ReactOS 0.4.15-dev-7958-gcd0bb1a
Macros | Functions | Variables
thread.c File Reference
#include <ntoskrnl.h>
#include <debug.h>
Include dependency graph for thread.c:

Go to the source code of this file.

Macros

#define NDEBUG
 

Functions

VOID NTAPI PspUserThreadStartup (IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext)
 
LONG PspUnhandledExceptionInSystemThread (PEXCEPTION_POINTERS ExceptionPointers)
 
VOID NTAPI PspSystemThreadStartup (IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext)
 
NTSTATUS NTAPI PspCreateThread (OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN HANDLE ProcessHandle, IN PEPROCESS TargetProcess, OUT PCLIENT_ID ClientId, IN PCONTEXT ThreadContext, IN PINITIAL_TEB InitialTeb, IN BOOLEAN CreateSuspended, IN PKSTART_ROUTINE StartRoutine OPTIONAL, IN PVOID StartContext OPTIONAL)
 
NTSTATUS NTAPI PsCreateSystemThread (OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN HANDLE ProcessHandle, IN PCLIENT_ID ClientId, IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext)
 
NTSTATUS NTAPI PsLookupThreadByThreadId (IN HANDLE ThreadId, OUT PETHREAD *Thread)
 
ULONG NTAPI PsGetThreadFreezeCount (IN PETHREAD Thread)
 
BOOLEAN NTAPI PsGetThreadHardErrorsAreDisabled (IN PETHREAD Thread)
 
HANDLE NTAPI PsGetThreadId (IN PETHREAD Thread)
 
HANDLE NTAPI PsGetCurrentThreadId (VOID)
 
PEPROCESS NTAPI PsGetThreadProcess (IN PETHREAD Thread)
 
PEPROCESS NTAPI PsGetCurrentThreadProcess (VOID)
 
HANDLE NTAPI PsGetThreadProcessId (IN PETHREAD Thread)
 
HANDLE NTAPI PsGetCurrentThreadProcessId (VOID)
 
ULONG NTAPI PsGetThreadSessionId (IN PETHREAD Thread)
 
PTEB NTAPI PsGetThreadTeb (IN PETHREAD Thread)
 
PVOID NTAPI PsGetCurrentThreadTeb (VOID)
 
PVOID NTAPI PsGetThreadWin32Thread (IN PETHREAD Thread)
 
PVOID NTAPI PsGetCurrentThreadWin32Thread (VOID)
 
PVOID NTAPI PsGetCurrentThreadWin32ThreadAndEnterCriticalRegion (_Out_ HANDLE *OutProcessId)
 
KPROCESSOR_MODE NTAPI PsGetCurrentThreadPreviousMode (VOID)
 
PVOID NTAPI PsGetCurrentThreadStackBase (VOID)
 
PVOID NTAPI PsGetCurrentThreadStackLimit (VOID)
 
BOOLEAN NTAPI PsIsThreadTerminating (IN PETHREAD Thread)
 
BOOLEAN NTAPI PsIsSystemThread (IN PETHREAD Thread)
 
BOOLEAN NTAPI PsIsThreadImpersonating (IN PETHREAD Thread)
 
VOID NTAPI PsSetThreadHardErrorsAreDisabled (IN PETHREAD Thread, IN BOOLEAN HardErrorsAreDisabled)
 
PVOID NTAPI PsSetThreadWin32Thread (_Inout_ PETHREAD Thread, _In_ PVOID Win32Thread, _In_ PVOID OldWin32Thread)
 
NTSTATUS NTAPI PsWrapApcWow64Thread (IN OUT PVOID *ApcContext, IN OUT PVOID *ApcRoutine)
 
NTSTATUS NTAPI NtCreateThread (OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN HANDLE ProcessHandle, OUT PCLIENT_ID ClientId, IN PCONTEXT ThreadContext, IN PINITIAL_TEB InitialTeb, IN BOOLEAN CreateSuspended)
 
NTSTATUS NTAPI NtOpenThread (OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId OPTIONAL)
 

Variables

BOOLEAN CcPfEnablePrefetcher
 
ULONG MmReadClusterSize
 
POBJECT_TYPE PsThreadType = NULL
 

Macro Definition Documentation

◆ NDEBUG

#define NDEBUG

Definition at line 13 of file thread.c.

Function Documentation

◆ NtCreateThread()

NTSTATUS NTAPI NtCreateThread ( OUT PHANDLE  ThreadHandle,
IN ACCESS_MASK  DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes  OPTIONAL,
IN HANDLE  ProcessHandle,
OUT PCLIENT_ID  ClientId,
IN PCONTEXT  ThreadContext,
IN PINITIAL_TEB  InitialTeb,
IN BOOLEAN  CreateSuspended 
)

Definition at line 941 of file thread.c.

949{
950 INITIAL_TEB SafeInitialTeb;
951 PAGED_CODE();
952 PSTRACE(PS_THREAD_DEBUG,
953 "ProcessHandle: %p Context: %p\n", ProcessHandle, ThreadContext);
954
955 /* Check if this was from user-mode */
956 if (KeGetPreviousMode() != KernelMode)
957 {
958 /* Make sure that we got a context */
959 if (!ThreadContext) return STATUS_INVALID_PARAMETER;
960
961 /* Protect checks */
962 _SEH2_TRY
963 {
964 /* Make sure the handle pointer we got is valid */
965 ProbeForWriteHandle(ThreadHandle);
966
967 /* Check if the caller wants a client id */
968 if (ClientId)
969 {
970 /* Make sure we can write to it */
971 ProbeForWrite(ClientId, sizeof(CLIENT_ID), sizeof(ULONG));
972 }
973
974 /* Make sure that the entire context is readable */
975 ProbeForRead(ThreadContext, sizeof(CONTEXT), sizeof(ULONG));
976
977 /* Check the Initial TEB */
978 ProbeForRead(InitialTeb, sizeof(INITIAL_TEB), sizeof(ULONG));
979 SafeInitialTeb = *InitialTeb;
980 }
981 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
982 {
983 /* Return the exception code */
984 _SEH2_YIELD(return _SEH2_GetExceptionCode());
985 }
986 _SEH2_END;
987 }
988 else
989 {
990 /* Use the Initial TEB as is */
991 SafeInitialTeb = *InitialTeb;
992 }
993
994 /* Call the shared function */
995 return PspCreateThread(ThreadHandle,
996 DesiredAccess,
997 ObjectAttributes,
998 ProcessHandle,
999 NULL,
1000 ClientId,
1001 ThreadContext,
1002 &SafeInitialTeb,
1003 CreateSuspended,
1004 NULL,
1005 NULL);
1006}
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_EvalMethod.c:87
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
NULL
#define NULL
Definition: types.h:112
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
ProbeForWrite
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
_SEH2_END
#define _SEH2_END
Definition: filesup.c:22
_SEH2_TRY
#define _SEH2_TRY
Definition: filesup.c:19
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
KernelMode
#define KernelMode
Definition: asm.h:34
KeGetPreviousMode
#define KeGetPreviousMode()
Definition: ketypes.h:1115
ProcessHandle
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
PspCreateThread
NTSTATUS NTAPI PspCreateThread(OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN HANDLE ProcessHandle, IN PEPROCESS TargetProcess, OUT PCLIENT_ID ClientId, IN PCONTEXT ThreadContext, IN PINITIAL_TEB InitialTeb, IN BOOLEAN CreateSuspended, IN PKSTART_ROUTINE StartRoutine OPTIONAL, IN PVOID StartContext OPTIONAL)
Definition: thread.c:172
PSTRACE
#define PSTRACE(x, fmt,...)
Definition: ps.h:57
PS_THREAD_DEBUG
#define PS_THREAD_DEBUG
Definition: ps.h:17
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:159
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:34
_SEH2_YIELD
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:162
ProbeForWriteHandle
#define ProbeForWriteHandle(Ptr)
Definition: probe.h:43
_CLIENT_ID
Definition: compat.h:824
_CONTEXT
Definition: nt_native.h:1406
_INITIAL_TEB
Definition: pstypes.h:691
ULONG
uint32_t ULONG
Definition: typedefs.h:59
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
ClientId
_Out_ PCLIENT_ID ClientId
Definition: kefuncs.h:1151

◆ NtOpenThread()

NTSTATUS NTAPI NtOpenThread ( OUT PHANDLE  ThreadHandle,
IN ACCESS_MASK  DesiredAccess,
IN POBJECT_ATTRIBUTES  ObjectAttributes,
IN PCLIENT_ID ClientId  OPTIONAL 
)

Definition at line 1013 of file thread.c.

1017{
1018 KPROCESSOR_MODE PreviousMode = KeGetPreviousMode();
1019 CLIENT_ID SafeClientId;
1020 ULONG Attributes = 0;
1021 HANDLE hThread = NULL;
1022 NTSTATUS Status;
1023 PETHREAD Thread;
1024 BOOLEAN HasObjectName = FALSE;
1025 ACCESS_STATE AccessState;
1026 AUX_ACCESS_DATA AuxData;
1027 PAGED_CODE();
1028 PSTRACE(PS_THREAD_DEBUG,
1029 "ClientId: %p ObjectAttributes: %p\n", ClientId, ObjectAttributes);
1030
1031 /* Check if we were called from user mode */
1032 if (PreviousMode != KernelMode)
1033 {
1034 /* Enter SEH for probing */
1035 _SEH2_TRY
1036 {
1037 /* Probe the thread handle */
1038 ProbeForWriteHandle(ThreadHandle);
1039
1040 /* Check for a CID structure */
1041 if (ClientId)
1042 {
1043 /* Probe and capture it */
1044 ProbeForRead(ClientId, sizeof(CLIENT_ID), sizeof(ULONG));
1045 SafeClientId = *ClientId;
1046 ClientId = &SafeClientId;
1047 }
1048
1049 /*
1050 * Just probe the object attributes structure, don't capture it
1051 * completely. This is done later if necessary
1052 */
1053 ProbeForRead(ObjectAttributes,
1054 sizeof(OBJECT_ATTRIBUTES),
1055 sizeof(ULONG));
1056 HasObjectName = (ObjectAttributes->ObjectName != NULL);
1057
1058 /* Validate user attributes */
1059 Attributes = ObpValidateAttributes(ObjectAttributes->Attributes, PreviousMode);
1060 }
1061 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1062 {
1063 /* Return the exception code */
1064 _SEH2_YIELD(return _SEH2_GetExceptionCode());
1065 }
1066 _SEH2_END;
1067 }
1068 else
1069 {
1070 /* Otherwise just get the data directly */
1071 HasObjectName = (ObjectAttributes->ObjectName != NULL);
1072
1073 /* Still have to sanitize attributes */
1074 Attributes = ObpValidateAttributes(ObjectAttributes->Attributes, PreviousMode);
1075 }
1076
1077 /* Can't pass both, fail */
1078 if ((HasObjectName) && (ClientId)) return STATUS_INVALID_PARAMETER_MIX;
1079
1080 /* Create an access state */
1081 Status = SeCreateAccessState(&AccessState,
1082 &AuxData,
1083 DesiredAccess,
1084 &PsThreadType->TypeInfo.GenericMapping);
1085 if (!NT_SUCCESS(Status)) return Status;
1086
1087 /* Check if this is a debugger */
1088 if (SeSinglePrivilegeCheck(SeDebugPrivilege, PreviousMode))
1089 {
1090 /* Did he want full access? */
1091 if (AccessState.RemainingDesiredAccess & MAXIMUM_ALLOWED)
1092 {
1093 /* Give it to him */
1094 AccessState.PreviouslyGrantedAccess |= THREAD_ALL_ACCESS;
1095 }
1096 else
1097 {
1098 /* Otherwise just give every other access he could want */
1099 AccessState.PreviouslyGrantedAccess |=
1100 AccessState.RemainingDesiredAccess;
1101 }
1102
1103 /* The caller desires nothing else now */
1104 AccessState.RemainingDesiredAccess = 0;
1105 }
1106
1107 /* Open by name if one was given */
1108 if (HasObjectName)
1109 {
1110 /* Open it */
1111 Status = ObOpenObjectByName(ObjectAttributes,
1112 PsThreadType,
1113 PreviousMode,
1114 &AccessState,
1115 0,
1116 NULL,
1117 &hThread);
1118
1119 /* Get rid of the access state */
1120 SeDeleteAccessState(&AccessState);
1121 }
1122 else if (ClientId)
1123 {
1124 /* Open by Thread ID */
1125 if (ClientId->UniqueProcess)
1126 {
1127 /* Get the Process */
1128 Status = PsLookupProcessThreadByCid(ClientId, NULL, &Thread);
1129 }
1130 else
1131 {
1132 /* Get the Process */
1133 Status = PsLookupThreadByThreadId(ClientId->UniqueThread, &Thread);
1134 }
1135
1136 /* Check if we didn't find anything */
1137 if (!NT_SUCCESS(Status))
1138 {
1139 /* Get rid of the access state and return */
1140 SeDeleteAccessState(&AccessState);
1141 return Status;
1142 }
1143
1144 /* Open the Thread Object */
1145 Status = ObOpenObjectByPointer(Thread,
1146 Attributes,
1147 &AccessState,
1148 0,
1149 PsThreadType,
1150 PreviousMode,
1151 &hThread);
1152
1153 /* Delete the access state and dereference the thread */
1154 SeDeleteAccessState(&AccessState);
1155 ObDereferenceObject(Thread);
1156 }
1157 else
1158 {
1159 /* Neither an object name nor a client id was passed */
1160 return STATUS_INVALID_PARAMETER_MIX;
1161 }
1162
1163 /* Check for success */
1164 if (NT_SUCCESS(Status))
1165 {
1166 /* Protect against bad user-mode pointers */
1167 _SEH2_TRY
1168 {
1169 /* Write back the handle */
1170 *ThreadHandle = hThread;
1171 }
1172 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1173 {
1174 /* Get the exception code */
1175 Status = _SEH2_GetExceptionCode();
1176 }
1177 _SEH2_END;
1178 }
1179
1180 /* Return status */
1181 return Status;
1182}
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
Thread
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
Status
Status
Definition: gdiplustypes.h:25
hThread
HANDLE hThread
Definition: wizard.c:28
THREAD_ALL_ACCESS
#define THREAD_ALL_ACCESS
Definition: nt_native.h:1339
MAXIMUM_ALLOWED
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83
SeDebugPrivilege
const LUID SeDebugPrivilege
Definition: priv.c:39
PsLookupProcessThreadByCid
NTSTATUS NTAPI PsLookupProcessThreadByCid(IN PCLIENT_ID Cid, OUT PEPROCESS *Process OPTIONAL, OUT PETHREAD *Thread)
Definition: process.c:961
PsThreadType
POBJECT_TYPE PsThreadType
Definition: thread.c:20
PsLookupThreadByThreadId
NTSTATUS NTAPI PsLookupThreadByThreadId(IN HANDLE ThreadId, OUT PETHREAD *Thread)
Definition: thread.c:643
SeCreateAccessState
NTSTATUS NTAPI SeCreateAccessState(_Inout_ PACCESS_STATE AccessState, _In_ PAUX_ACCESS_DATA AuxData, _In_ ACCESS_MASK Access, _In_ PGENERIC_MAPPING GenericMapping)
Creates an access state.
Definition: access.c:121
SeDeleteAccessState
VOID NTAPI SeDeleteAccessState(_In_ PACCESS_STATE AccessState)
Deletes an allocated access state from the memory.
Definition: access.c:150
SeSinglePrivilegeCheck
BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a single privilege is present in the context of the calling thread.
Definition: priv.c:744
STATUS_INVALID_PARAMETER_MIX
#define STATUS_INVALID_PARAMETER_MIX
Definition: ntstatus.h:285
ObpValidateAttributes
FORCEINLINE ULONG ObpValidateAttributes(IN ULONG Attributes, IN KPROCESSOR_MODE PreviousMode)
Definition: ob_x.h:22
ObOpenObjectByPointer
NTSTATUS NTAPI ObOpenObjectByPointer(IN PVOID Object, IN ULONG HandleAttributes, IN PACCESS_STATE PassedAccessState, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PHANDLE Handle)
Definition: obhandle.c:2742
ObOpenObjectByName
NTSTATUS NTAPI ObOpenObjectByName(IN POBJECT_ATTRIBUTES ObjectAttributes, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, IN PACCESS_STATE PassedAccessState, IN ACCESS_MASK DesiredAccess, IN OUT PVOID ParseContext, OUT PHANDLE Handle)
Definition: obhandle.c:2532
_ACCESS_STATE
Definition: setypes.h:224
_AUX_ACCESS_DATA
Definition: setypes.h:257
_CLIENT_ID::UniqueThread
HANDLE UniqueThread
Definition: compat.h:826
_CLIENT_ID::UniqueProcess
HANDLE UniqueProcess
Definition: compat.h:825
_ETHREAD
Definition: pstypes.h:1102
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_OBJECT_TYPE_INITIALIZER::GenericMapping
GENERIC_MAPPING GenericMapping
Definition: obtypes.h:358
_OBJECT_TYPE::TypeInfo
OBJECT_TYPE_INITIALIZER TypeInfo
Definition: obtypes.h:390
Attributes
_Must_inspect_result_ _In_ WDFDMAENABLER _In_ _In_opt_ PWDF_OBJECT_ATTRIBUTES Attributes
Definition: wdfcommonbuffer.h:97
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
ObDereferenceObject
#define ObDereferenceObject
Definition: obfuncs.h:203
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
AccessState
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:417

Referenced by OpenThread(), and PrintThreads().

◆ PsCreateSystemThread()

NTSTATUS NTAPI PsCreateSystemThread ( OUT PHANDLE  ThreadHandle,
IN ACCESS_MASK  DesiredAccess,
IN POBJECT_ATTRIBUTES  ObjectAttributes,
IN HANDLE  ProcessHandle,
IN PCLIENT_ID  ClientId,
IN PKSTART_ROUTINE  StartRoutine,
IN PVOID  StartContext 
)

Definition at line 602 of file thread.c.

609{
610 PEPROCESS TargetProcess = NULL;
611 HANDLE Handle = ProcessHandle;
612 PAGED_CODE();
613 PSTRACE(PS_THREAD_DEBUG,
614 "ProcessHandle: %p StartRoutine: %p StartContext: %p\n",
615 ProcessHandle, StartRoutine, StartContext);
616
617 /* Check if we have a handle. If not, use the System Process */
618 if (!ProcessHandle)
619 {
620 Handle = NULL;
621 TargetProcess = PsInitialSystemProcess;
622 }
623
624 /* Call the shared function */
625 return PspCreateThread(ThreadHandle,
626 DesiredAccess,
627 ObjectAttributes,
628 Handle,
629 TargetProcess,
630 ClientId,
631 NULL,
632 NULL,
633 FALSE,
634 StartRoutine,
635 StartContext);
636}
Handle
ULONG Handle
Definition: gdb_input.c:15
PsInitialSystemProcess
PEPROCESS PsInitialSystemProcess
Definition: psmgr.c:50
_EPROCESS
Definition: pstypes.h:1261
StartRoutine
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE StartRoutine
Definition: psfuncs.h:91

Referenced by _Function_class_(), ACPIDispatchDeviceControl(), AcpiOsExecute(), BehaviorChecks(), CmpInitializeHiveList(), create_calc_threads(), FxSystemThread::CreateThread(), DisplayBootBitmap(), DriverEntry(), ExpCreateWorkerThread(), ExpInitializeWorkerThreads(), Ext2StartReaper(), FsRtlInitializeWorkerThread(), InitializeDeviceData(), IntVideoPortInbvInitialize(), KdbSymInit(), KdpDebugLogInit(), KeyboardInternalDeviceControl(), KmtStartThread(), look_for_balance_item(), MiInitBalancerThread(), MmInitBsmThread(), mount_vol(), PageFileBehaviorChecks(), PopFlushVolumes(), PspInitPhase0(), remove_device(), resize_device(), RxInitializeDispatcher(), RxSpinUpWorkerThread(), ScrInbvInitialize(), send_subvol(), SeRmInitPhase1(), SermouseStartDevice(), start_balance(), start_scrub(), StartMemoryMonitor(), StartThread(), sys_thread_new(), SystemProcessTest(), TestEventConcurrent(), USBPORT_CreateWorkerThread(), and VfdCreateDevice().

◆ PsGetCurrentThreadId()

HANDLE NTAPI PsGetCurrentThreadId ( VOID  )

Definition at line 715 of file thread.c.

716{
717 return PsGetCurrentThread()->Cid.UniqueThread;
718}
PsGetCurrentThread
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81

◆ PsGetCurrentThreadPreviousMode()

KPROCESSOR_MODE NTAPI PsGetCurrentThreadPreviousMode ( VOID  )

Definition at line 838 of file thread.c.

839{
840 return (KPROCESSOR_MODE)PsGetCurrentThread()->Tcb.PreviousMode;
841}

◆ PsGetCurrentThreadProcess()

PEPROCESS NTAPI PsGetCurrentThreadProcess ( VOID  )

Definition at line 735 of file thread.c.

736{
737 return PsGetCurrentThread()->ThreadsProcess;
738}

◆ PsGetCurrentThreadProcessId()

HANDLE NTAPI PsGetCurrentThreadProcessId ( VOID  )

Definition at line 755 of file thread.c.

756{
757 return PsGetCurrentThread()->Cid.UniqueProcess;
758}

Referenced by intDdCreateDirectDrawLocal().

◆ PsGetCurrentThreadStackBase()

PVOID NTAPI PsGetCurrentThreadStackBase ( VOID  )

Definition at line 848 of file thread.c.

849{
850 return PsGetCurrentThread()->Tcb.StackBase;
851}

◆ PsGetCurrentThreadStackLimit()

PVOID NTAPI PsGetCurrentThreadStackLimit ( VOID  )

Definition at line 858 of file thread.c.

859{
860 return (PVOID)PsGetCurrentThread()->Tcb.StackLimit;
861}

◆ PsGetCurrentThreadTeb()

PVOID NTAPI PsGetCurrentThreadTeb ( VOID  )

Definition at line 785 of file thread.c.

786{
787 return PsGetCurrentThread()->Tcb.Teb;
788}

Referenced by FileOpenAddress().

◆ PsGetCurrentThreadWin32Thread()

PVOID NTAPI PsGetCurrentThreadWin32Thread ( VOID  )

Definition at line 805 of file thread.c.

806{
807 return PsGetCurrentThread()->Tcb.Win32Thread;
808}

Referenced by AllocateUserMessage(), CaretSystemTimerProc(), co_HOOK_CallHooks(), co_IntActivateKeyboardLayout(), co_IntCallHookProc(), co_IntCallSentMessageCallback(), co_IntCallWindowProc(), co_IntClientLoadLibrary(), co_IntClientThreadSetup(), co_IntCreateDefaultImeWindow(), co_IntFixCaret(), co_IntGetPeekMessage(), co_IntLoadDefaultCursors(), co_IntLoadKeyboardLayoutEx(), co_IntLoadSysMenuTemplate(), co_IntPaintWindows(), co_IntPeekMessage(), co_IntProcessKeyboardMessage(), co_IntProcessMouseMessage(), co_IntSendActivateMessages(), co_IntSendMessageTimeoutSingle(), co_IntSendMessageWithCallBack(), co_IntSetActiveWindow(), co_IntSetCaretPos(), co_IntSetForegroundAndFocusWindow(), co_IntWaitMessage(), co_MsqDispatchOneSentMessage(), co_MsqReplyMessage(), co_MsqSendMessage(), co_MsqSendMessageAsync(), co_UserDestroyWindow(), co_UserHideCaret(), co_UserSetCapture(), co_UserSetFocus(), co_UserShowCaret(), co_WinPosSearchChildren(), co_WinPosSetWindowPos(), co_WinPosShowWindow(), DECREASE_THREAD_LOCK_COUNT(), DefWndDoSizeMove(), DefWndStartSizeMove(), DesktopHeapGetUserDelta(), DesktopThreadMain(), GetW32ThreadInfo(), handle_internal_message(), IdlePing(), INCREASE_THREAD_LOCK_COUNT(), IntAddAtom(), IntCallWndProc(), IntCallWndProcRet(), IntCbAllocateMemory(), IntCbFreeMemory(), IntCreateDesktop(), IntDeactivateWindow(), IntDefWindowProc(), IntDeRegisterShellHookWindow(), IntDesktopOkToClose(), IntDestroyOwnedWindows(), IntDispatchMessage(), IntDrawScrollBar(), IntGetAndReferenceClass(), IntGetAtomName(), IntGetCapture(), IntGetCurrentThreadDesktopWindow(), IntGetImeCompatFlags(), IntGetNextHook(), IntGetQueueStatus(), IntGetThreadDesktopWindow(), IntGetThreadFocusWindow(), IntInitMessagePumpHook(), IntInvalidateWindows(), IntIsClipboardOpenByMe(), IntMsqClearWakeMask(), IntMsqSetWakeMask(), IntNotifyImeShowStatus(), IntNotifyWinEvent(), IntQueryTrackMouseEvent(), IntRegisterShellHookWindow(), IntReleaseCapture(), IntRemoveHook(), IntSendDestroyMsg(), IntSendSyncPaint(), IntSetThreadDesktop(), IntSetTimer(), IntTrackMouseEvent(), IntTrackPopupMenuEx(), IntTranslateKbdMessage(), IntUnhookWindowsHook(), IntUninitMessagePumpHook(), IntUserSetActiveWindow(), MENU_DoNextMenu(), MENU_InitTracking(), MENU_TrackMenu(), MsqGetMessageExtraInfo(), MsqSetMessageExtraInfo(), NtUserBlockInput(), NtUserCallNoParam(), NtUserCallOneParam(), NtUserCallTwoParam(), NtUserCreateAcceleratorTable(), NtUserCreateCaret(), NtUserGetAppImeLevel(), NtUserGetCaretPos(), NtUserGetGUIThreadInfo(), NtUserGetKeyboardLayoutName(), NtUserGetKeyboardState(), NtUserGetKeyNameText(), NtUserGetThreadState(), NtUserLockWorkStation(), NtUserMapVirtualKeyEx(), NtUserQueryWindow(), NtUserSendInput(), NtUserSetAppImeLevel(), NtUserSetKeyboardState(), NtUserSetThreadState(), NtUserSetWindowsHookEx(), NtUserSetWinEventHook(), NtUserToUnicodeEx(), NtUserValidateTimerCallback(), NtUserVkKeyScanEx(), NtUserWaitForInputIdle(), PostTimerMessages(), UserCreateInputContext(), UserDbgAssertThreadInfo(), UserDerefObjectCo(), UserDestroyMenu(), UserEnterExclusive(), UserGetActiveWindow(), UserGetCPD(), UserGetKeyboardLayout(), UserGetKeyState(), UserGhostThreadEntry(), UserInitialize(), UserOpenClipboard(), UserOpenInputDesktop(), UserRefObjectCo(), UserRegisterHotKey(), UserRegisterUserApiHook(), UserSendKeyboardInput(), UserSendMouseInput(), UserSetActiveWindow(), UserSetCursor(), UserShowCursor(), and UserUnregisterUserApiHook().

◆ PsGetCurrentThreadWin32ThreadAndEnterCriticalRegion()

PVOID NTAPI PsGetCurrentThreadWin32ThreadAndEnterCriticalRegion ( _Out_ HANDLE OutProcessId)

Definition at line 815 of file thread.c.

817{
818 PETHREAD CurrentThread;
819
820 /* Get the current thread */
821 CurrentThread = PsGetCurrentThread();
822
823 /* Return the process id */
824 *OutProcessId = CurrentThread->Cid.UniqueProcess;
825
826 /* Enter critical region */
827 KeEnterCriticalRegion();
828
829 /* Return the win32 thread */
830 return CurrentThread->Tcb.Win32Thread;
831}
KeEnterCriticalRegion
#define KeEnterCriticalRegion()
Definition: ke_x.h:88
_ETHREAD::Tcb
KTHREAD Tcb
Definition: pstypes.h:1103
_ETHREAD::Cid
CLIENT_ID Cid
Definition: pstypes.h:1128
_KTHREAD::Win32Thread
PVOID Win32Thread
Definition: ketypes.h:1866

◆ PsGetThreadFreezeCount()

ULONG NTAPI PsGetThreadFreezeCount ( IN PETHREAD  Thread)

Definition at line 685 of file thread.c.

686{
687 return Thread->Tcb.FreezeCount;
688}
_KTHREAD::FreezeCount
ULONG FreezeCount
Definition: ketypes.h:1737

Referenced by IsThreadSuspended(), and MsqIsHung().

◆ PsGetThreadHardErrorsAreDisabled()

BOOLEAN NTAPI PsGetThreadHardErrorsAreDisabled ( IN PETHREAD  Thread)

Definition at line 695 of file thread.c.

696{
697 return Thread->HardErrorsAreDisabled ? TRUE : FALSE;
698}
TRUE
#define TRUE
Definition: types.h:120
_ETHREAD::HardErrorsAreDisabled
ULONG HardErrorsAreDisabled
Definition: pstypes.h:1183

Referenced by MountMgrMountedDeviceNotification(), and MountMgrVolumeArrivalNotification().

◆ PsGetThreadId()

HANDLE NTAPI PsGetThreadId ( IN PETHREAD  Thread)

Definition at line 705 of file thread.c.

706{
707 return Thread->Cid.UniqueThread;
708}

Referenced by co_IntSetForegroundMessageQueue(), FirstSendHandler(), gdb_send_exception(), gdb_send_register(), gdb_send_registers(), handle_gdb_query(), IntDeactivateWindow(), IntTID2PTI(), NtUserQueryInputContext(), send_kd_state_change(), and UserGetKeyboardLayout().

◆ PsGetThreadProcess()

PEPROCESS NTAPI PsGetThreadProcess ( IN PETHREAD  Thread)

Definition at line 725 of file thread.c.

726{
727 return Thread->ThreadsProcess;
728}

◆ PsGetThreadProcessId()

HANDLE NTAPI PsGetThreadProcessId ( IN PETHREAD  Thread)

Definition at line 745 of file thread.c.

746{
747 return Thread->Cid.UniqueProcess;
748}

Referenced by co_IntCreateDefaultImeWindow(), FirstSendHandler(), gdb_send_exception(), handle_gdb_query(), NtUserQueryInputContext(), send_kd_state_change(), and UserInitiateShutdown().

◆ PsGetThreadSessionId()

ULONG NTAPI PsGetThreadSessionId ( IN PETHREAD  Thread)

Definition at line 765 of file thread.c.

766{
767 return MmGetSessionId(Thread->ThreadsProcess);
768}
MmGetSessionId
ULONG NTAPI MmGetSessionId(IN PEPROCESS Process)
Definition: session.c:179

◆ PsGetThreadTeb()

PTEB NTAPI PsGetThreadTeb ( IN PETHREAD  Thread)

Definition at line 775 of file thread.c.

776{
777 return Thread->Tcb.Teb;
778}
_KTHREAD::Teb
PVOID Teb
Definition: ketypes.h:1807

◆ PsGetThreadWin32Thread()

PVOID NTAPI PsGetThreadWin32Thread ( IN PETHREAD  Thread)

Definition at line 795 of file thread.c.

796{
797 return Thread->Tcb.Win32Thread;
798}

Referenced by _Acquires_lock_(), _Releases_lock_(), AllocW32Thread(), ExitThreadCallback(), IntTID2PTI(), NtUserSetWinEventHook(), and Win32kThreadCallback().

◆ PsIsSystemThread()

BOOLEAN NTAPI PsIsSystemThread ( IN PETHREAD  Thread)

Definition at line 878 of file thread.c.

879{
880 return Thread->SystemThread ? TRUE: FALSE;
881}
_ETHREAD::SystemThread
ULONG SystemThread
Definition: pstypes.h:1182

Referenced by IoIsSystemThread().

◆ PsIsThreadImpersonating()

BOOLEAN NTAPI PsIsThreadImpersonating ( IN PETHREAD  Thread)

Definition at line 888 of file thread.c.

889{
890 return Thread->ActiveImpersonationInfo ? TRUE : FALSE;
891}
_ETHREAD::ActiveImpersonationInfo
ULONG ActiveImpersonationInfo
Definition: pstypes.h:1181

Referenced by NtCloseObjectAuditAlarm().

◆ PsIsThreadTerminating()

BOOLEAN NTAPI PsIsThreadTerminating ( IN PETHREAD  Thread)

Definition at line 868 of file thread.c.

869{
870 return Thread->Terminated ? TRUE : FALSE;
871}
_ETHREAD::Terminated
ULONG Terminated
Definition: pstypes.h:1174

Referenced by IntTID2PTI(), NtQueryInformationThread(), ObpCloseHandle(), and RequestSynchronizeProcessWithSerialQueue().

◆ PsLookupThreadByThreadId()

NTSTATUS NTAPI PsLookupThreadByThreadId ( IN HANDLE  ThreadId,
OUT PETHREAD Thread 
)

Definition at line 643 of file thread.c.

645{
646 PHANDLE_TABLE_ENTRY CidEntry;
647 PETHREAD FoundThread;
648 NTSTATUS Status = STATUS_INVALID_PARAMETER;
649 PAGED_CODE();
650 PSTRACE(PS_THREAD_DEBUG, "ThreadId: %p\n", ThreadId);
651 KeEnterCriticalRegion();
652
653 /* Get the CID Handle Entry */
654 CidEntry = ExMapHandleToPointer(PspCidTable, ThreadId);
655 if (CidEntry)
656 {
657 /* Get the Thread */
658 FoundThread = CidEntry->Object;
659
660 /* Make sure it's really a thread */
661 if (FoundThread->Tcb.Header.Type == ThreadObject)
662 {
663 /* Safe Reference and return it */
664 if (ObReferenceObjectSafe(FoundThread))
665 {
666 *Thread = FoundThread;
667 Status = STATUS_SUCCESS;
668 }
669 }
670
671 /* Unlock the Entry */
672 ExUnlockHandleTableEntry(PspCidTable, CidEntry);
673 }
674
675 /* Return to caller */
676 KeLeaveCriticalRegion();
677 return Status;
678}
KeLeaveCriticalRegion
#define KeLeaveCriticalRegion()
Definition: ke_x.h:119
ThreadObject
@ ThreadObject
Definition: ketypes.h:412
ExMapHandleToPointer
PHANDLE_TABLE_ENTRY NTAPI ExMapHandleToPointer(IN PHANDLE_TABLE HandleTable, IN HANDLE Handle)
Definition: handle.c:1046
ExUnlockHandleTableEntry
VOID NTAPI ExUnlockHandleTableEntry(IN PHANDLE_TABLE HandleTable, IN PHANDLE_TABLE_ENTRY HandleTableEntry)
Definition: handle.c:923
ObReferenceObjectSafe
BOOLEAN FASTCALL ObReferenceObjectSafe(IN PVOID Object)
Definition: obref.c:22
PspCidTable
PHANDLE_TABLE PspCidTable
Definition: psmgr.c:48
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_DISPATCHER_HEADER::Type
UCHAR Type
Definition: ketypes.h:743
_HANDLE_TABLE_ENTRY
Definition: extypes.h:596
_HANDLE_TABLE_ENTRY::Object
PVOID Object
Definition: extypes.h:599
_KTHREAD::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:1661

Referenced by IntTID2PTI(), KdbpAttachToThread(), KdbpCmdThread(), NtOpenThread(), NtUserBuildHwndList(), NtUserPostThreadMessage(), and NtUserSetWinEventHook().

◆ PspCreateThread()

NTSTATUS NTAPI PspCreateThread ( OUT PHANDLE  ThreadHandle,
IN ACCESS_MASK  DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes  OPTIONAL,
IN HANDLE  ProcessHandle,
IN PEPROCESS  TargetProcess,
OUT PCLIENT_ID  ClientId,
IN PCONTEXT  ThreadContext,
IN PINITIAL_TEB  InitialTeb,
IN BOOLEAN  CreateSuspended,
IN PKSTART_ROUTINE StartRoutine  OPTIONAL,
IN PVOID StartContext  OPTIONAL 
)

Definition at line 172 of file thread.c.

183{
184 HANDLE hThread;
185 PEPROCESS Process;
186 PETHREAD Thread;
187 PTEB TebBase = NULL;
188 KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
189 NTSTATUS Status, AccessStatus;
190 HANDLE_TABLE_ENTRY CidEntry;
191 ACCESS_STATE LocalAccessState;
192 PACCESS_STATE AccessState = &LocalAccessState;
193 AUX_ACCESS_DATA AuxData;
194 BOOLEAN Result, SdAllocated;
195 PSECURITY_DESCRIPTOR SecurityDescriptor;
196 SECURITY_SUBJECT_CONTEXT SubjectContext;
197 PAGED_CODE();
198 PSTRACE(PS_THREAD_DEBUG,
199 "ThreadContext: %p TargetProcess: %p ProcessHandle: %p\n",
200 ThreadContext, TargetProcess, ProcessHandle);
201
202 /* If we were called from PsCreateSystemThread, then we're kernel mode */
203 if (StartRoutine) PreviousMode = KernelMode;
204
205 /* Reference the Process by handle or pointer, depending on what we got */
206 if (ProcessHandle)
207 {
208 /* Normal thread or System Thread */
209 Status = ObReferenceObjectByHandle(ProcessHandle,
210 PROCESS_CREATE_THREAD,
211 PsProcessType,
212 PreviousMode,
213 (PVOID*)&Process,
214 NULL);
215 PSREFTRACE(Process);
216 }
217 else
218 {
219 /* System thread inside System Process, or Normal Thread with a bug */
220 if (StartRoutine)
221 {
222 /* Reference the Process by Pointer */
223 ObReferenceObject(TargetProcess);
224 Process = TargetProcess;
225 Status = STATUS_SUCCESS;
226 }
227 else
228 {
229 /* Fake ObReference returning this */
230 Status = STATUS_INVALID_HANDLE;
231 }
232 }
233
234 /* Check for success */
235 if (!NT_SUCCESS(Status)) return Status;
236
237 /* Also make sure that User-Mode isn't trying to create a system thread */
238 if ((PreviousMode != KernelMode) && (Process == PsInitialSystemProcess))
239 {
240 /* Fail */
241 ObDereferenceObject(Process);
242 return STATUS_INVALID_HANDLE;
243 }
244
245 /* Create Thread Object */
246 Status = ObCreateObject(PreviousMode,
247 PsThreadType,
248 ObjectAttributes,
249 PreviousMode,
250 NULL,
251 sizeof(ETHREAD),
252 0,
253 0,
254 (PVOID*)&Thread);
255 if (!NT_SUCCESS(Status))
256 {
257 /* We failed; dereference the process and exit */
258 ObDereferenceObject(Process);
259 return Status;
260 }
261
262 /* Zero the Object entirely */
263 RtlZeroMemory(Thread, sizeof(ETHREAD));
264
265 /* Initialize rundown protection */
266 ExInitializeRundownProtection(&Thread->RundownProtect);
267
268 /* Initialize exit code */
269 Thread->ExitStatus = STATUS_PENDING;
270
271 /* Set the Process CID */
272 Thread->ThreadsProcess = Process;
273 Thread->Cid.UniqueProcess = Process->UniqueProcessId;
274
275 /* Create Cid Handle */
276 CidEntry.Object = Thread;
277 CidEntry.GrantedAccess = 0;
278 Thread->Cid.UniqueThread = ExCreateHandle(PspCidTable, &CidEntry);
279 if (!Thread->Cid.UniqueThread)
280 {
281 /* We couldn't create the CID, dereference the thread and fail */
282 ObDereferenceObject(Thread);
283 return STATUS_INSUFFICIENT_RESOURCES;
284 }
285
286 /* Save the read cluster size */
287 Thread->ReadClusterSize = MmReadClusterSize;
288
289 /* Initialize the LPC Reply Semaphore */
290 KeInitializeSemaphore(&Thread->LpcReplySemaphore, 0, 1);
291
292 /* Initialize the list heads and locks */
293 InitializeListHead(&Thread->LpcReplyChain);
294 InitializeListHead(&Thread->IrpList);
295 InitializeListHead(&Thread->PostBlockList);
296 InitializeListHead(&Thread->ActiveTimerListHead);
297 KeInitializeSpinLock(&Thread->ActiveTimerListLock);
298
299 /* Acquire rundown protection */
300 if (!ExAcquireRundownProtection (&Process->RundownProtect))
301 {
302 /* Fail */
303 ObDereferenceObject(Thread);
304 return STATUS_PROCESS_IS_TERMINATING;
305 }
306
307 /* Now let the kernel initialize the context */
308 if (ThreadContext)
309 {
310 /* User-mode Thread, create Teb */
311 Status = MmCreateTeb(Process, &Thread->Cid, InitialTeb, &TebBase);
312 if (!NT_SUCCESS(Status))
313 {
314 /* Failed to create the TEB. Release rundown and dereference */
315 ExReleaseRundownProtection(&Process->RundownProtect);
316 ObDereferenceObject(Thread);
317 return Status;
318 }
319
320 /* Set the Start Addresses from the untrusted ThreadContext */
321 _SEH2_TRY
322 {
323 Thread->StartAddress = (PVOID)KeGetContextPc(ThreadContext);
324 Thread->Win32StartAddress = (PVOID)KeGetContextReturnRegister(ThreadContext);
325 }
326 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
327 {
328 Status = _SEH2_GetExceptionCode();
329 }
330 _SEH2_END;
331
332 /* Let the kernel intialize the Thread */
333 if (NT_SUCCESS(Status))
334 {
335 Status = KeInitThread(&Thread->Tcb,
336 NULL,
337 PspUserThreadStartup,
338 NULL,
339 Thread->StartAddress,
340 ThreadContext,
341 TebBase,
342 &Process->Pcb);
343 }
344 }
345 else
346 {
347 /* System Thread */
348 Thread->StartAddress = StartRoutine;
349 PspSetCrossThreadFlag(Thread, CT_SYSTEM_THREAD_BIT);
350
351 /* Let the kernel intialize the Thread */
352 Status = KeInitThread(&Thread->Tcb,
353 NULL,
354 PspSystemThreadStartup,
355 StartRoutine,
356 StartContext,
357 NULL,
358 NULL,
359 &Process->Pcb);
360 }
361
362 /* Check if we failed */
363 if (!NT_SUCCESS(Status))
364 {
365 /* Delete the TEB if we had done */
366 if (TebBase) MmDeleteTeb(Process, TebBase);
367
368 /* Release rundown and dereference */
369 ExReleaseRundownProtection(&Process->RundownProtect);
370 ObDereferenceObject(Thread);
371 return Status;
372 }
373
374 /* Lock the process */
375 KeEnterCriticalRegion();
376 ExAcquirePushLockExclusive(&Process->ProcessLock);
377
378 /* Make sure the process didn't just die on us */
379 if (Process->ProcessDelete) goto Quickie;
380
381 /* Check if the thread was ours, terminated and it was user mode */
382 if ((Thread->Terminated) &&
383 (ThreadContext) &&
384 (Thread->ThreadsProcess == Process))
385 {
386 /* Cleanup, we don't want to start it up and context switch */
387 goto Quickie;
388 }
389
390 /*
391 * Insert the Thread into the Process's Thread List
392 * Note, this is the ETHREAD Thread List. It is removed in
393 * ps/kill.c!PspExitThread.
394 */
395 InsertTailList(&Process->ThreadListHead, &Thread->ThreadListEntry);
396 Process->ActiveThreads++;
397
398 /* Start the thread */
399 KeStartThread(&Thread->Tcb);
400
401 /* Release the process lock */
402 ExReleasePushLockExclusive(&Process->ProcessLock);
403 KeLeaveCriticalRegion();
404
405 /* Release rundown */
406 ExReleaseRundownProtection(&Process->RundownProtect);
407
408 /* Notify WMI */
409 //WmiTraceProcess(Process, TRUE);
410 //WmiTraceThread(Thread, InitialTeb, TRUE);
411
412 /* Notify Thread Creation */
413 PspRunCreateThreadNotifyRoutines(Thread, TRUE);
414
415 /* Reference ourselves as a keep-alive */
416 ObReferenceObjectEx(Thread, 2);
417
418 /* Suspend the Thread if we have to */
419 if (CreateSuspended) KeSuspendThread(&Thread->Tcb);
420
421 /* Check if we were already terminated */
422 if (Thread->Terminated) KeForceResumeThread(&Thread->Tcb);
423
424 /* Create an access state */
425 Status = SeCreateAccessStateEx(NULL,
426 ThreadContext ?
427 PsGetCurrentProcess() : Process,
428 &LocalAccessState,
429 &AuxData,
430 DesiredAccess,
431 &PsThreadType->TypeInfo.GenericMapping);
432 if (!NT_SUCCESS(Status))
433 {
434 /* Access state failed, thread is dead */
435 PspSetCrossThreadFlag(Thread, CT_DEAD_THREAD_BIT);
436
437 /* If we were suspended, wake it up */
438 if (CreateSuspended) KeResumeThread(&Thread->Tcb);
439
440 /* Dispatch thread */
441 KeReadyThread(&Thread->Tcb);
442
443 /* Dereference completely to kill it */
444 ObDereferenceObjectEx(Thread, 2);
445 return Status;
446 }
447
448 /* Insert the Thread into the Object Manager */
449 Status = ObInsertObject(Thread,
450 AccessState,
451 DesiredAccess,
452 0,
453 NULL,
454 &hThread);
455
456 /* Delete the access state if we had one */
457 if (AccessState) SeDeleteAccessState(AccessState);
458
459 /* Check for success */
460 if (NT_SUCCESS(Status))
461 {
462 /* Wrap in SEH to protect against bad user-mode pointers */
463 _SEH2_TRY
464 {
465 /* Return Cid and Handle */
466 if (ClientId) *ClientId = Thread->Cid;
467 *ThreadHandle = hThread;
468 }
469 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
470 {
471 /* Thread insertion failed, thread is dead */
472 PspSetCrossThreadFlag(Thread, CT_DEAD_THREAD_BIT);
473
474 /* If we were suspended, wake it up */
475 if (CreateSuspended) KeResumeThread(&Thread->Tcb);
476
477 /* Dispatch thread */
478 KeReadyThread(&Thread->Tcb);
479
480 /* Dereference it, leaving only the keep-alive */
481 ObDereferenceObject(Thread);
482
483 /* Close its handle, killing it */
484 ObCloseHandle(hThread, PreviousMode);
485
486 /* Return the exception code */
487 _SEH2_YIELD(return _SEH2_GetExceptionCode());
488 }
489 _SEH2_END;
490 }
491 else
492 {
493 /* Thread insertion failed, thread is dead */
494 PspSetCrossThreadFlag(Thread, CT_DEAD_THREAD_BIT);
495
496 /* If we were suspended, wake it up */
497 if (CreateSuspended) KeResumeThread(&Thread->Tcb);
498 }
499
500 /* Get the create time */
501 KeQuerySystemTime(&Thread->CreateTime);
502 ASSERT(!(Thread->CreateTime.HighPart & 0xF0000000));
503
504 /* Make sure the thread isn't dead */
505 if (!Thread->DeadThread)
506 {
507 /* Get the thread's SD */
508 Status = ObGetObjectSecurity(Thread,
509 &SecurityDescriptor,
510 &SdAllocated);
511 if (!NT_SUCCESS(Status))
512 {
513 /* Thread insertion failed, thread is dead */
514 PspSetCrossThreadFlag(Thread, CT_DEAD_THREAD_BIT);
515
516 /* If we were suspended, wake it up */
517 if (CreateSuspended) KeResumeThread(&Thread->Tcb);
518
519 /* Dispatch thread */
520 KeReadyThread(&Thread->Tcb);
521
522 /* Dereference it, leaving only the keep-alive */
523 ObDereferenceObject(Thread);
524
525 /* Close its handle, killing it */
526 ObCloseHandle(hThread, PreviousMode);
527 return Status;
528 }
529
530 /* Create the subject context */
531 SubjectContext.ProcessAuditId = Process;
532 SubjectContext.PrimaryToken = PsReferencePrimaryToken(Process);
533 SubjectContext.ClientToken = NULL;
534
535 /* Do the access check */
536 Result = SeAccessCheck(SecurityDescriptor,
537 &SubjectContext,
538 FALSE,
539 MAXIMUM_ALLOWED,
540 0,
541 NULL,
542 &PsThreadType->TypeInfo.GenericMapping,
543 PreviousMode,
544 &Thread->GrantedAccess,
545 &AccessStatus);
546
547 /* Dereference the token and let go the SD */
548 ObFastDereferenceObject(&Process->Token,
549 SubjectContext.PrimaryToken);
550 ObReleaseObjectSecurity(SecurityDescriptor, SdAllocated);
551
552 /* Remove access if it failed */
553 if (!Result) Process->GrantedAccess = 0;
554
555 /* Set least some minimum access */
556 Thread->GrantedAccess |= (THREAD_TERMINATE |
557 THREAD_SET_INFORMATION |
558 THREAD_QUERY_INFORMATION);
559 }
560 else
561 {
562 /* Set the thread access mask to maximum */
563 Thread->GrantedAccess = THREAD_ALL_ACCESS;
564 }
565
566 /* Dispatch thread */
567 KeReadyThread(&Thread->Tcb);
568
569 /* Dereference it, leaving only the keep-alive */
570 ObDereferenceObject(Thread);
571
572 /* Return */
573 return Status;
574
575 /* Most annoying failure case ever, where we undo almost all manually */
576Quickie:
577 /* When we get here, the process is locked, unlock it */
578 ExReleasePushLockExclusive(&Process->ProcessLock);
579 KeLeaveCriticalRegion();
580
581 /* Uninitailize it */
582 KeUninitThread(&Thread->Tcb);
583
584 /* If we had a TEB, delete it */
585 if (TebBase) MmDeleteTeb(Process, TebBase);
586
587 /* Release rundown protection, which we also hold */
588 ExReleaseRundownProtection(&Process->RundownProtect);
589
590 /* Dereference the thread and return failure */
591 ObDereferenceObject(Thread);
592 return STATUS_PROCESS_IS_TERMINATING;
593}
SeAccessCheck
BOOLEAN NTAPI SeAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, _In_ BOOLEAN SubjectContextLocked, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK PreviouslyGrantedAccess, _Out_ PPRIVILEGE_SET *Privileges, _In_ PGENERIC_MAPPING GenericMapping, _In_ KPROCESSOR_MODE AccessMode, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:1994
InsertTailList
#define InsertTailList(ListHead, Entry)
Definition: env_spec_w32.h:1003
KeQuerySystemTime
#define KeQuerySystemTime(t)
Definition: env_spec_w32.h:570
InitializeListHead
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
KeInitializeSpinLock
#define KeInitializeSpinLock(sl)
Definition: env_spec_w32.h:604
ExReleaseRundownProtection
#define ExReleaseRundownProtection
Definition: ex.h:136
ExGetPreviousMode
#define ExGetPreviousMode
Definition: ex.h:140
ExInitializeRundownProtection
#define ExInitializeRundownProtection
Definition: ex.h:137
ExAcquirePushLockExclusive
FORCEINLINE VOID ExAcquirePushLockExclusive(PEX_PUSH_LOCK PushLock)
Definition: ex.h:1036
ExReleasePushLockExclusive
FORCEINLINE VOID ExReleasePushLockExclusive(PEX_PUSH_LOCK PushLock)
Definition: ex.h:1252
ExAcquireRundownProtection
#define ExAcquireRundownProtection
Definition: ex.h:135
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2246
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
PROCESS_CREATE_THREAD
#define PROCESS_CREATE_THREAD
Definition: pstypes.h:158
THREAD_QUERY_INFORMATION
#define THREAD_QUERY_INFORMATION
Definition: pstypes.h:149
CT_DEAD_THREAD_BIT
#define CT_DEAD_THREAD_BIT
Definition: pstypes.h:239
CT_SYSTEM_THREAD_BIT
#define CT_SYSTEM_THREAD_BIT
Definition: pstypes.h:242
ASSERT
#define ASSERT(a)
Definition: mode.c:44
THREAD_TERMINATE
#define THREAD_TERMINATE
Definition: nt_native.h:1336
THREAD_SET_INFORMATION
#define THREAD_SET_INFORMATION
Definition: nt_native.h:1337
ExCreateHandle
HANDLE NTAPI ExCreateHandle(IN PHANDLE_TABLE HandleTable, IN PHANDLE_TABLE_ENTRY HandleTableEntry)
Definition: handle.c:827
KeGetContextPc
#define KeGetContextPc(Context)
Definition: ke.h:31
KeGetContextReturnRegister
#define KeGetContextReturnRegister(Context)
Definition: ke.h:40
KeInitThread
NTSTATUS NTAPI KeInitThread(IN OUT PKTHREAD Thread, IN PVOID KernelStack, IN PKSYSTEM_ROUTINE SystemRoutine, IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext, IN PCONTEXT Context, IN PVOID Teb, IN PKPROCESS Process)
Definition: thrdobj.c:756
KeForceResumeThread
ULONG NTAPI KeForceResumeThread(IN PKTHREAD Thread)
Definition: thrdobj.c:267
KeUninitThread
VOID NTAPI KeUninitThread(IN PKTHREAD Thread)
Definition: thrdobj.c:917
KeSuspendThread
ULONG NTAPI KeSuspendThread(PKTHREAD Thread)
Definition: thrdobj.c:601
KeResumeThread
ULONG NTAPI KeResumeThread(IN PKTHREAD Thread)
Definition: thrdobj.c:388
KeStartThread
VOID NTAPI KeStartThread(IN OUT PKTHREAD Thread)
Definition: thrdobj.c:489
KeReadyThread
VOID NTAPI KeReadyThread(IN PKTHREAD Thread)
Definition: thrdobj.c:106
MmCreateTeb
NTSTATUS NTAPI MmCreateTeb(IN PEPROCESS Process, IN PCLIENT_ID ClientId, IN PINITIAL_TEB InitialTeb, OUT PTEB *BaseTeb)
Definition: procsup.c:757
MmDeleteTeb
VOID NTAPI MmDeleteTeb(struct _EPROCESS *Process, PTEB Teb)
SeCreateAccessStateEx
NTSTATUS NTAPI SeCreateAccessStateEx(_In_ PETHREAD Thread, _In_ PEPROCESS Process, _In_ OUT PACCESS_STATE AccessState, _In_ PAUX_ACCESS_DATA AuxData, _In_ ACCESS_MASK Access, _In_ PGENERIC_MAPPING GenericMapping)
PsProcessType
POBJECT_TYPE PsProcessType
Definition: process.c:20
PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:440
PspUserThreadStartup
VOID NTAPI PspUserThreadStartup(IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext)
Definition: thread.c:26
MmReadClusterSize
ULONG MmReadClusterSize
Definition: mminit.c:21
PspSystemThreadStartup
VOID NTAPI PspSystemThreadStartup(IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext)
Definition: thread.c:139
STATUS_INVALID_HANDLE
#define STATUS_INVALID_HANDLE
Definition: ntstatus.h:245
STATUS_PENDING
#define STATUS_PENDING
Definition: ntstatus.h:82
STATUS_PROCESS_IS_TERMINATING
#define STATUS_PROCESS_IS_TERMINATING
Definition: ntstatus.h:502
ObDereferenceObjectEx
LONG FASTCALL ObDereferenceObjectEx(IN PVOID Object, IN LONG Count)
Definition: obref.c:88
ObReferenceObjectEx
LONG FASTCALL ObReferenceObjectEx(IN PVOID Object, IN LONG Count)
Definition: obref.c:77
ObFastDereferenceObject
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:167
ObCloseHandle
NTSTATUS NTAPI ObCloseHandle(IN HANDLE Handle, IN KPROCESSOR_MODE AccessMode)
Definition: obhandle.c:3379
ObInsertObject
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
Definition: obhandle.c:2935
ObCreateObject
NTSTATUS NTAPI ObCreateObject(IN KPROCESSOR_MODE ProbeMode OPTIONAL, IN POBJECT_TYPE Type, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext OPTIONAL, IN ULONG ObjectSize, IN ULONG PagedPoolCharge OPTIONAL, IN ULONG NonPagedPoolCharge OPTIONAL, OUT PVOID *Object)
Definition: oblife.c:1039
ObReferenceObjectByHandle
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
ObGetObjectSecurity
NTSTATUS NTAPI ObGetObjectSecurity(IN PVOID Object, OUT PSECURITY_DESCRIPTOR *SecurityDescriptor, OUT PBOOLEAN MemoryAllocated)
Definition: obsecure.c:611
ObReleaseObjectSecurity
VOID NTAPI ObReleaseObjectSecurity(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN MemoryAllocated)
Definition: obsecure.c:709
PSREFTRACE
#define PSREFTRACE(x)
Definition: ps.h:58
PspSetCrossThreadFlag
#define PspSetCrossThreadFlag(Thread, Flag)
Definition: ps_x.h:25
PspRunCreateThreadNotifyRoutines
FORCEINLINE VOID PspRunCreateThreadNotifyRoutines(IN PETHREAD CurrentThread, IN BOOLEAN Create)
Definition: ps_x.h:40
KeInitializeSemaphore
VOID NTAPI KeInitializeSemaphore(IN PKSEMAPHORE Semaphore, IN LONG Count, IN LONG Limit)
Definition: semphobj.c:22
_ETHREAD::StartAddress
PKSTART_ROUTINE StartAddress
Definition: pstypes.h:1155
_ETHREAD::ExitStatus
NTSTATUS ExitStatus
Definition: pstypes.h:1113
_ETHREAD::RundownProtect
EX_RUNDOWN_REF RundownProtect
Definition: pstypes.h:1159
_ETHREAD::ReadClusterSize
ULONG ReadClusterSize
Definition: pstypes.h:1164
_ETHREAD::Win32StartAddress
PVOID Win32StartAddress
Definition: pstypes.h:1152
_ETHREAD::IrpList
LIST_ENTRY IrpList
Definition: pstypes.h:1144
_ETHREAD::ActiveTimerListHead
LIST_ENTRY ActiveTimerListHead
Definition: pstypes.h:1127
_ETHREAD::ActiveTimerListLock
KSPIN_LOCK ActiveTimerListLock
Definition: pstypes.h:1126
_ETHREAD::CreateTime
LARGE_INTEGER CreateTime
Definition: pstypes.h:1104
_ETHREAD::ThreadListEntry
LIST_ENTRY ThreadListEntry
Definition: pstypes.h:1158
_ETHREAD::LpcReplyChain
LIST_ENTRY LpcReplyChain
Definition: pstypes.h:1108
_ETHREAD::PostBlockList
LIST_ENTRY PostBlockList
Definition: pstypes.h:1116
_HANDLE_TABLE_ENTRY::GrantedAccess
ULONG GrantedAccess
Definition: extypes.h:606
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
_SECURITY_SUBJECT_CONTEXT
Definition: setypes.h:217
_TEB
Definition: compat.h:836
PVOID
void * PVOID
Definition: typedefs.h:50
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_LARGE_INTEGER::HighPart
LONG HighPart
Definition: typedefs.h:107
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
ObReferenceObject
#define ObReferenceObject
Definition: obfuncs.h:204
PsGetCurrentProcess
#define PsGetCurrentProcess
Definition: psfuncs.h:17
AccessStatus
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:21

Referenced by NtCreateThread(), and PsCreateSystemThread().

◆ PspSystemThreadStartup()

VOID NTAPI PspSystemThreadStartup ( IN PKSTART_ROUTINE  StartRoutine,
IN PVOID  StartContext 
)

Definition at line 139 of file thread.c.

141{
142 PETHREAD Thread;
143 PSTRACE(PS_THREAD_DEBUG,
144 "StartRoutine: %p StartContext: %p\n", StartRoutine, StartContext);
145
146 /* Unlock the dispatcher Database */
147 KeLowerIrql(PASSIVE_LEVEL);
148 Thread = PsGetCurrentThread();
149
150 /* Make sure the thread isn't gone */
151 _SEH2_TRY
152 {
153 if (!(Thread->Terminated) && !(Thread->DeadThread))
154 {
155 /* Call the Start Routine */
156 StartRoutine(StartContext);
157 }
158 }
159 _SEH2_EXCEPT(PspUnhandledExceptionInSystemThread(_SEH2_GetExceptionInformation()))
160 {
161 /* Bugcheck if we got here */
162 KeBugCheck(KMODE_EXCEPTION_NOT_HANDLED);
163 }
164 _SEH2_END;
165
166 /* Exit the thread */
167 PspTerminateThreadByPointer(Thread, STATUS_SUCCESS, TRUE);
168}
KeBugCheck
DECLSPEC_NORETURN VOID NTAPI KeBugCheck(ULONG BugCheckCode)
Definition: bug.c:1430
PASSIVE_LEVEL
#define PASSIVE_LEVEL
Definition: env_spec_w32.h:693
KeLowerIrql
#define KeLowerIrql(oldIrql)
Definition: env_spec_w32.h:602
PspUnhandledExceptionInSystemThread
LONG PspUnhandledExceptionInSystemThread(PEXCEPTION_POINTERS ExceptionPointers)
Definition: thread.c:115
PspTerminateThreadByPointer
NTSTATUS NTAPI PspTerminateThreadByPointer(IN PETHREAD Thread, IN NTSTATUS ExitStatus, IN BOOLEAN bSelf)
Definition: kill.c:988
_SEH2_GetExceptionInformation
#define _SEH2_GetExceptionInformation()
Definition: pseh2_64.h:158

Referenced by PspCreateThread().

◆ PspUnhandledExceptionInSystemThread()

LONG PspUnhandledExceptionInSystemThread ( PEXCEPTION_POINTERS  ExceptionPointers)

Definition at line 115 of file thread.c.

116{
117 /* Print debugging information */
118 DPRINT1("PS: Unhandled Kernel Mode Exception Pointers = 0x%p\n",
119 ExceptionPointers);
120 DPRINT1("Code %x Addr %p Info0 %p Info1 %p Info2 %p Info3 %p\n",
121 ExceptionPointers->ExceptionRecord->ExceptionCode,
122 ExceptionPointers->ExceptionRecord->ExceptionAddress,
123 ExceptionPointers->ExceptionRecord->ExceptionInformation[0],
124 ExceptionPointers->ExceptionRecord->ExceptionInformation[1],
125 ExceptionPointers->ExceptionRecord->ExceptionInformation[2],
126 ExceptionPointers->ExceptionRecord->ExceptionInformation[3]);
127
128 /* Bugcheck the system */
129 KeBugCheckEx(SYSTEM_THREAD_EXCEPTION_NOT_HANDLED,
130 ExceptionPointers->ExceptionRecord->ExceptionCode,
131 (ULONG_PTR)ExceptionPointers->ExceptionRecord->ExceptionAddress,
132 (ULONG_PTR)ExceptionPointers->ExceptionRecord,
133 (ULONG_PTR)ExceptionPointers->ContextRecord);
134 return 0;
135}
DPRINT1
#define DPRINT1
Definition: precomp.h:8
KeBugCheckEx
VOID NTAPI KeBugCheckEx(_In_ ULONG BugCheckCode, _In_ ULONG_PTR BugCheckParameter1, _In_ ULONG_PTR BugCheckParameter2, _In_ ULONG_PTR BugCheckParameter3, _In_ ULONG_PTR BugCheckParameter4)
Definition: rtlcompat.c:108
_EXCEPTION_POINTERS::ExceptionRecord
PEXCEPTION_RECORD ExceptionRecord
Definition: rtltypes.h:200
_EXCEPTION_POINTERS::ContextRecord
PCONTEXT ContextRecord
Definition: rtltypes.h:201
_EXCEPTION_RECORD::ExceptionCode
DWORD ExceptionCode
Definition: compat.h:208
_EXCEPTION_RECORD::ExceptionInformation
ULONG_PTR ExceptionInformation[EXCEPTION_MAXIMUM_PARAMETERS]
Definition: compat.h:213
_EXCEPTION_RECORD::ExceptionAddress
PVOID ExceptionAddress
Definition: compat.h:211
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65

Referenced by PspSystemThreadStartup().

◆ PspUserThreadStartup()

VOID NTAPI PspUserThreadStartup ( IN PKSTART_ROUTINE  StartRoutine,
IN PVOID  StartContext 
)

Definition at line 26 of file thread.c.

28{
29 PETHREAD Thread;
30 PTEB Teb;
31 BOOLEAN DeadThread = FALSE;
32 KIRQL OldIrql;
33 PAGED_CODE();
34 PSTRACE(PS_THREAD_DEBUG,
35 "StartRoutine: %p StartContext: %p\n", StartRoutine, StartContext);
36
37 /* Go to Passive Level */
38 KeLowerIrql(PASSIVE_LEVEL);
39 Thread = PsGetCurrentThread();
40
41 /* Check if the thread is dead */
42 if (Thread->DeadThread)
43 {
44 /* Remember that we're dead */
45 DeadThread = TRUE;
46 }
47 else
48 {
49 /* Get the Locale ID and save Preferred Proc */
50 Teb = NtCurrentTeb();
51 Teb->CurrentLocale = MmGetSessionLocaleId();
52 Teb->IdealProcessor = Thread->Tcb.IdealProcessor;
53 }
54
55 /* Check if this is a dead thread, or if we're hiding */
56 if (!(Thread->DeadThread) && !(Thread->HideFromDebugger))
57 {
58 /* We're not, so notify the debugger */
59 DbgkCreateThread(Thread, StartContext);
60 }
61
62 /* Make sure we're not already dead */
63 if (!DeadThread)
64 {
65 /* Check if the Prefetcher is enabled */
66 if (CcPfEnablePrefetcher)
67 {
68 /* FIXME: Prepare to prefetch this process */
69 }
70
71 /* Raise to APC */
72 KeRaiseIrql(APC_LEVEL, &OldIrql);
73
74 /* Queue the User APC */
75 KiInitializeUserApc(KeGetExceptionFrame(&Thread->Tcb),
76 KeGetTrapFrame(&Thread->Tcb),
77 PspSystemDllEntryPoint,
78 NULL,
79 PspSystemDllBase,
80 NULL);
81
82 /* Lower it back to passive */
83 KeLowerIrql(PASSIVE_LEVEL);
84 }
85 else
86 {
87 /* We're dead, kill us now */
88 PspTerminateThreadByPointer(Thread,
89 STATUS_THREAD_IS_TERMINATING,
90 TRUE);
91 }
92
93 /* Do we have a cookie set yet? */
94 while (!SharedUserData->Cookie)
95 {
96 LARGE_INTEGER SystemTime;
97 ULONG NewCookie;
98 PKPRCB Prcb;
99
100 /* Generate a new cookie */
101 KeQuerySystemTime(&SystemTime);
102 Prcb = KeGetCurrentPrcb();
103 NewCookie = (Prcb->MmPageFaultCount ^ Prcb->InterruptTime ^
104 SystemTime.u.LowPart ^ SystemTime.u.HighPart ^
105 (ULONG)(ULONG_PTR)&SystemTime);
106
107 /* Set the new cookie*/
108 InterlockedCompareExchange((LONG*)&SharedUserData->Cookie,
109 NewCookie,
110 0);
111 }
112}
DbgkCreateThread
VOID NTAPI DbgkCreateThread(IN PETHREAD Thread, IN PVOID StartAddress)
Definition: dbgkutil.c:87
KIRQL
UCHAR KIRQL
Definition: env_spec_w32.h:591
KeRaiseIrql
#define KeRaiseIrql(irql, oldIrql)
Definition: env_spec_w32.h:597
APC_LEVEL
#define APC_LEVEL
Definition: env_spec_w32.h:695
InterlockedCompareExchange
#define InterlockedCompareExchange
Definition: interlocked.h:104
NtCurrentTeb
#define NtCurrentTeb
Definition: iphlpapi_private.h:4
ULONG
static ULONG
Definition: thread.c:78
KeGetCurrentPrcb
FORCEINLINE struct _KPRCB * KeGetCurrentPrcb(VOID)
Definition: ketypes.h:1161
KeGetExceptionFrame
#define KeGetExceptionFrame(Thread)
Definition: ke.h:225
KeGetTrapFrame
#define KeGetTrapFrame(Thread)
Definition: ke.h:208
KiInitializeUserApc
VOID NTAPI KiInitializeUserApc(IN PKEXCEPTION_FRAME Reserved, IN PKTRAP_FRAME TrapFrame, IN PKNORMAL_ROUTINE NormalRoutine, IN PVOID NormalContext, IN PVOID SystemArgument1, IN PVOID SystemArgument2)
Definition: usercall.c:266
MmGetSessionLocaleId
ULONG NTAPI MmGetSessionLocaleId(VOID)
Definition: session.c:56
CcPfEnablePrefetcher
BOOLEAN CcPfEnablePrefetcher
Definition: cacheman.c:17
STATUS_THREAD_IS_TERMINATING
#define STATUS_THREAD_IS_TERMINATING
Definition: ntstatus.h:311
LONG
long LONG
Definition: pedump.c:60
PspSystemDllEntryPoint
PVOID PspSystemDllEntryPoint
Definition: psmgr.c:43
PspSystemDllBase
PVOID PspSystemDllBase
Definition: psmgr.c:41
SharedUserData
#define SharedUserData
_ETHREAD::HideFromDebugger
ULONG HideFromDebugger
Definition: pstypes.h:1180
_KPRCB
Definition: ketypes.h:640
_KPRCB::InterruptTime
ULONG InterruptTime
Definition: ketypes.h:820
_KPRCB::MmPageFaultCount
LONG MmPageFaultCount
Definition: ketypes.h:713
_KTHREAD::IdealProcessor
ULONG IdealProcessor
Definition: ketypes.h:1944
_TEB::CurrentLocale
ULONG CurrentLocale
Definition: compat.h:849
_LARGE_INTEGER
Definition: typedefs.h:103
_LARGE_INTEGER::u
struct _LARGE_INTEGER::@2295 u
OldIrql
_Requires_lock_held_ Interrupt _Releases_lock_ Interrupt _In_ _IRQL_restores_ KIRQL OldIrql
Definition: kefuncs.h:778

Referenced by PspCreateThread().

◆ PsSetThreadHardErrorsAreDisabled()

VOID NTAPI PsSetThreadHardErrorsAreDisabled ( IN PETHREAD  Thread,
IN BOOLEAN  HardErrorsAreDisabled 
)

Definition at line 898 of file thread.c.

900{
901 Thread->HardErrorsAreDisabled = HardErrorsAreDisabled;
902}

Referenced by MountMgrMountedDeviceNotification(), and MountMgrVolumeArrivalNotification().

◆ PsSetThreadWin32Thread()

PVOID NTAPI PsSetThreadWin32Thread ( _Inout_ PETHREAD  Thread,
_In_ PVOID  Win32Thread,
_In_ PVOID  OldWin32Thread 
)

Definition at line 909 of file thread.c.

913{
914 /* Are we setting the win32 process? */
915 if (Win32Thread != NULL)
916 {
917 /* Just exchange it */
918 return InterlockedExchangePointer(&Thread->Tcb.Win32Thread,
919 Win32Thread);
920 }
921 else
922 {
923 /* We are resetting, only exchange when the old win32 thread matches */
924 return InterlockedCompareExchangePointer(&Thread->Tcb.Win32Thread,
925 Win32Thread,
926 OldWin32Thread);
927 }
928}
InterlockedExchangePointer
#define InterlockedExchangePointer(Target, Value)
Definition: dshow.h:45
InterlockedCompareExchangePointer
#define InterlockedCompareExchangePointer
Definition: interlocked.h:129

Referenced by AllocW32Thread(), and ExitThreadCallback().

◆ PsWrapApcWow64Thread()

NTSTATUS NTAPI PsWrapApcWow64Thread ( IN OUT PVOID ApcContext,
IN OUT PVOID ApcRoutine 
)

Definition at line 932 of file thread.c.

934{
935 UNIMPLEMENTED;
936 return STATUS_NOT_IMPLEMENTED;
937}
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: debug.h:115
STATUS_NOT_IMPLEMENTED
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:239

Variable Documentation

◆ CcPfEnablePrefetcher

BOOLEAN CcPfEnablePrefetcher
extern

Definition at line 17 of file cacheman.c.

Referenced by PspUserThreadStartup().

◆ MmReadClusterSize

ULONG MmReadClusterSize
extern

Definition at line 21 of file mminit.c.

Referenced by PspCreateThread().

◆ PsThreadType

POBJECT_TYPE PsThreadType = NULL

Definition at line 20 of file thread.c.

Referenced by BehaviorChecks(), DbgkpOpenHandles(), DriverEntry(), ExpCreateWorkerThread(), KmtStartThread(), NtAlertResumeThread(), NtAlertThread(), NtGetContextThread(), NtImpersonateAnonymousToken(), NtImpersonateThread(), NtOpenThread(), NtOpenThreadTokenEx(), NtQueryInformationThread(), NtQueueApcThreadEx(), NtResumeThread(), NtSetContextThread(), NtSetInformationThread(), NtSuspendThread(), NtTerminateThread(), NtUserQueryInformationThread(), NtUserSetInformationThread(), ObReferenceObjectByHandle(), PageFileBehaviorChecks(), PspCreateThread(), PspInitPhase0(), RxpWorkerThreadDispatcher(), RxSpinUpRequestsDispatcher(), SepOpenThreadToken(), StartThread(), SystemProcessTest(), TestEventConcurrent(), and TestObjectTypes().