSetPriorityThread(&Thread->Tcb, Priority);
2172
2173 /* Dereference the thread */
2174 ObDereferenceObject(Thread);
2175 break;
2176
2177 case ThreadBasePriority:
2178
2179 /* Check buffer length */
2180 if (ThreadInformationLength != sizeof(LONG))
2181 {
2182 Status = STATUS_INFO_LENGTH_MISMATCH;
2183 break;
2184 }
2185
2186 /* Use SEH for capture */
2187 _SEH2_TRY
2188 {
2189 /* Get the priority */
2190 Priority = *(PLONG)ThreadInformation;
2191 }
2192 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2193 {
2194 /* Get the exception code */
2195 Status = _SEH2_GetExceptionCode();
2196 _SEH2_YIELD(break);
2197 }
2198 _SEH2_END;
2199
2200 /* Validate it */
2201 if ((Priority > THREAD_BASE_PRIORITY_MAX) ||
2202 (Priority < THREAD_BASE_PRIORITY_MIN))
2203 {
2204 /* These ones are OK */
2205 if ((Priority != THREAD_BASE_PRIORITY_LOWRT + 1) &&
2206 (Priority != THREAD_BASE_PRIORITY_IDLE - 1))
2207 {
2208 /* Check if the process is real time */
2209 if (PsGetCurrentProcess()->PriorityClass !=
2210 PROCESS_PRIORITY_CLASS_REALTIME)
2211 {
2212 /* It isn't, fail */
2213 Status = STATUS_INVALID_PARAMETER;
2214 break;
2215 }
2216 }
2217 }
2218
2219 /* Reference the thread */
2220 Status = ObReferenceObjectByHandle(ThreadHandle,
2221 THREAD_SET_INFORMATION,
2222 PsThreadType,
2223 PreviousMode,
2224 (PVOID*)&Thread,
2225 NULL);
2226 if (!NT_SUCCESS(Status))
2227 break;
2228
2229 /* Set the base priority */
2230 KeSetBasePriorityThread(&Thread->Tcb, Priority);
2231
2232 /* Dereference the thread */
2233 ObDereferenceObject(Thread);
2234 break;
2235
2236 case ThreadAffinityMask:
2237
2238 /* Check buffer length */
2239 if (ThreadInformationLength != sizeof(ULONG_PTR))
2240 {
2241 Status = STATUS_INFO_LENGTH_MISMATCH;
2242 break;
2243 }
2244
2245 /* Use SEH for capture */
2246 _SEH2_TRY
2247 {
2248 /* Get the priority */
2249 Affinity = *(PULONG_PTR)ThreadInformation;
2250 }
2251 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2252 {
2253 /* Get the exception code */
2254 Status = _SEH2_GetExceptionCode();
2255 _SEH2_YIELD(break);
2256 }
2257 _SEH2_END;
2258
2259 /* Validate it */
2260 if (!Affinity)
2261 {
2262 /* Fail */
2263 Status = STATUS_INVALID_PARAMETER;
2264 break;
2265 }
2266
2267 /* Reference the thread */
2268 Status = ObReferenceObjectByHandle(ThreadHandle,
2269 THREAD_SET_INFORMATION,
2270 PsThreadType,
2271 PreviousMode,
2272 (PVOID*)&Thread,
2273 NULL);
2274 if (!NT_SUCCESS(Status))
2275 break;
2276
2277 /* Get the process */
2278 Process = Thread->ThreadsProcess;
2279
2280 /* Try to acquire rundown */
2281 if (ExAcquireRundownProtection(&Process->RundownProtect))
2282 {
2283 /* Lock it */
2284 KeEnterCriticalRegion();
2285 ExAcquirePushLockShared(&Process->ProcessLock);
2286
2287 /* Combine masks */
2288 CombinedAffinity = Affinity & Process->Pcb.Affinity;
2289 if (CombinedAffinity != Affinity)
2290 {
2291 /* Fail */
2292 Status = STATUS_INVALID_PARAMETER;
2293 }
2294 else
2295 {
2296 /* Set the affinity */
2297 KeSetAffinityThread(&Thread->Tcb, CombinedAffinity);
2298 }
2299
2300 /* Release the lock and rundown */
2301 ExReleasePushLockShared(&Process->ProcessLock);
2302 KeLeaveCriticalRegion();
2303 ExReleaseRundownProtection(&Process->RundownProtect);
2304 }
2305 else
2306 {
2307 /* Too late */
2308 Status = STATUS_PROCESS_IS_TERMINATING;
2309 }
2310
2311 /* Dereference the thread */
2312 ObDereferenceObject(Thread);
2313 break;
2314
2315 case ThreadImpersonationToken:
2316
2317 /* Check buffer length */
2318 if (ThreadInformationLength != sizeof(HANDLE))
2319 {
2320 Status = STATUS_INFO_LENGTH_MISMATCH;
2321 break;
2322 }
2323
2324 /* Use SEH for capture */
2325 _SEH2_TRY
2326 {
2327 /* Save the token handle */
2328 TokenHandle = *(PHANDLE)ThreadInformation;
2329 }
2330 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2331 {
2332 /* Get the exception code */
2333 Status = _SEH2_GetExceptionCode();
2334 _SEH2_YIELD(break);
2335 }
2336 _SEH2_END;
2337
2338 /* Reference the thread */
2339 Status = ObReferenceObjectByHandle(ThreadHandle,
2340 THREAD_SET_THREAD_TOKEN,
2341 PsThreadType,
2342 PreviousMode,
2343 (PVOID*)&Thread,
2344 NULL);
2345 if (!NT_SUCCESS(Status))
2346 break;
2347
2348 /* Assign the actual token */
2349 Status = PsAssignImpersonationToken(Thread, TokenHandle);
2350
2351 /* Dereference the thread */
2352 ObDereferenceObject(Thread);
2353 break;
2354
2355 case ThreadQuerySetWin32StartAddress:
2356
2357 /* Check buffer length */
2358 if (ThreadInformationLength != sizeof(ULONG_PTR))
2359 {
2360 Status = STATUS_INFO_LENGTH_MISMATCH;
2361 break;
2362 }
2363
2364 /* Use SEH for capture */
2365 _SEH2_TRY
2366 {
2367 /* Get the priority */
2368 Address = *(PVOID*)ThreadInformation;
2369 }
2370 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2371 {
2372 /* Get the exception code */
2373 Status = _SEH2_GetExceptionCode();
2374 _SEH2_YIELD(break);
2375 }
2376 _SEH2_END;
2377
2378 /* Reference the thread */
2379 Status = ObReferenceObjectByHandle(ThreadHandle,
2380 THREAD_SET_INFORMATION,
2381 PsThreadType,
2382 PreviousMode,
2383 (PVOID*)&Thread,
2384 NULL);
2385 if (!NT_SUCCESS(Status))
2386 break;
2387
2388 /* Set the address */
2389 Thread->Win32StartAddress = Address;
2390
2391 /* Dereference the thread */
2392 ObDereferenceObject(Thread);
2393 break;
2394
2395 case ThreadIdealProcessor:
2396
2397 /* Check buffer length */
2398 if (ThreadInformationLength != sizeof(ULONG_PTR))
2399 {
2400 Status = STATUS_INFO_LENGTH_MISMATCH;
2401 break;
2402 }
2403
2404 /* Use SEH for capture */
2405 _SEH2_TRY
2406 {
2407 /* Get the priority */
2408 IdealProcessor = *(PULONG_PTR)ThreadInformation;
2409 }
2410 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2411 {
2412 /* Get the exception code */
2413 Status = _SEH2_GetExceptionCode();
2414 _SEH2_YIELD(break);
2415 }
2416 _SEH2_END;
2417
2418 /* Validate it */
2419 if (IdealProcessor > MAXIMUM_PROCESSORS)
2420 {
2421 /* Fail */
2422 Status = STATUS_INVALID_PARAMETER;
2423 break;
2424 }
2425
2426 /* Reference the thread */
2427 Status = ObReferenceObjectByHandle(ThreadHandle,
2428 THREAD_SET_INFORMATION,
2429 PsThreadType,
2430 PreviousMode,
2431 (PVOID*)&Thread,
2432 NULL);
2433 if (!NT_SUCCESS(Status))
2434 break;
2435
2436 /* Set the ideal */
2437 Status = KeSetIdealProcessorThread(&Thread->Tcb,
2438 (CCHAR)IdealProcessor);
2439
2440 /* Get the TEB and protect the thread */
2441 Teb = Thread->Tcb.Teb;
2442 if ((Teb) && (ExAcquireRundownProtection(&Thread->RundownProtect)))
2443 {
2444 /* Save the ideal processor */
2445 Teb->IdealProcessor = Thread->Tcb.IdealProcessor;
2446
2447 /* Release rundown protection */
2448 ExReleaseRundownProtection(&Thread->RundownProtect);
2449 }
2450
2451 /* Dereference the thread */
2452 ObDereferenceObject(Thread);
2453 break;
2454
2455 case ThreadPriorityBoost:
2456
2457 /* Check buffer length */
2458 if (ThreadInformationLength != sizeof(ULONG_PTR))
2459 {
2460 Status = STATUS_INFO_LENGTH_MISMATCH;
2461 break;
2462 }
2463
2464 /* Use SEH for capture */
2465 _SEH2_TRY
2466 {
2467 /* Get the priority */
2468 DisableBoost = *(PULONG_PTR)ThreadInformation;
2469 }
2470 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2471 {
2472 /* Get the exception code */
2473 Status = _SEH2_GetExceptionCode();
2474 _SEH2_YIELD(break);
2475 }
2476 _SEH2_END;
2477
2478 /* Reference the thread */
2479 Status = ObReferenceObjectByHandle(ThreadHandle,
2480 THREAD_SET_INFORMATION,
2481 PsThreadType,
2482 PreviousMode,
2483 (PVOID*)&Thread,
2484 NULL);
2485 if (!NT_SUCCESS(Status))
2486 break;
2487
2488 /* Call the kernel */
2489 KeSetDisableBoostThread(&Thread->Tcb, (BOOLEAN)DisableBoost);
2490
2491 /* Dereference the thread */
2492 ObDereferenceObject(Thread);
2493 break;
2494
2495 case ThreadZeroTlsCell:
2496
2497 /* Check buffer length */
2498 if (ThreadInformationLength != sizeof(ULONG))
2499 {
2500 Status = STATUS_INFO_LENGTH_MISMATCH;
2501 break;
2502 }
2503
2504 /* Use SEH for capture */
2505 _SEH2_TRY
2506 {
2507 /* Get the priority */
2508 TlsIndex = *(PULONG)ThreadInformation;
2509 }
2510 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2511 {
2512 /* Get the exception code */
2513 Status = _SEH2_GetExceptionCode();
2514 _SEH2_YIELD(break);
2515 }
2516 _SEH2_END;
2517
2518 /* Reference the thread */
2519 Status = ObReferenceObjectByHandle(ThreadHandle,
2520 THREAD_SET_INFORMATION,
2521 PsThreadType,
2522 PreviousMode,
2523 (PVOID*)&Thread,
2524 NULL);
2525 if (!NT_SUCCESS(Status))
2526 break;
2527
2528 /* This is only valid for the current thread */
2529 if (Thread != PsGetCurrentThread())
2530 {
2531 /* Fail */
2532 Status = STATUS_INVALID_PARAMETER;
2533 ObDereferenceObject(Thread);
2534 break;
2535 }
2536
2537 /* Get the process */
2538 Process = Thread->ThreadsProcess;
2539
2540 /* Loop the threads */
2541 ProcThread = PsGetNextProcessThread(Process, NULL);
2542 while (ProcThread)
2543 {
2544 /* Acquire rundown */
2545 if (ExAcquireRundownProtection(&ProcThread->RundownProtect))
2546 {
2547 /* Get the TEB */
2548 Teb = ProcThread->Tcb.Teb;
2549 if (Teb)
2550 {
2551 /* Check if we're in the expansion range */
2552 if (TlsIndex > TLS_MINIMUM_AVAILABLE - 1)
2553 {
2554 if (TlsIndex < (TLS_MINIMUM_AVAILABLE +
2555 TLS_EXPANSION_SLOTS) - 1)
2556 {
2557 /* Check if we have expansion slots */
2558 ExpansionSlots = Teb->TlsExpansionSlots;
2559 if (ExpansionSlots)
2560 {
2561 /* Clear the index */
2562 ExpansionSlots[TlsIndex - TLS_MINIMUM_AVAILABLE] = 0;
2563 }
2564 }
2565 }
2566 else
2567 {
2568 /* Clear the index */
2569 Teb->TlsSlots[TlsIndex] = NULL;
2570 }
2571 }
2572
2573 /* Release rundown */
2574 ExReleaseRundownProtection(&ProcThread->RundownProtect);
2575 }
2576
2577 /* Go to the next thread */
2578 ProcThread = PsGetNextProcessThread(Process, ProcThread);
2579 }
2580
2581 /* Dereference the thread */
2582 ObDereferenceObject(Thread);
2583 break;
2584
2585 case ThreadBreakOnTermination:
2586
2587 /* Check buffer length */
2588 if (ThreadInformationLength != sizeof(ULONG))
2589 {
2590 Status = STATUS_INFO_LENGTH_MISMATCH;
2591 break;
2592 }
2593
2594 /* Enter SEH for direct buffer read */
2595 _SEH2_TRY
2596 {
2597 Break = *(PULONG)ThreadInformation;
2598 }
2599 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2600 {
2601 /* Get exception code */
2602 Break = 0;
2603 Status = _SEH2_GetExceptionCode();
2604 _SEH2_YIELD(break);
2605 }
2606 _SEH2_END;
2607
2608 /* Setting 'break on termination' requires the SeDebugPrivilege */
2609 if (!SeSinglePrivilegeCheck(SeDebugPrivilege, PreviousMode))
2610 {
2611 /* We don't hold the privilege, bail out */
2612 Status = STATUS_PRIVILEGE_NOT_HELD;
2613 break;
2614 }
2615
2616 /* Reference the thread */
2617 Status = ObReferenceObjectByHandle(ThreadHandle,
2618 THREAD_SET_INFORMATION,
2619 PsThreadType,
2620 PreviousMode,
2621 (PVOID*)&Thread,
2622 NULL);
2623 if (!NT_SUCCESS(Status))
2624 break;
2625
2626 /* Set or clear the flag */
2627 if (Break)
2628 {
2629 PspSetCrossThreadFlag(Thread, CT_BREAK_ON_TERMINATION_BIT);
2630 }
2631 else
2632 {
2633 PspClearCrossThreadFlag(Thread, CT_BREAK_ON_TERMINATION_BIT);
2634 }
2635
2636 /* Dereference the thread */
2637 ObDereferenceObject(Thread);
2638 break;
2639
2640 case ThreadHideFromDebugger:
2641
2642 /* Check buffer length */
2643 if (ThreadInformationLength != 0)
2644 {
2645 Status = STATUS_INFO_LENGTH_MISMATCH;
2646 break;
2647 }
2648
2649 /* Reference the thread */
2650 Status = ObReferenceObjectByHandle(ThreadHandle,
2651 THREAD_SET_INFORMATION,
2652 PsThreadType,
2653 PreviousMode,
2654 (PVOID*)&Thread,
2655 NULL);
2656 if (!NT_SUCCESS(Status))
2657 break;
2658
2659 /* Set the flag */
2660 PspSetCrossThreadFlag(Thread, CT_HIDE_FROM_DEBUGGER_BIT);
2661
2662 /* Dereference the thread */
2663 ObDereferenceObject(Thread);
2664 break;
2665
2666 default:
2667 /* We don't implement it yet */
2668 DPRINT1("Not implemented: %d\n", ThreadInformationClass);
2669 Status = STATUS_NOT_IMPLEMENTED;
2670 }
2671
2672 return Status;
2673}
2674
2675/*
2676 * @implemented
2677 */
2678NTSTATUS
2679NTAPI
2680NtQueryInformationThread(IN HANDLE ThreadHandle,
2681 IN THREADINFOCLASS ThreadInformationClass,
2682 OUT PVOID ThreadInformation,
2683 IN ULONG ThreadInformationLength,
2684 OUT PULONG ReturnLength OPTIONAL)
2685{
2686 PETHREAD Thread;
2687 KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
2688 NTSTATUS Status;
2689 ULONG Access;
2690 ULONG Length = 0;
2691 PTHREAD_BASIC_INFORMATION ThreadBasicInfo =
2692 (PTHREAD_BASIC_INFORMATION)ThreadInformation;
2693 PKERNEL_USER_TIMES ThreadTime = (PKERNEL_USER_TIMES)ThreadInformation;
2694 KIRQL OldIrql;
2695 ULONG ThreadTerminated;
2696 PAGED_CODE();
2697
2698 /* Verify Information Class validity */
2699 Status = DefaultQueryInfoBufferCheck(ThreadInformationClass,
2700 PsThreadInfoClass,
2701 RTL_NUMBER_OF(PsThreadInfoClass),
2702 ICIF_PROBE_READ,
2703 ThreadInformation,
2704 ThreadInformationLength,
2705 ReturnLength,
2706 NULL,
2707 PreviousMode);
2708 if (!NT_SUCCESS(Status))
2709 {
2710 DPRINT1("NtQueryInformationThread(): Information verification class failed! (Status -> 0x%lx , ThreadInformationClass -> %lx)\n", Status, ThreadInformationClass);
2711 return Status;
2712 }
2713
2714 /* Check what class this is */
2715 Access = THREAD_QUERY_INFORMATION;
2716
2717 /* Check what kind of information class this is */
2718 switch (ThreadInformationClass)
2719 {
2720 /* Basic thread information */
2721 case ThreadBasicInformation:
2722
2723 /* Set return length */
2724 Length = sizeof(THREAD_BASIC_INFORMATION);
2725
2726 if (ThreadInformationLength != Length)
2727 {
2728 Status = STATUS_INFO_LENGTH_MISMATCH;
2729 break;
2730 }
2731
2732 /* Reference the process */
2733 Status = ObReferenceObjectByHandle(ThreadHandle,
2734 Access,
2735 PsThreadType,
2736 PreviousMode,
2737 (PVOID*)&Thread,
2738 NULL);
2739 if (!NT_SUCCESS(Status))
2740 break;
2741
2742 /* Protect writes with SEH */
2743 _SEH2_TRY
2744 {
2745 /* Write all the information from the ETHREAD/KTHREAD */
2746 ThreadBasicInfo->ExitStatus = Thread->ExitStatus;
2747 ThreadBasicInfo->TebBaseAddress = (PVOID)Thread->Tcb.Teb;
2748 ThreadBasicInfo->ClientId = Thread->Cid;
2749 ThreadBasicInfo->AffinityMask = Thread->Tcb.Affinity;
2750 ThreadBasicInfo->Priority = Thread->Tcb.Priority;
2751 ThreadBasicInfo->BasePriority = KeQueryBasePriorityThread(&Thread->Tcb);
2752 }
2753 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2754 {
2755 /* Get exception code */
2756 Status = _SEH2_GetExceptionCode();
2757 }
2758 _SEH2_END;
2759
2760 /* Dereference the thread */
2761 ObDereferenceObject(Thread);
2762 break;
2763
2764 /* Thread time information */
2765 case ThreadTimes:
2766
2767 /* Set the return length */
2768 Length = sizeof(KERNEL_USER_TIMES);
2769
2770 if (ThreadInformationLength != Length)
2771 {
2772 Status = STATUS_INFO_LENGTH_MISMATCH;
2773 break;
2774 }
2775
2776 /* Reference the process */
2777 Status = ObReferenceObjectByHandle(ThreadHandle,
2778 Access,
2779 PsThreadType,
2780 PreviousMode,
2781 (PVOID*)&Thread,
2782 NULL);
2783 if (!NT_SUCCESS(Status))
2784 break;
2785
2786 /* Protect writes with SEH */
2787 _SEH2_TRY
2788 {
2789 /* Copy time information from ETHREAD/KTHREAD */
2790 ThreadTime->KernelTime.QuadPart = Thread->Tcb.KernelTime * KeMaximumIncrement;
2791 ThreadTime->UserTime.QuadPart = Thread->Tcb.UserTime * KeMaximumIncrement;
2792 ThreadTime->CreateTime = Thread->CreateTime;
2793
2794 /* Exit time is in a union and only valid on actual exit! */
2795 if (KeReadStateThread(&Thread->Tcb))
2796 {
2797 ThreadTime->ExitTime = Thread->ExitTime;
2798 }
2799 else
2800 {
2801 ThreadTime->ExitTime.QuadPart = 0;
2802 }
2803 }
2804 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2805 {
2806 /* Get exception code */
2807 Status = _SEH2_GetExceptionCode();
2808 }
2809 _SEH2_END;
2810
2811 /* Dereference the thread */
2812 ObDereferenceObject(Thread);
2813 break;
2814
2815 case ThreadQuerySetWin32StartAddress:
2816
2817 /* Set the return length*/
2818 Length = sizeof(PVOID);
2819
2820 if (ThreadInformationLength != Length)
2821 {
2822 Status = STATUS_INFO_LENGTH_MISMATCH;
2823 break;
2824 }
2825
2826 /* Reference the process */
2827 Status = ObReferenceObjectByHandle(ThreadHandle,
2828 Access,
2829 PsThreadType,
2830 PreviousMode,
2831 (PVOID*)&Thread,
2832 NULL);
2833 if (!NT_SUCCESS(Status))
2834 break;
2835
2836 /* Protect write with SEH */
2837 _SEH2_TRY
2838 {
2839 /* Return the Win32 Start Address */
2840 *(PVOID*)ThreadInformation = Thread->Win32StartAddress;
2841 }
2842 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2843 {
2844 /* Get exception code */
2845 Status = _SEH2_GetExceptionCode();
2846 }
2847 _SEH2_END;
2848
2849 /* Dereference the thread */
2850 ObDereferenceObject(Thread);
2851 break;
2852
2853 case ThreadPerformanceCount:
2854
2855 /* Set the return length*/
2856 Length = sizeof(LARGE_INTEGER);
2857
2858 if (ThreadInformationLength != Length)
2859 {
2860 Status = STATUS_INFO_LENGTH_MISMATCH;
2861 break;
2862 }
2863
2864 /* Reference the process */
2865 Status = ObReferenceObjectByHandle(ThreadHandle,
2866 Access,
2867 PsThreadType,
2868 PreviousMode,
2869 (PVOID*)&Thread,
2870 NULL);
2871 if (!NT_SUCCESS(Status))
2872 break;
2873
2874 /* Protect write with SEH */
2875 _SEH2_TRY
2876 {
2877 /* FIXME */
2878 (*(PLARGE_INTEGER)ThreadInformation).QuadPart = 0;
2879 }
2880 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2881 {
2882 /* Get exception code */
2883 Status = _SEH2_GetExceptionCode();
2884 }
2885 _SEH2_END;
2886
2887 /* Dereference the thread */
2888 ObDereferenceObject(Thread);
2889 break;
2890
2891 case ThreadAmILastThread:
2892
2893 /* Set the return length*/
2894 Length = sizeof(ULONG);
2895
2896 if (ThreadInformationLength != Length)
2897 {
2898 Status = STATUS_INFO_LENGTH_MISMATCH;
2899 break;
2900 }
2901
2902 /* Reference the process */
2903 Status = ObReferenceObjectByHandle(ThreadHandle,
2904 Access,
2905 PsThreadType,
2906 PreviousMode,
2907 (PVOID*)&Thread,
2908 NULL);
2909 if (!NT_SUCCESS(Status))
2910 break;
2911
2912 /* Protect write with SEH */
2913 _SEH2_TRY
2914 {
2915 /* Return whether or not we are the last thread */
2916 *(PULONG)ThreadInformation = ((Thread->ThreadsProcess->
2917 ThreadListHead.Flink->Flink ==
2918 &Thread->ThreadsProcess->
2919 ThreadListHead) ?
2920 TRUE : FALSE);
2921 }
2922 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2923 {
2924 /* Get exception code */
2925 Status = _SEH2_GetExceptionCode();
2926 }
2927 _SEH2_END;
2928
2929 /* Dereference the thread */
2930 ObDereferenceObject(Thread);
2931 break;
2932
2933 case ThreadIsIoPending:
2934
2935 /* Set the return length*/
2936 Length = sizeof(ULONG);
2937
2938 if (ThreadInformationLength != Length)
2939 {
2940 Status = STATUS_INFO_LENGTH_MISMATCH;
2941 break;
2942 }
2943
2944 /* Reference the process */
2945 Status = ObReferenceObjectByHandle(ThreadHandle,
2946 Access,
2947 PsThreadType,
2948 PreviousMode,
2949 (PVOID*)&Thread,
2950 NULL);
2951 if (!NT_SUCCESS(Status))
2952 break;
2953
2954 /* Raise the IRQL to protect the IRP list */
2955 KeRaiseIrql(APC_LEVEL, &OldIrql);
2956
2957 /* Protect write with SEH */
2958 _SEH2_TRY
2959 {
2960 /* Check if the IRP list is empty or not */
2961 *(PULONG)ThreadInformation = !IsListEmpty(&Thread->IrpList);
2962 }
2963 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
2964 {
2965 /* Get exception code */
2966 Status = _SEH2_GetExceptionCode();
2967 }
2968 _SEH2_END;
2969
2970 /* Lower IRQL back */
2971 KeLowerIrql(OldIrql);
2972
2973 /* Dereference the thread */
2974 ObDereferenceObject(Thread);
2975 break;
2976
2977 /* LDT and GDT information */
2978 case ThreadDescriptorTableEntry:
2979
2980#if defined(_X86_)
2981 /* Reference the process */
2982 Status = ObReferenceObjectByHandle(ThreadHandle,
2983 Access,
2984 PsThreadType,
2985 PreviousMode,
2986 (PVOID*)&Thread,
2987 NULL);
2988 if (!NT_SUCCESS(Status))
2989 break;
2990
2991 /* Call the worker routine */
2992 Status = PspQueryDescriptorThread(Thread,
2993 ThreadInformation,
2994 ThreadInformationLength,
2995 ReturnLength);
2996
2997 /* Dereference the thread */
2998 ObDereferenceObject(Thread);
2999#else
3000 /* Only implemented on x86 */
3001 Status = STATUS_NOT_IMPLEMENTED;
3002#endif
3003 break;
3004
3005 case ThreadPriorityBoost:
3006
3007 /* Set the return length*/
3008 Length = sizeof(ULONG);
3009
3010 if (ThreadInformationLength != Length)
3011 {
3012 Status = STATUS_INFO_LENGTH_MISMATCH;
3013 break;
3014 }
3015
3016 /* Reference the process */
3017 Status = ObReferenceObjectByHandle(ThreadHandle,
3018 Access,
3019 PsThreadType,
3020 PreviousMode,
3021 (PVOID*)&Thread,
3022 NULL);
3023 if (!NT_SUCCESS(Status))
3024 break;
3025
3026 _SEH2_TRY
3027 {
3028 *(PULONG)ThreadInformation = Thread->Tcb.DisableBoost ? 1 : 0;
3029 }
3030 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
3031 {
3032 Status = _SEH2_GetExceptionCode();
3033 }
3034 _SEH2_END;
3035
3036 /* Dereference the thread */
3037 ObDereferenceObject(Thread);
3038 break;
3039
3040 case ThreadIsTerminated:
3041
3042 /* Set the return length*/
3043 Length = sizeof(ThreadTerminated);
3044
3045 if (ThreadInformationLength != Length)
3046 {
3047 Status = STATUS_INFO_LENGTH_MISMATCH;
3048 break;
3049 }
3050
3051 /* Reference the process */
3052 Status = ObReferenceObjectByHandle(ThreadHandle,
3053 Access,
3054 PsThreadType,
3055 PreviousMode,
3056 (PVOID*)&Thread,
3057 NULL);
3058 if (!NT_SUCCESS(Status))
3059 break;
3060
3061 ThreadTerminated = PsIsThreadTerminating(Thread);
3062
3063 _SEH2_TRY
3064 {
3065 *(PULONG)ThreadInformation = ThreadTerminated ? 1 : 0;
3066 }
3067 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
3068 {
3069 Status = _SEH2_GetExceptionCode();
3070 }
3071 _SEH2_END;
3072
3073 /* Dereference the thread */
3074 ObDereferenceObject(Thread);
3075 break;
3076
3077 /* Anything else */
3078 default:
3079
3080 /* Not yet implemented */
3081 DPRINT1("Not implemented: %lx\n", ThreadInformationClass);
3082 Status = STATUS_NOT_IMPLEMENTED;
3083 }
3084
3085 /* Protect write with SEH */
3086 _SEH2_TRY
3087 {
3088 /* Check if caller wanted return length */
3089 if (ReturnLength) *ReturnLength = Length;
3090 }
3091 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
3092 {
3093 /* Get exception code */
3094 Status = _SEH2_GetExceptionCode();
3095 }
3096 _SEH2_END;
3097
3098 return Status;
3099}
3100
3101/* EOF */
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_EvalMethod.c:87
STATUS_PRIVILEGE_NOT_HELD
#define STATUS_PRIVILEGE_NOT_HELD
Definition: DriverTester.h:9
ReturnLength
_In_ PVOID _In_ ULONG _Out_ PVOID _In_ ULONG _Inout_ PULONG ReturnLength
Definition: KdSystemDebugControl.c:34
PreviousMode
_In_ PVOID _In_ ULONG _Out_ PVOID _In_ ULONG _Inout_ PULONG _In_ KPROCESSOR_MODE PreviousMode
Definition: KdSystemDebugControl.c:35
DirectoryHandle
static HANDLE DirectoryHandle
Definition: ObType.c:48
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
RTL_NUMBER_OF
#define RTL_NUMBER_OF(x)
Definition: RtlRegistry.c:12
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
DPRINT1
#define DPRINT1
Definition: precomp.h:8
Query
BOOL Query(LPCTSTR *ServiceArgs, DWORD ArgCount, BOOL bExtended)
Definition: query.c:292
PKAFFINITY
KAFFINITY * PKAFFINITY
Definition: basetsd.h:195
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: ntoskrnl.c:15
ProcessDebugPort
@ ProcessDebugPort
Definition: cicbase.cpp:45
ProcessBreakOnTermination
@ ProcessBreakOnTermination
Definition: cicbase.cpp:48
ProcessBasicInformation
@ ProcessBasicInformation
Definition: cicbase.cpp:44
ProcessWow64Information
@ ProcessWow64Information
Definition: cicbase.cpp:46
ProcessImageFileName
@ ProcessImageFileName
Definition: cicbase.cpp:47
PROCESSINFOCLASS
enum _PROCESSINFOCLASS PROCESSINFOCLASS
Definition: loader.c:63
STATUS_NOT_IMPLEMENTED
#define STATUS_NOT_IMPLEMENTED
Definition: d3dkmdt.h:42
DbgkOpenProcessDebugPort
NTSTATUS NTAPI DbgkOpenProcessDebugPort(IN PEPROCESS Process, IN KPROCESSOR_MODE PreviousMode, OUT HANDLE *DebugHandle)
Definition: dbgkobj.c:1526
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
THREAD_BASIC_INFORMATION
struct _THREAD_BASIC_INFORMATION THREAD_BASIC_INFORMATION
KAFFINITY
ULONG_PTR KAFFINITY
Definition: compat.h:85
ThreadDescriptorTableEntry
@ ThreadDescriptorTableEntry
Definition: compat.h:941
ThreadAmILastThread
@ ThreadAmILastThread
Definition: compat.h:947
ThreadTimes
@ ThreadTimes
Definition: compat.h:936
ThreadPriority
@ ThreadPriority
Definition: compat.h:937
ThreadIdealProcessor
@ ThreadIdealProcessor
Definition: compat.h:948
ThreadQuerySetWin32StartAddress
@ ThreadQuerySetWin32StartAddress
Definition: compat.h:944
ThreadIsTerminated
@ ThreadIsTerminated
Definition: compat.h:955
ThreadBreakOnTermination
@ ThreadBreakOnTermination
Definition: compat.h:953
ThreadImpersonationToken
@ ThreadImpersonationToken
Definition: compat.h:940
ThreadAffinityMask
@ ThreadAffinityMask
Definition: compat.h:939
ThreadBasePriority
@ ThreadBasePriority
Definition: compat.h:938
ThreadBasicInformation
@ ThreadBasicInformation
Definition: compat.h:935
ThreadPriorityBoost
@ ThreadPriorityBoost
Definition: compat.h:949
ThreadPerformanceCount
@ ThreadPerformanceCount
Definition: compat.h:946
ThreadIsIoPending
@ ThreadIsIoPending
Definition: compat.h:951
ThreadZeroTlsCell
@ ThreadZeroTlsCell
Definition: compat.h:945
ThreadHideFromDebugger
@ ThreadHideFromDebugger
Definition: compat.h:952
THREADINFOCLASS
enum _THREADINFOCLASS THREADINFOCLASS
Definition: thread.c:101
PTHREAD_BASIC_INFORMATION
struct _THREAD_BASIC_INFORMATION * PTHREAD_BASIC_INFORMATION
KPRIORITY
LONG KPRIORITY
Definition: compat.h:803
UlongToPtr
#define UlongToPtr(u)
Definition: config.h:106
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
PUNICODE_STRING
UNICODE_STRING * PUNICODE_STRING
Definition: env_spec_w32.h:373
IsListEmpty
#define IsListEmpty(ListHead)
Definition: env_spec_w32.h:954
KIRQL
UCHAR KIRQL
Definition: env_spec_w32.h:591
PsGetCurrentThread
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
KeRaiseIrql
#define KeRaiseIrql(irql, oldIrql)
Definition: env_spec_w32.h:597
APC_LEVEL
#define APC_LEVEL
Definition: env_spec_w32.h:695
KeLowerIrql
#define KeLowerIrql(oldIrql)
Definition: env_spec_w32.h:602
PAGE_SHIFT
#define PAGE_SHIFT
Definition: env_spec_w32.h:45
KeQuerySystemTime
#define KeQuerySystemTime(t)
Definition: env_spec_w32.h:570
ExReleaseRundownProtection
#define ExReleaseRundownProtection
Definition: ex.h:139
ExGetPreviousMode
#define ExGetPreviousMode
Definition: ex.h:143
ExAcquirePushLockShared
FORCEINLINE VOID ExAcquirePushLockShared(PEX_PUSH_LOCK PushLock)
Definition: ex.h:1108
ExReleasePushLockShared
FORCEINLINE VOID ExReleasePushLockShared(PEX_PUSH_LOCK PushLock)
Definition: ex.h:1216
ExAcquireRundownProtection
#define ExAcquireRundownProtection
Definition: ex.h:138
MAXIMUM_PROCESSORS
#define MAXIMUM_PROCESSORS
Definition: rwlock.h:5
Thread
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
Status
Status
Definition: gdiplustypes.h:25
ICIF_PROBE_READ
#define ICIF_PROBE_READ
Definition: icif.h:25
PROCESS_SUSPEND_RESUME
#define PROCESS_SUSPEND_RESUME
Definition: pstypes.h:168
PROCESS_PRIORITY_CLASS
struct _PROCESS_PRIORITY_CLASS PROCESS_PRIORITY_CLASS
PROCESS_QUERY_INFORMATION
#define PROCESS_QUERY_INFORMATION
Definition: pstypes.h:167
THREAD_SET_THREAD_TOKEN
#define THREAD_SET_THREAD_TOKEN
Definition: pstypes.h:151
THREAD_BASE_PRIORITY_LOWRT
#define THREAD_BASE_PRIORITY_LOWRT
Definition: pstypes.h:183
PPROCESS_PRIORITY_CLASS
struct _PROCESS_PRIORITY_CLASS * PPROCESS_PRIORITY_CLASS
THREAD_QUERY_INFORMATION
#define THREAD_QUERY_INFORMATION
Definition: pstypes.h:150
PROCESS_PRIORITY_CLASS_ABOVE_NORMAL
#define PROCESS_PRIORITY_CLASS_ABOVE_NORMAL
Definition: pstypes.h:113
PSF_NO_DEBUG_INHERIT_BIT
#define PSF_NO_DEBUG_INHERIT_BIT
Definition: pstypes.h:275
CT_HIDE_FROM_DEBUGGER_BIT
#define CT_HIDE_FROM_DEBUGGER_BIT
Definition: pstypes.h:241
THREAD_BASE_PRIORITY_MIN
#define THREAD_BASE_PRIORITY_MIN
Definition: pstypes.h:185
PROCESS_SET_SESSIONID
#define PROCESS_SET_SESSIONID
Definition: pstypes.h:160
THREAD_BASE_PRIORITY_MAX
#define THREAD_BASE_PRIORITY_MAX
Definition: pstypes.h:184
PsProcessPriorityForeground
@ PsProcessPriorityForeground
Definition: pstypes.h:422
PsProcessPriorityBackground
@ PsProcessPriorityBackground
Definition: pstypes.h:423
THREAD_BASE_PRIORITY_IDLE
#define THREAD_BASE_PRIORITY_IDLE
Definition: pstypes.h:186
PROCESS_SET_INFORMATION
#define PROCESS_SET_INFORMATION
Definition: pstypes.h:166
PSF_VDM_ALLOWED_BIT
#define PSF_VDM_ALLOWED_BIT
Definition: pstypes.h:297
TLS_EXPANSION_SLOTS
#define TLS_EXPANSION_SLOTS
Definition: pstypes.h:311
PROCESS_PRIORITY_CLASS_REALTIME
#define PROCESS_PRIORITY_CLASS_REALTIME
Definition: pstypes.h:111
CT_BREAK_ON_TERMINATION_BIT
#define CT_BREAK_ON_TERMINATION_BIT
Definition: pstypes.h:245
PsNonPagedPool
@ PsNonPagedPool
Definition: pstypes.h:1022
PsPageFile
@ PsPageFile
Definition: pstypes.h:1024
PsPagedPool
@ PsPagedPool
Definition: pstypes.h:1023
PPROCESS_FOREGROUND_BACKGROUND
struct _PROCESS_FOREGROUND_BACKGROUND * PPROCESS_FOREGROUND_BACKGROUND
MEMORY_PRIORITY_BACKGROUND
#define MEMORY_PRIORITY_BACKGROUND
Definition: pstypes.h:125
PSF_BREAK_ON_TERMINATION_BIT
#define PSF_BREAK_ON_TERMINATION_BIT
Definition: pstypes.h:286
MEMORY_PRIORITY_FOREGROUND
#define MEMORY_PRIORITY_FOREGROUND
Definition: pstypes.h:127
PPROCESS_BASIC_INFORMATION
struct _PROCESS_BASIC_INFORMATION * PPROCESS_BASIC_INFORMATION
PROCESS_BASIC_INFORMATION
struct _PROCESS_BASIC_INFORMATION PROCESS_BASIC_INFORMATION
KERNEL_USER_TIMES
struct _KERNEL_USER_TIMES KERNEL_USER_TIMES
PKERNEL_USER_TIMES
struct _KERNEL_USER_TIMES * PKERNEL_USER_TIMES
ProcessLUIDDeviceMapsEnabled
@ ProcessLUIDDeviceMapsEnabled
Definition: winternl.h:884
ProcessWx86Information
@ ProcessWx86Information
Definition: winternl.h:875
ProcessDebugFlags
@ ProcessDebugFlags
Definition: winternl.h:887
ProcessSessionInformation
@ ProcessSessionInformation
Definition: winternl.h:880
ProcessAffinityMask
@ ProcessAffinityMask
Definition: winternl.h:877
ProcessIoPortHandlers
@ ProcessIoPortHandlers
Definition: winternl.h:869
ProcessRaisePriority
@ ProcessRaisePriority
Definition: winternl.h:862
ProcessVmCounters
@ ProcessVmCounters
Definition: winternl.h:859
ProcessPriorityClass
@ ProcessPriorityClass
Definition: winternl.h:874
ProcessPriorityBoost
@ ProcessPriorityBoost
Definition: winternl.h:878
ProcessImageInformation
@ ProcessImageInformation
Definition: winternl.h:892
ProcessExecuteFlags
@ ProcessExecuteFlags
Definition: winternl.h:889
ProcessCookie
@ ProcessCookie
Definition: winternl.h:891
ProcessPooledUsageAndLimits
@ ProcessPooledUsageAndLimits
Definition: winternl.h:870
ProcessLdtSize
@ ProcessLdtSize
Definition: winternl.h:867
ProcessIoCounters
@ ProcessIoCounters
Definition: winternl.h:858
ProcessDefaultHardErrorMode
@ ProcessDefaultHardErrorMode
Definition: winternl.h:868
ProcessEnableAlignmentFaultFixup
@ ProcessEnableAlignmentFaultFixup
Definition: winternl.h:873
ProcessDeviceMap
@ ProcessDeviceMap
Definition: winternl.h:879
ProcessBasePriority
@ ProcessBasePriority
Definition: winternl.h:861
ProcessQuotaLimits
@ ProcessQuotaLimits
Definition: winternl.h:857
ProcessAccessToken
@ ProcessAccessToken
Definition: winternl.h:865
ProcessHandleTracing
@ ProcessHandleTracing
Definition: winternl.h:888
ProcessForegroundInformation
@ ProcessForegroundInformation
Definition: winternl.h:881
ProcessTimes
@ ProcessTimes
Definition: winternl.h:860
ProcessDebugObjectHandle
@ ProcessDebugObjectHandle
Definition: winternl.h:886
ProcessExceptionPort
@ ProcessExceptionPort
Definition: winternl.h:864
ProcessWorkingSetWatch
@ ProcessWorkingSetWatch
Definition: winternl.h:871
ProcessLdtInformation
@ ProcessLdtInformation
Definition: winternl.h:866
ProcessHandleCount
@ ProcessHandleCount
Definition: winternl.h:876
ProcessUserModeIOPL
@ ProcessUserModeIOPL
Definition: winternl.h:872
PVM_COUNTERS
struct _VM_COUNTERS_ * PVM_COUNTERS
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:90
QUOTA_LIMITS_HARDWS_MIN_DISABLE
#define QUOTA_LIMITS_HARDWS_MIN_DISABLE
PROCESS_LUID_DOSDEVICES_ONLY
#define PROCESS_LUID_DOSDEVICES_ONLY
Definition: pstypes.h:228
PPROCESS_ACCESS_TOKEN
struct _PROCESS_ACCESS_TOKEN * PPROCESS_ACCESS_TOKEN
IO_COUNTERS
struct _IO_COUNTERS IO_COUNTERS
PROCESS_SESSION_INFORMATION
struct _PROCESS_SESSION_INFORMATION PROCESS_SESSION_INFORMATION
PPROCESS_SESSION_INFORMATION
struct _PROCESS_SESSION_INFORMATION * PPROCESS_SESSION_INFORMATION
LOW_PRIORITY
#define LOW_PRIORITY
QUOTA_LIMITS_HARDWS_MAX_DISABLE
#define QUOTA_LIMITS_HARDWS_MAX_DISABLE
QUOTA_LIMITS_EX
struct _QUOTA_LIMITS_EX QUOTA_LIMITS_EX
QUOTA_LIMITS_HARDWS_MAX_ENABLE
#define QUOTA_LIMITS_HARDWS_MAX_ENABLE
QUOTA_LIMITS_HARDWS_MIN_ENABLE
#define QUOTA_LIMITS_HARDWS_MIN_ENABLE
LOW_REALTIME_PRIORITY
#define LOW_REALTIME_PRIORITY
HIGH_PRIORITY
#define HIGH_PRIORITY
VM_COUNTERS_EX
struct _VM_COUNTERS_EX VM_COUNTERS_EX
PIO_COUNTERS
struct _IO_COUNTERS * PIO_COUNTERS
InterlockedCompareExchangePointer
#define InterlockedCompareExchangePointer
Definition: interlocked.h:144
InterlockedCompareExchange
#define InterlockedCompareExchange
Definition: interlocked.h:119
ThreadListHead
static LIST_ENTRY ThreadListHead
Definition: sys_arch.c:6
RTL_FIELD_SIZE
#define RTL_FIELD_SIZE(type, field)
Definition: kdb_expr.c:86
KeLeaveCriticalRegion
#define KeLeaveCriticalRegion()
Definition: ke_x.h:119
KeEnterCriticalRegion
#define KeEnterCriticalRegion()
Definition: ke_x.h:88
LpcPortObjectType
POBJECT_TYPE LpcPortObjectType
Definition: port.c:17
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109
ImageName
static const char * ImageName
Definition: image.c:34
KeGetCurrentPrcb
FORCEINLINE struct _KPRCB * KeGetCurrentPrcb(VOID)
Definition: ketypes.h:1187
KernelMode
#define KernelMode
Definition: asm.h:38
ProcessHandle
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
SECTION_IMAGE_INFORMATION
struct _SECTION_IMAGE_INFORMATION SECTION_IMAGE_INFORMATION
TokenHandle
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:726
ThreadInformationLength
_In_ THREADINFOCLASS _In_ ULONG ThreadInformationLength
Definition: psfuncs.h:843
ThreadInformationClass
_In_ THREADINFOCLASS ThreadInformationClass
Definition: psfuncs.h:840
SEM_NOALIGNMENTFAULTEXCEPT
#define SEM_NOALIGNMENTFAULTEXCEPT
Definition: rtltypes.h:71
_Out_opt_
#define _Out_opt_
Definition: no_sal2.h:214
_Out_
#define _Out_
Definition: no_sal2.h:160
_In_
#define _In_
Definition: no_sal2.h:158
ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40
NtCurrentProcess
#define NtCurrentProcess()
Definition: nt_native.h:1657
OBJECT_NAME_INFORMATION
struct _OBJECT_NAME_INFORMATION OBJECT_NAME_INFORMATION
THREAD_SET_INFORMATION
#define THREAD_SET_INFORMATION
Definition: nt_native.h:1337
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
KeQueryBasePriorityThread
LONG NTAPI KeQueryBasePriorityThread(IN PKTHREAD Thread)
Definition: thrdobj.c:52
KeQueryRuntimeProcess
ULONG NTAPI KeQueryRuntimeProcess(IN PKPROCESS Process, OUT PULONG UserTime)
Definition: procobj.c:860
KeSetAffinityProcess
KAFFINITY NTAPI KeSetAffinityProcess(IN PKPROCESS Process, IN KAFFINITY Affinity)
Definition: procobj.c:265
KeActiveProcessors
KAFFINITY KeActiveProcessors
Definition: processor.c:16
Ke386SetIOPL
VOID NTAPI Ke386SetIOPL(VOID)
Definition: v86vdm.c:595
KeQueryValuesProcess
VOID NTAPI KeQueryValuesProcess(IN PKPROCESS Process, PPROCESS_VALUES Values)
Definition: procobj.c:525
KeSetDisableBoostProcess
BOOLEAN NTAPI KeSetDisableBoostProcess(IN PKPROCESS Process, IN BOOLEAN Disable)
Definition: procobj.c:331
KeSetDisableBoostThread
BOOLEAN NTAPI KeSetDisableBoostThread(IN OUT PKTHREAD Thread, IN BOOLEAN Disable)
Definition: thrdobj.c:86
KeReadStateThread
BOOLEAN NTAPI KeReadStateThread(IN PKTHREAD Thread)
Definition: thrdobj.c:42
KeSetAutoAlignmentProcess
BOOLEAN NTAPI KeSetAutoAlignmentProcess(IN PKPROCESS Process, IN BOOLEAN Enable)
Definition: procobj.c:313
KeBoostPriorityThread
VOID NTAPI KeBoostPriorityThread(IN PKTHREAD Thread, IN KPRIORITY Increment)
Definition: thrdobj.c:220
KeSetPriorityAndQuantumProcess
KPRIORITY NTAPI KeSetPriorityAndQuantumProcess(IN PKPROCESS Process, IN KPRIORITY Priority, IN UCHAR Quantum OPTIONAL)
Definition: procobj.c:349
MmGetFileObjectForSection
PFILE_OBJECT NTAPI MmGetFileObjectForSection(IN PVOID Section)
Definition: section.c:1540
MmGetImageInformation
VOID NTAPI MmGetImageInformation(OUT PSECTION_IMAGE_INFORMATION ImageInformation)
Definition: section.c:1617
MmSetExecuteOptions
NTSTATUS NTAPI MmSetExecuteOptions(IN ULONG ExecuteOptions)
Definition: pagfault.c:2695
MmSetMemoryPriorityProcess
NTSTATUS NTAPI MmSetMemoryPriorityProcess(IN PEPROCESS Process, IN UCHAR MemoryPriority)
Definition: procsup.c:487
MmGetExecuteOptions
NTSTATUS NTAPI MmGetExecuteOptions(IN PULONG ExecuteOptions)
Definition: pagfault.c:2653
DefaultQueryInfoBufferCheck
static __inline NTSTATUS DefaultQueryInfoBufferCheck(_In_ ULONG Class, _In_ const INFORMATION_CLASS_INFO *ClassList, _In_ ULONG ClassListEntries, _In_ ULONG Flags, _In_opt_ PVOID Buffer, _In_ ULONG BufferLength, _In_opt_ PULONG ReturnLength, _In_opt_ PULONG_PTR ReturnLengthPtr, _In_ KPROCESSOR_MODE PreviousMode)
Probe helper that validates the provided parameters whenever a NtQuery*** system call is invoked from...
Definition: probe.h:219
DefaultSetInfoBufferCheck
static __inline NTSTATUS DefaultSetInfoBufferCheck(_In_ ULONG Class, _In_ const INFORMATION_CLASS_INFO *ClassList, _In_ ULONG ClassListEntries, _In_ PVOID Buffer, _In_ ULONG BufferLength, _In_ KPROCESSOR_MODE PreviousMode)
Probe helper that validates the provided parameters whenever a NtSet*** system call is invoked from u...
Definition: probe.h:70
SeDebugPrivilege
const LUID SeDebugPrivilege
Definition: priv.c:39
SeCheckPrivilegedObject
BOOLEAN NTAPI SeCheckPrivilegedObject(_In_ LUID PrivilegeValue, _In_ HANDLE ObjectHandle, _In_ ACCESS_MASK DesiredAccess, _In_ KPROCESSOR_MODE PreviousMode)
Checks a privileged object if such object has the specific privilege submitted by the caller.
Definition: priv.c:803
SeTcbPrivilege
const LUID SeTcbPrivilege
Definition: priv.c:26
SeIncreaseBasePriorityPrivilege
const LUID SeIncreaseBasePriorityPrivilege
Definition: priv.c:33
KeMaximumIncrement
ULONG KeMaximumIncrement
Definition: clock.c:20
PsProcessType
POBJECT_TYPE PsProcessType
Definition: process.c:20
PsGetProcessSessionId
ULONG NTAPI PsGetProcessSessionId(IN PEPROCESS Process)
Definition: process.c:1163
PsSetProcessPriorityByClass
VOID NTAPI PsSetProcessPriorityByClass(IN PEPROCESS Process, IN PSPROCESSPRIORITYMODE Type)
Definition: process.c:1325
NtQueryInformationThread
NTSTATUS NTAPI NtQueryInformationThread(IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, OUT PVOID ThreadInformation, IN ULONG ThreadInformationLength, OUT PULONG ReturnLength OPTIONAL)
Definition: query.c:2680
PspTraceLevel
ULONG PspTraceLevel
Definition: query.c:18
PsReferenceProcessFilePointer
NTSTATUS NTAPI PsReferenceProcessFilePointer(IN PEPROCESS Process, OUT PFILE_OBJECT *FileObject)
Definition: query.c:24
NtSetInformationProcess
NTSTATUS NTAPI NtSetInformationProcess(IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, IN PVOID ProcessInformation, IN ULONG ProcessInformationLength)
Definition: query.c:1161
NtSetInformationThread
NTSTATUS NTAPI NtSetInformationThread(IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength)
Definition: query.c:2074
NtQueryInformationProcess
NTSTATUS NTAPI NtQueryInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _Out_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength, _Out_opt_ PULONG ReturnLength)
Definition: query.c:59
PsAssignImpersonationToken
NTSTATUS NTAPI PsAssignImpersonationToken(IN PETHREAD Thread, IN HANDLE TokenHandle)
Definition: security.c:502
PsThreadType
POBJECT_TYPE PsThreadType
Definition: thread.c:20
PsIsThreadTerminating
BOOLEAN NTAPI PsIsThreadTerminating(IN PETHREAD Thread)
Definition: thread.c:868
SeLocateProcessImageName
NTSTATUS NTAPI SeLocateProcessImageName(_In_ PEPROCESS Process, _Out_ PUNICODE_STRING *ProcessImageName)
Finds the process image name of a specific process.
Definition: audit.c:199
SeSinglePrivilegeCheck
BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a single privilege is present in the context of the calling thread.
Definition: priv.c:744
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
STATUS_PROCESS_IS_TERMINATING
#define STATUS_PROCESS_IS_TERMINATING
Definition: ntstatus.h:502
STATUS_INVALID_INFO_CLASS
#define STATUS_INVALID_INFO_CLASS
Definition: ntstatus.h:240
STATUS_PORT_ALREADY_SET
#define STATUS_PORT_ALREADY_SET
Definition: ntstatus.h:308
ObGetProcessHandleCount
ULONG NTAPI ObGetProcessHandleCount(IN PEPROCESS Process)
Definition: obhandle.c:56
ObSetDeviceMap
NTSTATUS NTAPI ObSetDeviceMap(IN PEPROCESS Process, IN HANDLE DirectoryHandle)
Definition: devicemap.c:24
ObIsLUIDDeviceMapsEnabled
ULONG NTAPI ObIsLUIDDeviceMapsEnabled(VOID)
Definition: devicemap.c:662
ObQueryDeviceMapInformation
NTSTATUS NTAPI ObQueryDeviceMapInformation(_In_opt_ PEPROCESS Process, _Out_ PPROCESS_DEVICEMAP_INFORMATION DeviceMapInfo, _In_ ULONG Flags)
Definition: devicemap.c:539
ObCloseHandle
NTSTATUS NTAPI ObCloseHandle(IN HANDLE Handle, IN KPROCESSOR_MODE AccessMode)
Definition: obhandle.c:3379
ObReferenceObjectByHandle
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
LONG
long LONG
Definition: pedump.c:60
Address
static WCHAR Address[46]
Definition: ping.c:68
KeDetachProcess
VOID NTAPI KeDetachProcess(VOID)
Definition: procobj.c:621
KeAttachProcess
VOID NTAPI KeAttachProcess(IN PKPROCESS Process)
Definition: procobj.c:582
PspSetPrimaryToken
NTSTATUS NTAPI PspSetPrimaryToken(IN PEPROCESS Process, IN HANDLE TokenHandle OPTIONAL, IN PACCESS_TOKEN Token OPTIONAL)
Definition: security.c:215
PspSetQuotaLimits
NTSTATUS NTAPI PspSetQuotaLimits(_In_ PEPROCESS Process, _In_ ULONG Unused, _In_ PVOID QuotaLimits, _In_ ULONG QuotaLimitsLength, _In_ KPROCESSOR_MODE PreviousMode)
This function adjusts the working set limits of a process and sets up new quota limits when necessary...
Definition: quota.c:1045
PsGetNextProcessThread
PETHREAD NTAPI PsGetNextProcessThread(IN PEPROCESS Process, IN PETHREAD Thread OPTIONAL)
Definition: process.c:75
PspDefaultQuotaBlock
EPROCESS_QUOTA_BLOCK PspDefaultQuotaBlock
Definition: quota.c:16
PsThreadInfoClass
static const INFORMATION_CLASS_INFO PsThreadInfoClass[]
Definition: ps_i.h:362
PsProcessInfoClass
static const INFORMATION_CLASS_INFO PsProcessInfoClass[]
Definition: ps_i.h:15
PspSetCrossThreadFlag
#define PspSetCrossThreadFlag(Thread, Flag)
Definition: ps_x.h:25
PspClearCrossThreadFlag
#define PspClearCrossThreadFlag(Thread, Flag)
Definition: ps_x.h:27
PspClearProcessFlag
#define PspClearProcessFlag(Process, Flag)
Definition: ps_x.h:35
PspSetProcessFlag
#define PspSetProcessFlag(Process, Flag)
Definition: ps_x.h:33
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:181
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:82
_SEH2_END
#define _SEH2_END
Definition: pseh2_64.h:171
_SEH2_TRY
#define _SEH2_TRY
Definition: pseh2_64.h:71
_SEH2_YIELD
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:184
PspQueryDescriptorThread
NTSTATUS NTAPI PspQueryDescriptorThread(IN PETHREAD Thread, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength, OUT PULONG ReturnLength OPTIONAL)
Definition: psldt.c:43
_WIN32_WINNT_WS03
#define _WIN32_WINNT_WS03
Definition: sdkddkver.h:23
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
Next
STDMETHOD() Next(THIS_ ULONG celt, IAssociationElement *pElement, ULONG *pceltFetched) PURE
OPTIONAL
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68
TLS_MINIMUM_AVAILABLE
#define TLS_MINIMUM_AVAILABLE
Definition: ntddk_ex.h:236
_EPROCESS
Definition: pstypes.h:1262
_ETHREAD
Definition: pstypes.h:1103
_ETHREAD::ExitTime
LARGE_INTEGER ExitTime
Definition: pstypes.h:1108
_ETHREAD::ExitStatus
NTSTATUS ExitStatus
Definition: pstypes.h:1114
_ETHREAD::Tcb
KTHREAD Tcb
Definition: pstypes.h:1104
_ETHREAD::RundownProtect
EX_RUNDOWN_REF RundownProtect
Definition: pstypes.h:1160
_ETHREAD::Win32StartAddress
PVOID Win32StartAddress
Definition: pstypes.h:1153
_ETHREAD::Cid
CLIENT_ID Cid
Definition: pstypes.h:1129
_ETHREAD::IrpList
LIST_ENTRY IrpList
Definition: pstypes.h:1145
_ETHREAD::CreateTime
LARGE_INTEGER CreateTime
Definition: pstypes.h:1105
_IO_COUNTERS
Definition: pstypes.h:82
_KERNEL_USER_TIMES
Definition: winternl.h:1059
_KERNEL_USER_TIMES::UserTime
LARGE_INTEGER UserTime
Definition: winternl.h:1063
_KERNEL_USER_TIMES::CreateTime
LARGE_INTEGER CreateTime
Definition: winternl.h:1060
_KERNEL_USER_TIMES::KernelTime
LARGE_INTEGER KernelTime
Definition: winternl.h:1062
_KERNEL_USER_TIMES::ExitTime
LARGE_INTEGER ExitTime
Definition: winternl.h:1061
_KPRCB
Definition: ketypes.h:654
_KPRCB::InterruptTime
ULONG InterruptTime
Definition: ketypes.h:834
_KPRCB::KeSystemCalls
ULONG KeSystemCalls
Definition: ketypes.h:745
_KTHREAD::Affinity
GROUP_AFFINITY Affinity
Definition: ketypes.h:2066
_KTHREAD::IdealProcessor
ULONG IdealProcessor
Definition: ketypes.h:2072
_KTHREAD::DisableBoost
ULONG DisableBoost
Definition: ketypes.h:1853
_KTHREAD::Priority
SCHAR Priority
Definition: ketypes.h:1910
_KTHREAD::Teb
PVOID Teb
Definition: ketypes.h:1935
_KTHREAD::KernelTime
ULONG KernelTime
Definition: ketypes.h:2115
_KTHREAD::UserTime
ULONG UserTime
Definition: ketypes.h:2131
_LIST_ENTRY
Definition: typedefs.h:120
_LIST_ENTRY::Flink
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
_PROCESS_ACCESS_TOKEN
Definition: pstypes.h:146
_PROCESS_BASIC_INFORMATION
Definition: winternl.h:402
_PROCESS_BASIC_INFORMATION::PebBaseAddress
PPEB PebBaseAddress
Definition: winternl.h:404
_PROCESS_BASIC_INFORMATION::AffinityMask
ULONG_PTR AffinityMask
Definition: pstypes.h:359
_PROCESS_BASIC_INFORMATION::InheritedFromUniqueProcessId
ULONG_PTR InheritedFromUniqueProcessId
Definition: pstypes.h:362
_PROCESS_BASIC_INFORMATION::ExitStatus
NTSTATUS ExitStatus
Definition: pstypes.h:357
_PROCESS_BASIC_INFORMATION::BasePriority
KPRIORITY BasePriority
Definition: pstypes.h:360
_PROCESS_BASIC_INFORMATION::UniqueProcessId
ULONG_PTR UniqueProcessId
Definition: winternl.h:406
_PROCESS_DEVICEMAP_INFORMATION_EX
Definition: pstypes.h:392
_PROCESS_DEVICEMAP_INFORMATION_EX::Flags
ULONG Flags
Definition: pstypes.h:402
_PROCESS_DEVICEMAP_INFORMATION
Definition: pstypes.h:380
_PROCESS_FOREGROUND_BACKGROUND
Definition: pstypes.h:965
_PROCESS_FOREGROUND_BACKGROUND::Foreground
BOOLEAN Foreground
Definition: pstypes.h:966
_PROCESS_PRIORITY_CLASS
Definition: pstypes.h:956
_PROCESS_PRIORITY_CLASS::PriorityClass
UCHAR PriorityClass
Definition: pstypes.h:958
_PROCESS_PRIORITY_CLASS::Foreground
BOOLEAN Foreground
Definition: pstypes.h:957
_PROCESS_SESSION_INFORMATION
Definition: pstypes.h:405
_PROCESS_VALUES
Definition: ke.h:45
_PROCESS_VALUES::IoInfo
IO_COUNTERS IoInfo
Definition: ke.h:48
_QUOTA_LIMITS_EX
Definition: pstypes.h:67
_QUOTA_LIMITS_EX::MaximumWorkingSetSize
SIZE_T MaximumWorkingSetSize
Definition: pstypes.h:71
_QUOTA_LIMITS_EX::PagedPoolLimit
SIZE_T PagedPoolLimit
Definition: pstypes.h:68
_QUOTA_LIMITS_EX::PagefileLimit
SIZE_T PagefileLimit
Definition: pstypes.h:72
_QUOTA_LIMITS_EX::Flags
ULONG Flags
Definition: pstypes.h:78
_QUOTA_LIMITS_EX::TimeLimit
LARGE_INTEGER TimeLimit
Definition: pstypes.h:73
_QUOTA_LIMITS_EX::CpuRateLimit
RATE_QUOTA_LIMIT CpuRateLimit
Definition: pstypes.h:79
_QUOTA_LIMITS_EX::NonPagedPoolLimit
SIZE_T NonPagedPoolLimit
Definition: pstypes.h:69
_QUOTA_LIMITS_EX::MinimumWorkingSetSize
SIZE_T MinimumWorkingSetSize
Definition: pstypes.h:70
_QUOTA_LIMITS
Definition: lsa.idl:286
_SECTION_IMAGE_INFORMATION
Definition: mmtypes.h:340
_SECTION
Definition: mmtypes.h:810
_SessionInfo
Definition: mmdrv.h:130
_TEB
Definition: compat.h:836
_TEB::TlsExpansionSlots
PVOID * TlsExpansionSlots
Definition: compat.h:894
_TEB::TlsSlots
PVOID TlsSlots[64]
Definition: compat.h:879
_THREAD_BASIC_INFORMATION
Definition: compat.h:926
_THREAD_BASIC_INFORMATION::ClientId
CLIENT_ID ClientId
Definition: compat.h:929
_THREAD_BASIC_INFORMATION::Priority
KPRIORITY Priority
Definition: compat.h:931
_THREAD_BASIC_INFORMATION::BasePriority
KPRIORITY BasePriority
Definition: compat.h:932
_THREAD_BASIC_INFORMATION::ExitStatus
NTSTATUS ExitStatus
Definition: compat.h:927
_THREAD_BASIC_INFORMATION::TebBaseAddress
PVOID TebBaseAddress
Definition: compat.h:928
_THREAD_BASIC_INFORMATION::AffinityMask
KAFFINITY AffinityMask
Definition: compat.h:930
_UNICODE_STRING
Definition: env_spec_w32.h:368
_VM_COUNTERS_
Definition: winternl.h:1604
_VM_COUNTERS_::QuotaPeakPagedPoolUsage
SIZE_T QuotaPeakPagedPoolUsage
Definition: winternl.h:1610
_VM_COUNTERS_::PeakWorkingSetSize
SIZE_T PeakWorkingSetSize
Definition: winternl.h:1608
_VM_COUNTERS_::QuotaPeakNonPagedPoolUsage
SIZE_T QuotaPeakNonPagedPoolUsage
Definition: winternl.h:1612
_VM_COUNTERS_::VirtualSize
SIZE_T VirtualSize
Definition: winternl.h:1606
_VM_COUNTERS_::PeakPagefileUsage
SIZE_T PeakPagefileUsage
Definition: winternl.h:1615
_VM_COUNTERS_::QuotaNonPagedPoolUsage
SIZE_T QuotaNonPagedPoolUsage
Definition: winternl.h:1613
_VM_COUNTERS_::PagefileUsage
SIZE_T PagefileUsage
Definition: winternl.h:1614
_VM_COUNTERS_::PeakVirtualSize
SIZE_T PeakVirtualSize
Definition: winternl.h:1605
_VM_COUNTERS_::QuotaPagedPoolUsage
SIZE_T QuotaPagedPoolUsage
Definition: winternl.h:1611
_VM_COUNTERS_::WorkingSetSize
SIZE_T WorkingSetSize
Definition: winternl.h:1609
_VM_COUNTERS_::PageFaultCount
ULONG PageFaultCount
Definition: winternl.h:1607
TAG_SEPA
#define TAG_SEPA
Definition: tag.h:155
KeSetIdealProcessorThread
UCHAR NTAPI KeSetIdealProcessorThread(IN PKTHREAD Thread, IN UCHAR Processor)
Definition: thrdobj.c:1066
KeSetBasePriorityThread
LONG NTAPI KeSetBasePriorityThread(IN PKTHREAD Thread, IN LONG Increment)
Definition: thrdobj.c:1157
KeSetPriorityThread
KPRIORITY NTAPI KeSetPriorityThread(IN PKTHREAD Thread, IN KPRIORITY Priority)
Definition: thrdobj.c:1300
KeSetAffinityThread
KAFFINITY NTAPI KeSetAffinityThread(IN PKTHREAD Thread, IN KAFFINITY Affinity)
Definition: thrdobj.c:1276
PWSTR
uint16_t * PWSTR
Definition: typedefs.h:56
PULONG_PTR
uint32_t * PULONG_PTR
Definition: typedefs.h:65
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
PBOOLEAN
unsigned char * PBOOLEAN
Definition: typedefs.h:53
LONGLONG
int64_t LONGLONG
Definition: typedefs.h:68
NTAPI
#define NTAPI
Definition: typedefs.h:36
LARGE_INTEGER
union _LARGE_INTEGER LARGE_INTEGER
PVOID
void * PVOID
Definition: typedefs.h:50
HANDLE
PVOID HANDLE
Definition: typedefs.h:73
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
IN
#define IN
Definition: typedefs.h:39
PLONG
int32_t * PLONG
Definition: typedefs.h:58
PLARGE_INTEGER
union _LARGE_INTEGER * PLARGE_INTEGER
Definition: file.c:85
CONTAINING_RECORD
#define CONTAINING_RECORD(address, type, field)
Definition: typedefs.h:260
ULONG
uint32_t ULONG
Definition: typedefs.h:59
OUT
#define OUT
Definition: typedefs.h:40
CCHAR
char CCHAR
Definition: typedefs.h:51
STATUS_ACCESS_DENIED
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
STATUS_UNSUCCESSFUL
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132
STATUS_INFO_LENGTH_MISMATCH
#define STATUS_INFO_LENGTH_MISMATCH
Definition: udferr_usr.h:133
_LARGE_INTEGER
Definition: typedefs.h:103
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114
_LARGE_INTEGER::u
struct _LARGE_INTEGER::@2473 u
_RATE_QUOTA_LIMIT::RateData
ULONG RateData
Definition: pstypes.h:60
FileObject
_In_ WDFREQUEST _In_ WDFFILEOBJECT FileObject
Definition: wdfdevice.h:550
Priority
_In_ WDFINTERRUPT _In_ WDF_INTERRUPT_POLICY _In_ WDF_INTERRUPT_PRIORITY Priority
Definition: wdfinterrupt.h:655
HasPrivilege
BOOLEAN HasPrivilege(IN PPRIVILEGE_SET Privilege)
Definition: shutdown.c:92
TlsIndex
#define TlsIndex
Definition: ws2_32p.h:277
Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
Cookie
_In_opt_ PVOID _Out_ PLARGE_INTEGER Cookie
Definition: cmfuncs.h:14
Affinity
_In_ ULONG _In_ ULONG _In_ ULONG _Out_ PKIRQL _Out_ PKAFFINITY Affinity
Definition: halfuncs.h:174
PFILE_OBJECT
* PFILE_OBJECT
Definition: iotypes.h:1998
UserTime
_Out_ PULONG UserTime
Definition: kefuncs.h:759
OldIrql
_Requires_lock_held_ Interrupt _Releases_lock_ Interrupt _In_ _IRQL_restores_ KIRQL OldIrql
Definition: kefuncs.h:778
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
ObDereferenceObject
#define ObDereferenceObject
Definition: obfuncs.h:203
ObReferenceObject
#define ObReferenceObject
Definition: obfuncs.h:204
PsGetCurrentProcess
#define PsGetCurrentProcess
Definition: psfuncs.h:17
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181