ReactOS  0.4.13-dev-235-g7373cb3
thread.c
Go to the documentation of this file.
1 /*
2  * PROJECT: ReactOS Kernel
3  * LICENSE: GPL - See COPYING in the top level directory
4  * FILE: ntoskrnl/ps/thread.c
5  * PURPOSE: Process Manager: Thread Management
6  * PROGRAMMERS: Alex Ionescu (alex.ionescu@reactos.org)
7  * Thomas Weidenmueller (w3seek@reactos.org)
8  */
9 
10 /* INCLUDES ****************************************************************/
11 
12 #include <ntoskrnl.h>
13 #define NDEBUG
14 #include <debug.h>
15 
16 /* GLOBALS ******************************************************************/
17 
18 extern BOOLEAN CcPfEnablePrefetcher;
19 extern ULONG MmReadClusterSize;
20 POBJECT_TYPE PsThreadType = NULL;
21 
22 /* PRIVATE FUNCTIONS *********************************************************/
23 
24 VOID
25 NTAPI
26 PspUserThreadStartup(IN PKSTART_ROUTINE StartRoutine,
27  IN PVOID StartContext)
28 {
29  PETHREAD Thread;
30  PTEB Teb;
31  BOOLEAN DeadThread = FALSE;
32  KIRQL OldIrql;
33  PAGED_CODE();
34  PSTRACE(PS_THREAD_DEBUG,
35  "StartRoutine: %p StartContext: %p\n", StartRoutine, StartContext);
36 
37  /* Go to Passive Level */
38  KeLowerIrql(PASSIVE_LEVEL);
39  Thread = PsGetCurrentThread();
40 
41  /* Check if the thread is dead */
42  if (Thread->DeadThread)
43  {
44  /* Remember that we're dead */
45  DeadThread = TRUE;
46  }
47  else
48  {
49  /* Get the Locale ID and save Preferred Proc */
50  Teb = NtCurrentTeb();
51  Teb->CurrentLocale = MmGetSessionLocaleId();
52  Teb->IdealProcessor = Thread->Tcb.IdealProcessor;
53  }
54 
55  /* Check if this is a dead thread, or if we're hiding */
56  if (!(Thread->DeadThread) && !(Thread->HideFromDebugger))
57  {
58  /* We're not, so notify the debugger */
59  DbgkCreateThread(Thread, StartContext);
60  }
61 
62  /* Make sure we're not already dead */
63  if (!DeadThread)
64  {
65  /* Check if the Prefetcher is enabled */
66  if (CcPfEnablePrefetcher)
67  {
68  /* FIXME: Prepare to prefetch this process */
69  }
70 
71  /* Raise to APC */
72  KeRaiseIrql(APC_LEVEL, &OldIrql);
73 
74  /* Queue the User APC */
75  KiInitializeUserApc(KeGetExceptionFrame(&Thread->Tcb),
76  KeGetTrapFrame(&Thread->Tcb),
77  PspSystemDllEntryPoint,
78  NULL,
79  PspSystemDllBase,
80  NULL);
81 
82  /* Lower it back to passive */
83  KeLowerIrql(PASSIVE_LEVEL);
84  }
85  else
86  {
87  /* We're dead, kill us now */
88  PspTerminateThreadByPointer(Thread,
89  STATUS_THREAD_IS_TERMINATING,
90  TRUE);
91  }
92 
93  /* Do we have a cookie set yet? */
94  while (!SharedUserData->Cookie)
95  {
96  LARGE_INTEGER SystemTime;
97  ULONG NewCookie;
98  PKPRCB Prcb;
99 
100  /* Generate a new cookie */
101  KeQuerySystemTime(&SystemTime);
102  Prcb = KeGetCurrentPrcb();
103  NewCookie = (Prcb->MmPageFaultCount ^ Prcb->InterruptTime ^
104  SystemTime.u.LowPart ^ SystemTime.u.HighPart ^
105  (ULONG)(ULONG_PTR)&SystemTime);
106 
107  /* Set the new cookie*/
108  InterlockedCompareExchange((LONG*)&SharedUserData->Cookie,
109  NewCookie,
110  0);
111  }
112 }
113 
114 LONG
115 PspUnhandledExceptionInSystemThread(PEXCEPTION_POINTERS ExceptionPointers)
116 {
117  /* Print debugging information */
118  DPRINT1("PS: Unhandled Kernel Mode Exception Pointers = 0x%p\n",
119  ExceptionPointers);
120  DPRINT1("Code %x Addr %p Info0 %p Info1 %p Info2 %p Info3 %p\n",
121  ExceptionPointers->ExceptionRecord->ExceptionCode,
122  ExceptionPointers->ExceptionRecord->ExceptionAddress,
123  ExceptionPointers->ExceptionRecord->ExceptionInformation[0],
124  ExceptionPointers->ExceptionRecord->ExceptionInformation[1],
125  ExceptionPointers->ExceptionRecord->ExceptionInformation[2],
126  ExceptionPointers->ExceptionRecord->ExceptionInformation[3]);
127 
128  /* Bugcheck the system */
129  KeBugCheckEx(SYSTEM_THREAD_EXCEPTION_NOT_HANDLED,
130  ExceptionPointers->ExceptionRecord->ExceptionCode,
131  (ULONG_PTR)ExceptionPointers->ExceptionRecord->ExceptionAddress,
132  (ULONG_PTR)ExceptionPointers->ExceptionRecord,
133  (ULONG_PTR)ExceptionPointers->ContextRecord);
134  return 0;
135 }
136 
137 VOID
138 NTAPI
139 PspSystemThreadStartup(IN PKSTART_ROUTINE StartRoutine,
140  IN PVOID StartContext)
141 {
142  PETHREAD Thread;
143  PSTRACE(PS_THREAD_DEBUG,
144  "StartRoutine: %p StartContext: %p\n", StartRoutine, StartContext);
145 
146  /* Unlock the dispatcher Database */
147  KeLowerIrql(PASSIVE_LEVEL);
148  Thread = PsGetCurrentThread();
149 
150  /* Make sure the thread isn't gone */
151  _SEH2_TRY
152  {
153  if (!(Thread->Terminated) && !(Thread->DeadThread))
154  {
155  /* Call the Start Routine */
156  StartRoutine(StartContext);
157  }
158  }
159  _SEH2_EXCEPT(PspUnhandledExceptionInSystemThread(_SEH2_GetExceptionInformation()))
160  {
161  /* Bugcheck if we got here */
162  KeBugCheck(KMODE_EXCEPTION_NOT_HANDLED);
163  }
164  _SEH2_END;
165 
166  /* Exit the thread */
167  PspTerminateThreadByPointer(Thread, STATUS_SUCCESS, TRUE);
168 }
169 
170 NTSTATUS
171 NTAPI
172 PspCreateThread(OUT PHANDLE ThreadHandle,
173  IN ACCESS_MASK DesiredAccess,
174  IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
175  IN HANDLE ProcessHandle,
176  IN PEPROCESS TargetProcess,
177  OUT PCLIENT_ID ClientId,
178  IN PCONTEXT ThreadContext,
179  IN PINITIAL_TEB InitialTeb,
180  IN BOOLEAN CreateSuspended,
181  IN PKSTART_ROUTINE StartRoutine OPTIONAL,
182  IN PVOID StartContext OPTIONAL)
183 {
184  HANDLE hThread;
185  PEPROCESS Process;
186  PETHREAD Thread;
187  PTEB TebBase = NULL;
188  KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
189  NTSTATUS Status, AccessStatus;
190  HANDLE_TABLE_ENTRY CidEntry;
191  ACCESS_STATE LocalAccessState;
192  PACCESS_STATE AccessState = &LocalAccessState;
193  AUX_ACCESS_DATA AuxData;
194  BOOLEAN Result, SdAllocated;
195  PSECURITY_DESCRIPTOR SecurityDescriptor;
196  SECURITY_SUBJECT_CONTEXT SubjectContext;
197  PAGED_CODE();
198  PSTRACE(PS_THREAD_DEBUG,
199  "ThreadContext: %p TargetProcess: %p ProcessHandle: %p\n",
200  ThreadContext, TargetProcess, ProcessHandle);
201 
202  /* If we were called from PsCreateSystemThread, then we're kernel mode */
203  if (StartRoutine) PreviousMode = KernelMode;
204 
205  /* Reference the Process by handle or pointer, depending on what we got */
206  if (ProcessHandle)
207  {
208  /* Normal thread or System Thread */
209  Status = ObReferenceObjectByHandle(ProcessHandle,
210  PROCESS_CREATE_THREAD,
211  PsProcessType,
212  PreviousMode,
213  (PVOID*)&Process,
214  NULL);
215  PSREFTRACE(Process);
216  }
217  else
218  {
219  /* System thread inside System Process, or Normal Thread with a bug */
220  if (StartRoutine)
221  {
222  /* Reference the Process by Pointer */
223  ObReferenceObject(TargetProcess);
224  Process = TargetProcess;
225  Status = STATUS_SUCCESS;
226  }
227  else
228  {
229  /* Fake ObReference returning this */
230  Status = STATUS_INVALID_HANDLE;
231  }
232  }
233 
234  /* Check for success */
235  if (!NT_SUCCESS(Status)) return Status;
236 
237  /* Also make sure that User-Mode isn't trying to create a system thread */
238  if ((PreviousMode != KernelMode) && (Process == PsInitialSystemProcess))
239  {
240  /* Fail */
241  ObDereferenceObject(Process);
242  return STATUS_INVALID_HANDLE;
243  }
244 
245  /* Create Thread Object */
246  Status = ObCreateObject(PreviousMode,
247  PsThreadType,
248  ObjectAttributes,
249  PreviousMode,
250  NULL,
251  sizeof(ETHREAD),
252  0,
253  0,
254  (PVOID*)&Thread);
255  if (!NT_SUCCESS(Status))
256  {
257  /* We failed; dereference the process and exit */
258  ObDereferenceObject(Process);
259  return Status;
260  }
261 
262  /* Zero the Object entirely */
263  RtlZeroMemory(Thread, sizeof(ETHREAD));
264 
265  /* Initialize rundown protection */
266  ExInitializeRundownProtection(&Thread->RundownProtect);
267 
268  /* Initialize exit code */
269  Thread->ExitStatus = STATUS_PENDING;
270 
271  /* Set the Process CID */
272  Thread->ThreadsProcess = Process;
273  Thread->Cid.UniqueProcess = Process->UniqueProcessId;
274 
275  /* Create Cid Handle */
276  CidEntry.Object = Thread;
277  CidEntry.GrantedAccess = 0;
278  Thread->Cid.UniqueThread = ExCreateHandle(PspCidTable, &CidEntry);
279  if (!Thread->Cid.UniqueThread)
280  {
281  /* We couldn't create the CID, dereference the thread and fail */
282  ObDereferenceObject(Thread);
283  return STATUS_INSUFFICIENT_RESOURCES;
284  }
285 
286  /* Save the read cluster size */
287  Thread->ReadClusterSize = MmReadClusterSize;
288 
289  /* Initialize the LPC Reply Semaphore */
290  KeInitializeSemaphore(&Thread->LpcReplySemaphore, 0, 1);
291 
292  /* Initialize the list heads and locks */
293  InitializeListHead(&Thread->LpcReplyChain);
294  InitializeListHead(&Thread->IrpList);
295  InitializeListHead(&Thread->PostBlockList);
296  InitializeListHead(&Thread->ActiveTimerListHead);
297  KeInitializeSpinLock(&Thread->ActiveTimerListLock);
298 
299  /* Acquire rundown protection */
300  if (!ExAcquireRundownProtection (&Process->RundownProtect))
301  {
302  /* Fail */
303  ObDereferenceObject(Thread);
304  return STATUS_PROCESS_IS_TERMINATING;
305  }
306 
307  /* Now let the kernel initialize the context */
308  if (ThreadContext)
309  {
310  /* User-mode Thread, create Teb */
311  Status = MmCreateTeb(Process, &Thread->Cid, InitialTeb, &TebBase);
312  if (!NT_SUCCESS(Status))
313  {
314  /* Failed to create the TEB. Release rundown and dereference */
315  ExReleaseRundownProtection(&Process->RundownProtect);
316  ObDereferenceObject(Thread);
317  return Status;
318  }
319 
320  /* Set the Start Addresses from the untrusted ThreadContext */
321  _SEH2_TRY
322  {
323  Thread->StartAddress = (PVOID)KeGetContextPc(ThreadContext);
324  Thread->Win32StartAddress = (PVOID)KeGetContextReturnRegister(ThreadContext);
325  }
326  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
327  {
328  Status = _SEH2_GetExceptionCode();
329  }
330  _SEH2_END;
331 
332  /* Let the kernel intialize the Thread */
333  if (NT_SUCCESS(Status))
334  {
335  Status = KeInitThread(&Thread->Tcb,
336  NULL,
337  PspUserThreadStartup,
338  NULL,
339  Thread->StartAddress,
340  ThreadContext,
341  TebBase,
342  &Process->Pcb);
343  }
344  }
345  else
346  {
347  /* System Thread */
348  Thread->StartAddress = StartRoutine;
349  PspSetCrossThreadFlag(Thread, CT_SYSTEM_THREAD_BIT);
350 
351  /* Let the kernel intialize the Thread */
352  Status = KeInitThread(&Thread->Tcb,
353  NULL,
354  PspSystemThreadStartup,
355  StartRoutine,
356  StartContext,
357  NULL,
358  NULL,
359  &Process->Pcb);
360  }
361 
362  /* Check if we failed */
363  if (!NT_SUCCESS(Status))
364  {
365  /* Delete the TEB if we had done */
366  if (TebBase) MmDeleteTeb(Process, TebBase);
367 
368  /* Release rundown and dereference */
369  ExReleaseRundownProtection(&Process->RundownProtect);
370  ObDereferenceObject(Thread);
371  return Status;
372  }
373 
374  /* Lock the process */
375  KeEnterCriticalRegion();
376  ExAcquirePushLockExclusive(&Process->ProcessLock);
377 
378  /* Make sure the proces didn't just die on us */
379  if (Process->ProcessDelete) goto Quickie;
380 
381  /* Check if the thread was ours, terminated and it was user mode */
382  if ((Thread->Terminated) &&
383  (ThreadContext) &&
384  (Thread->ThreadsProcess == Process))
385  {
386  /* Cleanup, we don't want to start it up and context switch */
387  goto Quickie;
388  }
389 
390  /*
391  * Insert the Thread into the Process's Thread List
392  * Note, this is the ETHREAD Thread List. It is removed in
393  * ps/kill.c!PspExitThread.
394  */
395  InsertTailList(&Process->ThreadListHead, &Thread->ThreadListEntry);
396  Process->ActiveThreads++;
397 
398  /* Start the thread */
399  KeStartThread(&Thread->Tcb);
400 
401  /* Release the process lock */
402  ExReleasePushLockExclusive(&Process->ProcessLock);
403  KeLeaveCriticalRegion();
404 
405  /* Release rundown */
406  ExReleaseRundownProtection(&Process->RundownProtect);
407 
408  /* Notify WMI */
409  //WmiTraceProcess(Process, TRUE);
410  //WmiTraceThread(Thread, InitialTeb, TRUE);
411 
412  /* Notify Thread Creation */
413  PspRunCreateThreadNotifyRoutines(Thread, TRUE);
414 
415  /* Reference ourselves as a keep-alive */
416  ObReferenceObjectEx(Thread, 2);
417 
418  /* Suspend the Thread if we have to */
419  if (CreateSuspended) KeSuspendThread(&Thread->Tcb);
420 
421  /* Check if we were already terminated */
422  if (Thread->Terminated) KeForceResumeThread(&Thread->Tcb);
423 
424  /* Create an access state */
425  Status = SeCreateAccessStateEx(NULL,
426  ThreadContext ?
427  PsGetCurrentProcess() : Process,
428  &LocalAccessState,
429  &AuxData,
430  DesiredAccess,
431  &PsThreadType->TypeInfo.GenericMapping);
432  if (!NT_SUCCESS(Status))
433  {
434  /* Access state failed, thread is dead */
435  PspSetCrossThreadFlag(Thread, CT_DEAD_THREAD_BIT);
436 
437  /* If we were suspended, wake it up */
438  if (CreateSuspended) KeResumeThread(&Thread->Tcb);
439 
440  /* Dispatch thread */
441  KeReadyThread(&Thread->Tcb);
442 
443  /* Dereference completely to kill it */
444  ObDereferenceObjectEx(Thread, 2);
445  return Status;
446  }
447 
448  /* Insert the Thread into the Object Manager */
449  Status = ObInsertObject(Thread,
450  AccessState,
451  DesiredAccess,
452  0,
453  NULL,
454  &hThread);
455 
456  /* Delete the access state if we had one */
457  if (AccessState) SeDeleteAccessState(AccessState);
458 
459  /* Check for success */
460  if (NT_SUCCESS(Status))
461  {
462  /* Wrap in SEH to protect against bad user-mode pointers */
463  _SEH2_TRY
464  {
465  /* Return Cid and Handle */
466  if (ClientId) *ClientId = Thread->Cid;
467  *ThreadHandle = hThread;
468  }
469  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
470  {
471  /* Thread insertion failed, thread is dead */
472  PspSetCrossThreadFlag(Thread, CT_DEAD_THREAD_BIT);
473 
474  /* If we were suspended, wake it up */
475  if (CreateSuspended) KeResumeThread(&Thread->Tcb);
476 
477  /* Dispatch thread */
478  KeReadyThread(&Thread->Tcb);
479 
480  /* Dereference it, leaving only the keep-alive */
481  ObDereferenceObject(Thread);
482 
483  /* Close its handle, killing it */
484  ObCloseHandle(hThread, PreviousMode);
485 
486  /* Return the exception code */
487  _SEH2_YIELD(return _SEH2_GetExceptionCode());
488  }
489  _SEH2_END;
490  }
491  else
492  {
493  /* Thread insertion failed, thread is dead */
494  PspSetCrossThreadFlag(Thread, CT_DEAD_THREAD_BIT);
495 
496  /* If we were suspended, wake it up */
497  if (CreateSuspended) KeResumeThread(&Thread->Tcb);
498  }
499 
500  /* Get the create time */
501  KeQuerySystemTime(&Thread->CreateTime);
502  ASSERT(!(Thread->CreateTime.HighPart & 0xF0000000));
503 
504  /* Make sure the thread isn't dead */
505  if (!Thread->DeadThread)
506  {
507  /* Get the thread's SD */
508  Status = ObGetObjectSecurity(Thread,
509  &SecurityDescriptor,
510  &SdAllocated);
511  if (!NT_SUCCESS(Status))
512  {
513  /* Thread insertion failed, thread is dead */
514  PspSetCrossThreadFlag(Thread, CT_DEAD_THREAD_BIT);
515 
516  /* If we were suspended, wake it up */
517  if (CreateSuspended) KeResumeThread(&Thread->Tcb);
518 
519  /* Dispatch thread */
520  KeReadyThread(&Thread->Tcb);
521 
522  /* Dereference it, leaving only the keep-alive */
523  ObDereferenceObject(Thread);
524 
525  /* Close its handle, killing it */
526  ObCloseHandle(hThread, PreviousMode);
527  return Status;
528  }
529 
530  /* Create the subject context */
531  SubjectContext.ProcessAuditId = Process;
532  SubjectContext.PrimaryToken = PsReferencePrimaryToken(Process);
533  SubjectContext.ClientToken = NULL;
534 
535  /* Do the access check */
536  Result = SeAccessCheck(SecurityDescriptor,
537  &SubjectContext,
538  FALSE,
539  MAXIMUM_ALLOWED,
540  0,
541  NULL,
542  &PsThreadType->TypeInfo.GenericMapping,
543  PreviousMode,
544  &Thread->GrantedAccess,
545  &AccessStatus);
546 
547  /* Dereference the token and let go the SD */
548  ObFastDereferenceObject(&Process->Token,
549  SubjectContext.PrimaryToken);
550  ObReleaseObjectSecurity(SecurityDescriptor, SdAllocated);
551 
552  /* Remove access if it failed */
553  if (!Result) Process->GrantedAccess = 0;
554 
555  /* Set least some minimum access */
556  Thread->GrantedAccess |= (THREAD_TERMINATE |
557  THREAD_SET_INFORMATION |
558  THREAD_QUERY_INFORMATION);
559  }
560  else
561  {
562  /* Set the thread access mask to maximum */
563  Thread->GrantedAccess = THREAD_ALL_ACCESS;
564  }
565 
566  /* Dispatch thread */
567  KeReadyThread(&Thread->Tcb);
568 
569  /* Dereference it, leaving only the keep-alive */
570  ObDereferenceObject(Thread);
571 
572  /* Return */
573  return Status;
574 
575  /* Most annoying failure case ever, where we undo almost all manually */
576 Quickie:
577  /* When we get here, the process is locked, unlock it */
578  ExReleasePushLockExclusive(&Process->ProcessLock);
579  KeLeaveCriticalRegion();
580 
581  /* Uninitailize it */
582  KeUninitThread(&Thread->Tcb);
583 
584  /* If we had a TEB, delete it */
585  if (TebBase) MmDeleteTeb(Process, TebBase);
586 
587  /* Release rundown protection, which we also hold */
588  ExReleaseRundownProtection(&Process->RundownProtect);
589 
590  /* Dereference the thread and return failure */
591  ObDereferenceObject(Thread);
592  return STATUS_PROCESS_IS_TERMINATING;
593 }
594 
595 /* PUBLIC FUNCTIONS **********************************************************/
596 
597 /*
598  * @implemented
599  */
600 NTSTATUS
601 NTAPI
602 PsCreateSystemThread(OUT PHANDLE ThreadHandle,
603  IN ACCESS_MASK DesiredAccess,
604  IN POBJECT_ATTRIBUTES ObjectAttributes,
605  IN HANDLE ProcessHandle,
606  IN PCLIENT_ID ClientId,
607  IN PKSTART_ROUTINE StartRoutine,
608  IN PVOID StartContext)
609 {
610  PEPROCESS TargetProcess = NULL;
611  HANDLE Handle = ProcessHandle;
612  PAGED_CODE();
613  PSTRACE(PS_THREAD_DEBUG,
614  "ProcessHandle: %p StartRoutine: %p StartContext: %p\n",
615  ProcessHandle, StartRoutine, StartContext);
616 
617  /* Check if we have a handle. If not, use the System Process */
618  if (!ProcessHandle)
619  {
620  Handle = NULL;
621  TargetProcess = PsInitialSystemProcess;
622  }
623 
624  /* Call the shared function */
625  return PspCreateThread(ThreadHandle,
626  DesiredAccess,
627  ObjectAttributes,
628  Handle,
629  TargetProcess,
630  ClientId,
631  NULL,
632  NULL,
633  FALSE,
634  StartRoutine,
635  StartContext);
636 }
637 
638 /*
639  * @implemented
640  */
641 NTSTATUS
642 NTAPI
643 PsLookupThreadByThreadId(IN HANDLE ThreadId,
644  OUT PETHREAD *Thread)
645 {
646  PHANDLE_TABLE_ENTRY CidEntry;
647  PETHREAD FoundThread;
648  NTSTATUS Status = STATUS_INVALID_PARAMETER;
649  PAGED_CODE();
650  PSTRACE(PS_THREAD_DEBUG, "ThreadId: %p\n", ThreadId);
651  KeEnterCriticalRegion();
652 
653  /* Get the CID Handle Entry */
654  CidEntry = ExMapHandleToPointer(PspCidTable, ThreadId);
655  if (CidEntry)
656  {
657  /* Get the Thread */
658  FoundThread = CidEntry->Object;
659 
660  /* Make sure it's really a thread */
661  if (FoundThread->Tcb.Header.Type == ThreadObject)
662  {
663  /* Safe Reference and return it */
664  if (ObReferenceObjectSafe(FoundThread))
665  {
666  *Thread = FoundThread;
667  Status = STATUS_SUCCESS;
668  }
669  }
670 
671  /* Unlock the Entry */
672  ExUnlockHandleTableEntry(PspCidTable, CidEntry);
673  }
674 
675  /* Return to caller */
676  KeLeaveCriticalRegion();
677  return Status;
678 }
679 
680 /*
681  * @implemented
682  */
683 ULONG
684 NTAPI
685 PsGetThreadFreezeCount(IN PETHREAD Thread)
686 {
687  return Thread->Tcb.FreezeCount;
688 }
689 
690 /*
691  * @implemented
692  */
693 BOOLEAN
694 NTAPI
695 PsGetThreadHardErrorsAreDisabled(IN PETHREAD Thread)
696 {
697  return Thread->HardErrorsAreDisabled ? TRUE : FALSE;
698 }
699 
700 /*
701  * @implemented
702  */
703 HANDLE
704 NTAPI
705 PsGetThreadId(IN PETHREAD Thread)
706 {
707  return Thread->Cid.UniqueThread;
708 }
709 
710 /*
711  * @implemented
712  */
713 HANDLE
714 NTAPI
715 PsGetCurrentThreadId(VOID)
716 {
717  return PsGetCurrentThread()->Cid.UniqueThread;
718 }
719 
720 /*
721  * @implemented
722  */
723 PEPROCESS
724 NTAPI
725 PsGetThreadProcess(IN PETHREAD Thread)
726 {
727  return Thread->ThreadsProcess;
728 }
729 
730 /*
731  * @implemented
732  */
733 PEPROCESS
734 NTAPI
735 PsGetCurrentThreadProcess(VOID)
736 {
737  return PsGetCurrentThread()->ThreadsProcess;
738 }
739 
740 /*
741  * @implemented
742  */
743 HANDLE
744 NTAPI
745 PsGetThreadProcessId(IN PETHREAD Thread)
746 {
747  return Thread->Cid.UniqueProcess;
748 }
749 
750 /*
751  * @implemented
752  */
753 HANDLE
754 NTAPI
755 PsGetCurrentThreadProcessId(VOID)
756 {
757  return PsGetCurrentThread()->Cid.UniqueProcess;
758 }
759 
760 /*
761  * @implemented
762  */
763 ULONG
764 NTAPI
765 PsGetThreadSessionId(IN PETHREAD Thread)
766 {
767  return MmGetSessionId(Thread->ThreadsProcess);
768 }
769 
770 /*
771  * @implemented
772  */
773 PTEB
774 NTAPI
775 PsGetThreadTeb(IN PETHREAD Thread)
776 {
777  return Thread->Tcb.Teb;
778 }
779 
780 /*
781  * @implemented
782  */
783 PVOID
784 NTAPI
785 PsGetCurrentThreadTeb(VOID)
786 {
787  return PsGetCurrentThread()->Tcb.Teb;
788 }
789 
790 /*
791  * @implemented
792  */
793 PVOID
794 NTAPI
795 PsGetThreadWin32Thread(IN PETHREAD Thread)
796 {
797  return Thread->Tcb.Win32Thread;
798 }
799 
800 /*
801  * @implemented
802  */
803 PVOID
804 NTAPI
805 PsGetCurrentThreadWin32Thread(VOID)
806 {
807  return PsGetCurrentThread()->Tcb.Win32Thread;
808 }
809 
810 /*
811  * @implemented
812  */
813 PVOID
814 NTAPI
815 PsGetCurrentThreadWin32ThreadAndEnterCriticalRegion(
816  _Out_ HANDLE* OutProcessId)
817 {
818  PETHREAD CurrentThread;
819 
820  /* Get the current thread */
821  CurrentThread = PsGetCurrentThread();
822 
823  /* Return the process id */
824  *OutProcessId = CurrentThread->Cid.UniqueProcess;
825 
826  /* Enter critical region */
827  KeEnterCriticalRegion();
828 
829  /* Return the win32 thread */
830  return CurrentThread->Tcb.Win32Thread;
831 }
832 
833 /*
834  * @implemented
835  */
836 KPROCESSOR_MODE
837 NTAPI
838 PsGetCurrentThreadPreviousMode(VOID)
839 {
840  return (KPROCESSOR_MODE)PsGetCurrentThread()->Tcb.PreviousMode;
841 }
842 
843 /*
844  * @implemented
845  */
846 PVOID
847 NTAPI
848 PsGetCurrentThreadStackBase(VOID)
849 {
850  return PsGetCurrentThread()->Tcb.StackBase;
851 }
852 
853 /*
854  * @implemented
855  */
856 PVOID
857 NTAPI
858 PsGetCurrentThreadStackLimit(VOID)
859 {
860  return (PVOID)PsGetCurrentThread()->Tcb.StackLimit;
861 }
862 
863 /*
864  * @implemented
865  */
866 BOOLEAN
867 NTAPI
868 PsIsThreadTerminating(IN PETHREAD Thread)
869 {
870  return Thread->Terminated ? TRUE : FALSE;
871 }
872 
873 /*
874  * @implemented
875  */
876 BOOLEAN
877 NTAPI
878 PsIsSystemThread(IN PETHREAD Thread)
879 {
880  return Thread->SystemThread ? TRUE: FALSE;
881 }
882 
883 /*
884  * @implemented
885  */
886 BOOLEAN
887 NTAPI
888 PsIsThreadImpersonating(IN PETHREAD Thread)
889 {
890  return Thread->ActiveImpersonationInfo ? TRUE : FALSE;
891 }
892 
893 /*
894  * @implemented
895  */
896 VOID
897 NTAPI
898 PsSetThreadHardErrorsAreDisabled(IN PETHREAD Thread,
899  IN BOOLEAN HardErrorsAreDisabled)
900 {
901  Thread->HardErrorsAreDisabled = HardErrorsAreDisabled;
902 }
903 
904 /*
905  * @implemented
906  */
907 PVOID
908 NTAPI
909 PsSetThreadWin32Thread(
910  _Inout_ PETHREAD Thread,
911  _In_ PVOID Win32Thread,
912  _In_ PVOID OldWin32Thread)
913 {
914  /* Are we setting the win32 process? */
915  if (Win32Thread != NULL)
916  {
917  /* Just exchange it */
918  return InterlockedExchangePointer(&Thread->Tcb.Win32Thread,
919  Win32Thread);
920  }
921  else
922  {
923  /* We are resetting, only exchange when the old win32 thread matches */
924  return InterlockedCompareExchangePointer(&Thread->Tcb.Win32Thread,
925  Win32Thread,
926  OldWin32Thread);
927  }
928 }
929 
930 NTSTATUS
931 NTAPI
932 PsWrapApcWow64Thread(IN OUT PVOID *ApcContext,
933  IN OUT PVOID *ApcRoutine)
934 {
935  UNIMPLEMENTED;
936  return STATUS_NOT_IMPLEMENTED;
937 }
938 
939 NTSTATUS
940 NTAPI
941 NtCreateThread(OUT PHANDLE ThreadHandle,
942  IN ACCESS_MASK DesiredAccess,
943  IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
944  IN HANDLE ProcessHandle,
945  OUT PCLIENT_ID ClientId,
946  IN PCONTEXT ThreadContext,
947  IN PINITIAL_TEB InitialTeb,
948  IN BOOLEAN CreateSuspended)
949 {
950  INITIAL_TEB SafeInitialTeb;
951  PAGED_CODE();
952  PSTRACE(PS_THREAD_DEBUG,
953  "ProcessHandle: %p Context: %p\n", ProcessHandle, ThreadContext);
954 
955  /* Check if this was from user-mode */
956  if (KeGetPreviousMode() != KernelMode)
957  {
958  /* Make sure that we got a context */
959  if (!ThreadContext) return STATUS_INVALID_PARAMETER;
960 
961  /* Protect checks */
962  _SEH2_TRY
963  {
964  /* Make sure the handle pointer we got is valid */
965  ProbeForWriteHandle(ThreadHandle);
966 
967  /* Check if the caller wants a client id */
968  if (ClientId)
969  {
970  /* Make sure we can write to it */
971  ProbeForWrite(ClientId, sizeof(CLIENT_ID), sizeof(ULONG));
972  }
973 
974  /* Make sure that the entire context is readable */
975  ProbeForRead(ThreadContext, sizeof(CONTEXT), sizeof(ULONG));
976 
977  /* Check the Initial TEB */
978  ProbeForRead(InitialTeb, sizeof(INITIAL_TEB), sizeof(ULONG));
979  SafeInitialTeb = *InitialTeb;
980  }
981  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
982  {
983  /* Return the exception code */
984  _SEH2_YIELD(return _SEH2_GetExceptionCode());
985  }
986  _SEH2_END;
987  }
988  else
989  {
990  /* Use the Initial TEB as is */
991  SafeInitialTeb = *InitialTeb;
992  }
993 
994  /* Call the shared function */
995  return PspCreateThread(ThreadHandle,
996  DesiredAccess,
997  ObjectAttributes,
998  ProcessHandle,
999  NULL,
1000  ClientId,
1001  ThreadContext,
1002  &SafeInitialTeb,
1003  CreateSuspended,
1004  NULL,
1005  NULL);
1006 }
1007 
1008 /*
1009  * @implemented
1010  */
1011 NTSTATUS
1012 NTAPI
1013 NtOpenThread(OUT PHANDLE ThreadHandle,
1014  IN ACCESS_MASK DesiredAccess,
1015  IN POBJECT_ATTRIBUTES ObjectAttributes,
1016  IN PCLIENT_ID ClientId OPTIONAL)
1017 {
1018  KPROCESSOR_MODE PreviousMode = KeGetPreviousMode();
1019  CLIENT_ID SafeClientId;
1020  ULONG Attributes = 0;
1021  HANDLE hThread = NULL;
1022  NTSTATUS Status;
1023  PETHREAD Thread;
1024  BOOLEAN HasObjectName = FALSE;
1025  ACCESS_STATE AccessState;
1026  AUX_ACCESS_DATA AuxData;
1027  PAGED_CODE();
1028  PSTRACE(PS_THREAD_DEBUG,
1029  "ClientId: %p ObjectAttributes: %p\n", ClientId, ObjectAttributes);
1030 
1031  /* Check if we were called from user mode */
1032  if (PreviousMode != KernelMode)
1033  {
1034  /* Enter SEH for probing */
1035  _SEH2_TRY
1036  {
1037  /* Probe the thread handle */
1038  ProbeForWriteHandle(ThreadHandle);
1039 
1040  /* Check for a CID structure */
1041  if (ClientId)
1042  {
1043  /* Probe and capture it */
1044  ProbeForRead(ClientId, sizeof(CLIENT_ID), sizeof(ULONG));
1045  SafeClientId = *ClientId;
1046  ClientId = &SafeClientId;
1047  }
1048 
1049  /*
1050  * Just probe the object attributes structure, don't capture it
1051  * completely. This is done later if necessary
1052  */
1053  ProbeForRead(ObjectAttributes,
1054  sizeof(OBJECT_ATTRIBUTES),
1055  sizeof(ULONG));
1056  HasObjectName = (ObjectAttributes->ObjectName != NULL);
1057 
1058  /* Validate user attributes */
1059  Attributes = ObpValidateAttributes(ObjectAttributes->Attributes, PreviousMode);
1060  }
1061  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1062  {
1063  /* Return the exception code */
1064  _SEH2_YIELD(return _SEH2_GetExceptionCode());
1065  }
1066  _SEH2_END;
1067  }
1068  else
1069  {
1070  /* Otherwise just get the data directly */
1071  HasObjectName = (ObjectAttributes->ObjectName != NULL);
1072 
1073  /* Still have to sanitize attributes */
1074  Attributes = ObpValidateAttributes(ObjectAttributes->Attributes, PreviousMode);
1075  }
1076 
1077  /* Can't pass both, fail */
1078  if ((HasObjectName) && (ClientId)) return STATUS_INVALID_PARAMETER_MIX;
1079 
1080  /* Create an access state */
1081  Status = SeCreateAccessState(&AccessState,
1082  &AuxData,
1083  DesiredAccess,
1084  &PsThreadType->TypeInfo.GenericMapping);
1085  if (!NT_SUCCESS(Status)) return Status;
1086 
1087  /* Check if this is a debugger */
1088  if (SeSinglePrivilegeCheck(SeDebugPrivilege, PreviousMode))
1089  {
1090  /* Did he want full access? */
1091  if (AccessState.RemainingDesiredAccess & MAXIMUM_ALLOWED)
1092  {
1093  /* Give it to him */
1094  AccessState.PreviouslyGrantedAccess |= THREAD_ALL_ACCESS;
1095  }
1096  else
1097  {
1098  /* Otherwise just give every other access he could want */
1099  AccessState.PreviouslyGrantedAccess |=
1100  AccessState.RemainingDesiredAccess;
1101  }
1102 
1103  /* The caller desires nothing else now */
1104  AccessState.RemainingDesiredAccess = 0;
1105  }
1106 
1107  /* Open by name if one was given */
1108  if (HasObjectName)
1109  {
1110  /* Open it */
1111  Status = ObOpenObjectByName(ObjectAttributes,
1112  PsThreadType,
1113  PreviousMode,
1114  &AccessState,
1115  0,
1116  NULL,
1117  &hThread);
1118 
1119  /* Get rid of the access state */
1120  SeDeleteAccessState(&AccessState);
1121  }
1122  else if (ClientId)
1123  {
1124  /* Open by Thread ID */
1125  if (ClientId->UniqueProcess)
1126  {
1127  /* Get the Process */
1128  Status = PsLookupProcessThreadByCid(ClientId, NULL, &Thread);
1129  }
1130  else
1131  {
1132  /* Get the Process */
1133  Status = PsLookupThreadByThreadId(ClientId->UniqueThread, &Thread);
1134  }
1135 
1136  /* Check if we didn't find anything */
1137  if (!NT_SUCCESS(Status))
1138  {
1139  /* Get rid of the access state and return */
1140  SeDeleteAccessState(&AccessState);
1141  return Status;
1142  }
1143 
1144  /* Open the Thread Object */
1145  Status = ObOpenObjectByPointer(Thread,
1146  Attributes,
1147  &AccessState,
1148  0,
1149  PsThreadType,
1150  PreviousMode,
1151  &hThread);
1152 
1153  /* Delete the access state and dereference the thread */
1154  SeDeleteAccessState(&AccessState);
1155  ObDereferenceObject(Thread);
1156  }
1157  else
1158  {
1159  /* Neither an object name nor a client id was passed */
1160  return STATUS_INVALID_PARAMETER_MIX;
1161  }
1162 
1163  /* Check for success */
1164  if (NT_SUCCESS(Status))
1165  {
1166  /* Protect against bad user-mode pointers */
1167  _SEH2_TRY
1168  {
1169  /* Write back the handle */
1170  *ThreadHandle = hThread;
1171  }
1172  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
1173  {
1174  /* Get the exception code */
1175  Status = _SEH2_GetExceptionCode();
1176  }
1177  _SEH2_END;
1178  }
1179 
1180  /* Return status */
1181  return Status;
1182 }
1183 
1184 /* EOF */
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
KeQuerySystemTime
#define KeQuerySystemTime(t)
Definition: env_spec_w32.h:570
ObOpenObjectByName
NTSTATUS NTAPI ObOpenObjectByName(IN POBJECT_ATTRIBUTES ObjectAttributes, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, IN PACCESS_STATE PassedAccessState, IN ACCESS_MASK DesiredAccess, IN OUT PVOID ParseContext, OUT PHANDLE Handle)
Definition: obhandle.c:2529
CcPfEnablePrefetcher
BOOLEAN CcPfEnablePrefetcher
Definition: cacheman.c:17
MAXIMUM_ALLOWED
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83
_ETHREAD::PostBlockList
LIST_ENTRY PostBlockList
Definition: pstypes.h:1047
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
SeAccessCheck
BOOLEAN NTAPI SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, IN BOOLEAN SubjectContextLocked, IN ACCESS_MASK DesiredAccess, IN ACCESS_MASK PreviouslyGrantedAccess, OUT PPRIVILEGE_SET *Privileges, IN PGENERIC_MAPPING GenericMapping, IN KPROCESSOR_MODE AccessMode, OUT PACCESS_MASK GrantedAccess, OUT PNTSTATUS AccessStatus)
Definition: accesschk.c:340
ExAcquirePushLockExclusive
FORCEINLINE VOID ExAcquirePushLockExclusive(PEX_PUSH_LOCK PushLock)
Definition: ex.h:1022
PsSetThreadWin32Thread
PVOID NTAPI PsSetThreadWin32Thread(_Inout_ PETHREAD Thread, _In_ PVOID Win32Thread, _In_ PVOID OldWin32Thread)
Definition: thread.c:909
MmCreateTeb
NTSTATUS NTAPI MmCreateTeb(IN PEPROCESS Process, IN PCLIENT_ID ClientId, IN PINITIAL_TEB InitialTeb, OUT PTEB *BaseTeb)
Definition: procsup.c:741
ULONG
static ULONG
Definition: thread.c:83
_KTHREAD::FreezeCount
ULONG FreezeCount
Definition: ketypes.h:1627
IN
#define IN
Definition: typedefs.h:38
PsGetThreadWin32Thread
PVOID NTAPI PsGetThreadWin32Thread(IN PETHREAD Thread)
Definition: thread.c:795
ApcContext
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE _In_opt_ PVOID ApcContext
Definition: iofuncs.h:719
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2239
THREAD_ALL_ACCESS
#define THREAD_ALL_ACCESS
Definition: nt_native.h:1339
KeReadyThread
VOID NTAPI KeReadyThread(IN PKTHREAD Thread)
Definition: thrdobj.c:115
KeRaiseIrql
#define KeRaiseIrql(irql, oldIrql)
Definition: env_spec_w32.h:597
TRUE
#define TRUE
Definition: types.h:120
_ETHREAD::ThreadListEntry
LIST_ENTRY ThreadListEntry
Definition: pstypes.h:1089
SeCreateAccessState
NTSTATUS NTAPI SeCreateAccessState(IN OUT PACCESS_STATE AccessState, IN PAUX_ACCESS_DATA AuxData, IN ACCESS_MASK Access, IN PGENERIC_MAPPING GenericMapping)
Definition: access.c:439
PspCreateThread
NTSTATUS NTAPI PspCreateThread(OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN HANDLE ProcessHandle, IN PEPROCESS TargetProcess, OUT PCLIENT_ID ClientId, IN PCONTEXT ThreadContext, IN PINITIAL_TEB InitialTeb, IN BOOLEAN CreateSuspended, IN PKSTART_ROUTINE StartRoutine OPTIONAL, IN PVOID StartContext OPTIONAL)
Definition: thread.c:172
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
NtOpenThread
NTSTATUS NTAPI NtOpenThread(OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId OPTIONAL)
Definition: thread.c:1013
KeLowerIrql
#define KeLowerIrql(oldIrql)
Definition: env_spec_w32.h:602
_KPRCB::InterruptTime
ULONG InterruptTime
Definition: ketypes.h:736
PsGetCurrentThread
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
STATUS_NOT_IMPLEMENTED
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:225
SeDebugPrivilege
const LUID SeDebugPrivilege
Definition: priv.c:41
KeStartThread
VOID NTAPI KeStartThread(IN OUT PKTHREAD Thread)
Definition: thrdobj.c:498
StartRoutine
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE StartRoutine
Definition: psfuncs.h:87
PsGetThreadProcess
PEPROCESS NTAPI PsGetThreadProcess(IN PETHREAD Thread)
Definition: thread.c:725
AccessStatus
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
ExReleaseRundownProtection
NTKERNELAPI VOID FASTCALL ExReleaseRundownProtection(_Inout_ PEX_RUNDOWN_REF RunRef)
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
STATUS_THREAD_IS_TERMINATING
#define STATUS_THREAD_IS_TERMINATING
Definition: ntstatus.h:297
ExMapHandleToPointer
PHANDLE_TABLE_ENTRY NTAPI ExMapHandleToPointer(IN PHANDLE_TABLE HandleTable, IN HANDLE Handle)
Definition: handle.c:1010
KeInitThread
NTSTATUS NTAPI KeInitThread(IN OUT PKTHREAD Thread, IN PVOID KernelStack, IN PKSYSTEM_ROUTINE SystemRoutine, IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext, IN PCONTEXT Context, IN PVOID Teb, IN PKPROCESS Process)
Definition: thrdobj.c:765
_KPRCB::MmPageFaultCount
LONG MmPageFaultCount
Definition: ketypes.h:629
PsLookupThreadByThreadId
NTSTATUS NTAPI PsLookupThreadByThreadId(IN HANDLE ThreadId, OUT PETHREAD *Thread)
Definition: thread.c:643
_ETHREAD::CreateTime
LARGE_INTEGER CreateTime
Definition: pstypes.h:1035
PsGetCurrentThreadPreviousMode
KPROCESSOR_MODE NTAPI PsGetCurrentThreadPreviousMode(VOID)
Definition: thread.c:838
ObReferenceObjectEx
LONG FASTCALL ObReferenceObjectEx(IN PVOID Object, IN LONG Count)
Definition: obref.c:79
KeResumeThread
ULONG NTAPI KeResumeThread(IN PKTHREAD Thread)
Definition: thrdobj.c:397
PsGetCurrentThreadWin32Thread
PVOID NTAPI PsGetCurrentThreadWin32Thread(VOID)
Definition: thread.c:805
THREAD_SET_INFORMATION
#define THREAD_SET_INFORMATION
Definition: nt_native.h:1337
KeGetPreviousMode
#define KeGetPreviousMode()
Definition: ketypes.h:1081
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_ETHREAD::RundownProtect
EX_RUNDOWN_REF RundownProtect
Definition: pstypes.h:1090
_ETHREAD::Tcb
KTHREAD Tcb
Definition: pstypes.h:1034
KeGetCurrentPrcb
FORCEINLINE struct _KPRCB * KeGetCurrentPrcb(VOID)
Definition: ketypes.h:1062
CT_SYSTEM_THREAD_BIT
#define CT_SYSTEM_THREAD_BIT
Definition: pstypes.h:226
ExAcquireRundownProtection
#define ExAcquireRundownProtection
Definition: ex.h:130
PsIsSystemThread
BOOLEAN NTAPI PsIsSystemThread(IN PETHREAD Thread)
Definition: thread.c:878
InterlockedCompareExchange
#define InterlockedCompareExchange
Definition: interlocked.h:104
_ETHREAD::ActiveTimerListHead
LIST_ENTRY ActiveTimerListHead
Definition: pstypes.h:1058
SeSinglePrivilegeCheck
BOOLEAN NTAPI SeSinglePrivilegeCheck(IN LUID PrivilegeValue, IN KPROCESSOR_MODE PreviousMode)
Definition: priv.c:524
ExGetPreviousMode
KPROCESSOR_MODE NTAPI ExGetPreviousMode(VOID)
Definition: sysinfo.c:2982
_EPROCESS
Definition: pstypes.h:1191
ObDereferenceObject
VOID NTAPI ObDereferenceObject(IN PVOID Object)
Definition: obref.c:375
_OBJECT_TYPE
Definition: obtypes.h:379
PspCidTable
PHANDLE_TABLE PspCidTable
Definition: psmgr.c:48
KiInitializeUserApc
VOID NTAPI KiInitializeUserApc(IN PKEXCEPTION_FRAME Reserved, IN PKTRAP_FRAME TrapFrame, IN PKNORMAL_ROUTINE NormalRoutine, IN PVOID NormalContext, IN PVOID SystemArgument1, IN PVOID SystemArgument2)
Definition: stubs.c:203
STATUS_INVALID_PARAMETER_MIX
#define STATUS_INVALID_PARAMETER_MIX
Definition: ntstatus.h:271
PVOID
static PVOID
Definition: thread.c:83
InsertTailList
#define InsertTailList(ListHead, Entry)
Definition: env_spec_w32.h:1003
_CLIENT_ID::UniqueProcess
HANDLE UniqueProcess
Definition: compat.h:474
ObOpenObjectByPointer
NTSTATUS NTAPI ObOpenObjectByPointer(IN PVOID Object, IN ULONG HandleAttributes, IN PACCESS_STATE PassedAccessState, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PHANDLE Handle)
Definition: obhandle.c:2739
ExInitializeRundownProtection
NTKERNELAPI VOID FASTCALL ExInitializeRundownProtection(_Out_ PEX_RUNDOWN_REF RunRef)
MmDeleteTeb
VOID NTAPI MmDeleteTeb(struct _EPROCESS *Process, PTEB Teb)
PspUserThreadStartup
VOID NTAPI PspUserThreadStartup(IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext)
Definition: thread.c:26
ExUnlockHandleTableEntry
VOID NTAPI ExUnlockHandleTableEntry(IN PHANDLE_TABLE HandleTable, IN PHANDLE_TABLE_ENTRY HandleTableEntry)
Definition: handle.c:887
ProbeForWrite
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
STATUS_INVALID_HANDLE
#define STATUS_INVALID_HANDLE
Definition: ntstatus.h:231
PAGED_CODE
#define PAGED_CODE()
Definition: video.h:57
_EXCEPTION_RECORD::ExceptionAddress
PVOID ExceptionAddress
Definition: compat.h:199
PROCESS_CREATE_THREAD
#define PROCESS_CREATE_THREAD
Definition: pstypes.h:150
DbgkCreateThread
VOID NTAPI DbgkCreateThread(IN PETHREAD Thread, IN PVOID StartAddress)
Definition: dbgkutil.c:87
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4250
KeGetContextReturnRegister
#define KeGetContextReturnRegister(Context)
Definition: ke.h:136
ObReferenceObjectSafe
BOOLEAN FASTCALL ObReferenceObjectSafe(IN PVOID Object)
Definition: obref.c:24
_ETHREAD::StartAddress
PKSTART_ROUTINE StartAddress
Definition: pstypes.h:1086
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:63
_EXCEPTION_RECORD::ExceptionCode
DWORD ExceptionCode
Definition: compat.h:196
ExCreateHandle
HANDLE NTAPI ExCreateHandle(IN PHANDLE_TABLE HandleTable, IN PHANDLE_TABLE_ENTRY HandleTableEntry)
Definition: handle.c:791
KIRQL
UCHAR KIRQL
Definition: env_spec_w32.h:591
CT_DEAD_THREAD_BIT
#define CT_DEAD_THREAD_BIT
Definition: pstypes.h:223
KeSuspendThread
ULONG NTAPI KeSuspendThread(PKTHREAD Thread)
Definition: thrdobj.c:610
ObReferenceObjectByHandle
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:496
NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
PKSTART_ROUTINE
KSTART_ROUTINE * PKSTART_ROUTINE
Definition: ketypes.h:487
PsInitialSystemProcess
PEPROCESS PsInitialSystemProcess
Definition: psmgr.c:50
PS_THREAD_DEBUG
#define PS_THREAD_DEBUG
Definition: ps.h:17
LONG
long LONG
Definition: pedump.c:60
MmGetSessionLocaleId
ULONG NTAPI MmGetSessionLocaleId(VOID)
Definition: session.c:57
_ETHREAD::Win32StartAddress
PVOID Win32StartAddress
Definition: pstypes.h:1083
InterlockedCompareExchangePointer
#define InterlockedCompareExchangePointer
Definition: interlocked.h:129
PspUnhandledExceptionInSystemThread
LONG PspUnhandledExceptionInSystemThread(PEXCEPTION_POINTERS ExceptionPointers)
Definition: thread.c:115
PsGetCurrentProcess
#define PsGetCurrentProcess
Definition: psfuncs.h:17
ExReleasePushLockExclusive
FORCEINLINE VOID ExReleasePushLockExclusive(PEX_PUSH_LOCK PushLock)
Definition: ex.h:1238
_SEH2_GetExceptionInformation
#define _SEH2_GetExceptionInformation()
Definition: pseh2_64.h:11
_HANDLE_TABLE_ENTRY
Definition: extypes.h:595
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
KeInitializeSpinLock
FORCEINLINE VOID KeInitializeSpinLock(_Out_ PKSPIN_LOCK SpinLock)
Definition: kefuncs.h:251
ObReleaseObjectSecurity
VOID NTAPI ObReleaseObjectSecurity(IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN MemoryAllocated)
Definition: obsecure.c:709
_TEB::CurrentLocale
ULONG CurrentLocale
Definition: compat.h:498
PSREFTRACE
#define PSREFTRACE(x)
Definition: ps.h:58
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
_ETHREAD::LpcReplyChain
LIST_ENTRY LpcReplyChain
Definition: pstypes.h:1039
_LARGE_INTEGER::HighPart
LONG HighPart
Definition: typedefs.h:105
NULL
smooth NULL
Definition: ftsmooth.c:416
PsIsThreadImpersonating
BOOLEAN NTAPI PsIsThreadImpersonating(IN PETHREAD Thread)
Definition: thread.c:888
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
_Out_
#define _Out_
Definition: no_sal2.h:323
KeBugCheck
VOID NTAPI KeBugCheck(ULONG BugCheckCode)
Definition: bug.c:1469
_ETHREAD
Definition: pstypes.h:1032
KeGetExceptionFrame
#define KeGetExceptionFrame(Thread)
Definition: ke.h:162
KeGetContextPc
#define KeGetContextPc(Context)
Definition: ke.h:124
PsGetCurrentThreadWin32ThreadAndEnterCriticalRegion
PVOID NTAPI PsGetCurrentThreadWin32ThreadAndEnterCriticalRegion(_Out_ HANDLE *OutProcessId)
Definition: thread.c:815
ObGetObjectSecurity
NTSTATUS NTAPI ObGetObjectSecurity(IN PVOID Object, OUT PSECURITY_DESCRIPTOR *SecurityDescriptor, OUT PBOOLEAN MemoryAllocated)
Definition: obsecure.c:611
ObCreateObject
NTSTATUS NTAPI ObCreateObject(IN KPROCESSOR_MODE ProbeMode OPTIONAL, IN POBJECT_TYPE Type, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext OPTIONAL, IN ULONG ObjectSize, IN ULONG PagedPoolCharge OPTIONAL, IN ULONG NonPagedPoolCharge OPTIONAL, OUT PVOID *Object)
Definition: oblife.c:952
PsGetThreadSessionId
ULONG NTAPI PsGetThreadSessionId(IN PETHREAD Thread)
Definition: thread.c:765
_EXCEPTION_POINTERS::ContextRecord
PCONTEXT ContextRecord
Definition: rtltypes.h:197
PsGetCurrentThreadStackBase
PVOID NTAPI PsGetCurrentThreadStackBase(VOID)
Definition: thread.c:848
Handle
_In_ HANDLE Handle
Definition: extypes.h:390
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
InterlockedExchangePointer
#define InterlockedExchangePointer(Target, Value)
Definition: dshow.h:45
_EXCEPTION_RECORD::ExceptionInformation
ULONG_PTR ExceptionInformation[EXCEPTION_MAXIMUM_PARAMETERS]
Definition: compat.h:201
_ACCESS_STATE
Definition: setypes.h:196
ClientId
_Out_ PCLIENT_ID ClientId
Definition: kefuncs.h:1176
KeInitializeSemaphore
VOID NTAPI KeInitializeSemaphore(IN PKSEMAPHORE Semaphore, IN LONG Count, IN LONG Limit)
Definition: semphobj.c:22
MmReadClusterSize
ULONG MmReadClusterSize
Definition: mminit.c:23
_SEH2_YIELD
#define _SEH2_YIELD(STMT_)
Definition: pseh2_64.h:8
PsSetThreadHardErrorsAreDisabled
VOID NTAPI PsSetThreadHardErrorsAreDisabled(IN PETHREAD Thread, IN BOOLEAN HardErrorsAreDisabled)
Definition: thread.c:898
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
STATUS_PENDING
#define STATUS_PENDING
Definition: ntstatus.h:82
PsGetCurrentThreadProcess
PEPROCESS NTAPI PsGetCurrentThreadProcess(VOID)
Definition: thread.c:735
_ETHREAD::Cid
CLIENT_ID Cid
Definition: pstypes.h:1059
PsGetThreadProcessId
HANDLE NTAPI PsGetThreadProcessId(IN PETHREAD Thread)
Definition: thread.c:745
PsGetCurrentThreadTeb
PVOID NTAPI PsGetCurrentThreadTeb(VOID)
Definition: thread.c:785
STATUS_PROCESS_IS_TERMINATING
#define STATUS_PROCESS_IS_TERMINATING
Definition: ntstatus.h:488
_HANDLE_TABLE_ENTRY::GrantedAccess
ULONG GrantedAccess
Definition: extypes.h:606
ProbeForWriteHandle
#define ProbeForWriteHandle(Ptr)
Definition: probe.h:43
Thread
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
PspSystemDllBase
PVOID PspSystemDllBase
Definition: psmgr.c:41
_Inout_
#define _Inout_
Definition: no_sal2.h:244
_INITIAL_TEB
Definition: pstypes.h:674
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
_ETHREAD::ActiveImpersonationInfo
ULONG ActiveImpersonationInfo
Definition: pstypes.h:1112
ApcRoutine
_In_opt_ HANDLE _In_opt_ PIO_APC_ROUTINE ApcRoutine
Definition: iofuncs.h:719
_CLIENT_ID::UniqueThread
HANDLE UniqueThread
Definition: compat.h:475
PsLookupProcessThreadByCid
NTSTATUS NTAPI PsLookupProcessThreadByCid(IN PCLIENT_ID Cid, OUT PEPROCESS *Process OPTIONAL, OUT PETHREAD *Thread)
Definition: process.c:961
ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
AccessState
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE AccessState
Definition: sefuncs.h:414
SharedUserData
#define SharedUserData
ObCloseHandle
NTSTATUS NTAPI ObCloseHandle(IN HANDLE Handle, IN KPROCESSOR_MODE AccessMode)
Definition: obhandle.c:3376
PsThreadType
POBJECT_TYPE PsThreadType
Definition: thread.c:20
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
PspSetCrossThreadFlag
#define PspSetCrossThreadFlag(Thread, Flag)
Definition: ps_x.h:25
OldIrql
_Requires_lock_held_ Interrupt _Releases_lock_ Interrupt _In_ _IRQL_restores_ KIRQL OldIrql
Definition: kefuncs.h:803
_KPRCB
Definition: ketypes.h:555
PsGetCurrentThreadProcessId
HANDLE NTAPI PsGetCurrentThreadProcessId(VOID)
Definition: thread.c:755
_CONTEXT
Definition: compat.h:314
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:414
_DISPATCHER_HEADER::Type
UCHAR Type
Definition: ketypes.h:731
_ETHREAD::ReadClusterSize
ULONG ReadClusterSize
Definition: pstypes.h:1095
KeEnterCriticalRegion
#define KeEnterCriticalRegion()
Definition: ke_x.h:83
_KTHREAD::IdealProcessor
ULONG IdealProcessor
Definition: ketypes.h:1834
PsGetThreadHardErrorsAreDisabled
BOOLEAN NTAPI PsGetThreadHardErrorsAreDisabled(IN PETHREAD Thread)
Definition: thread.c:695
PsGetThreadId
HANDLE NTAPI PsGetThreadId(IN PETHREAD Thread)
Definition: thread.c:705
PsReferencePrimaryToken
PACCESS_TOKEN NTAPI PsReferencePrimaryToken(PEPROCESS Process)
Definition: security.c:432
PASSIVE_LEVEL
#define PASSIVE_LEVEL
Definition: env_spec_w32.h:693
_OBJECT_TYPE::TypeInfo
OBJECT_TYPE_INITIALIZER TypeInfo
Definition: obtypes.h:390
_ETHREAD::SystemThread
ULONG SystemThread
Definition: pstypes.h:1113
Status
Status
Definition: gdiplustypes.h:24
ObpValidateAttributes
FORCEINLINE ULONG ObpValidateAttributes(IN ULONG Attributes, IN KPROCESSOR_MODE PreviousMode)
Definition: ob_x.h:22
_CLIENT_ID
Definition: compat.h:472
PsGetCurrentThreadStackLimit
PVOID NTAPI PsGetCurrentThreadStackLimit(VOID)
Definition: thread.c:858
_In_
#define _In_
Definition: no_sal2.h:204
_TEB
Definition: compat.h:484
_AUX_ACCESS_DATA
Definition: setypes.h:185
Attributes
_Must_inspect_result_ _In_ USHORT _In_ PHIDP_PREPARSED_DATA _Out_writes_to_ LengthAttributes PHIDP_EXTENDED_ATTRIBUTES Attributes
Definition: hidpi.h:348
_SEH2_END
_SEH2_END
Definition: create.c:4424
PspRunCreateThreadNotifyRoutines
FORCEINLINE VOID PspRunCreateThreadNotifyRoutines(IN PETHREAD CurrentThread, IN BOOLEAN Create)
Definition: ps_x.h:40
ObInsertObject
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
Definition: obhandle.c:2932
_ETHREAD::ExitStatus
NTSTATUS ExitStatus
Definition: pstypes.h:1044
KeLeaveCriticalRegion
#define KeLeaveCriticalRegion()
Definition: ke_x.h:114
_OBJECT_TYPE_INITIALIZER::GenericMapping
GENERIC_MAPPING GenericMapping
Definition: obtypes.h:358
NtCurrentTeb
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
PsGetThreadFreezeCount
ULONG NTAPI PsGetThreadFreezeCount(IN PETHREAD Thread)
Definition: thread.c:685
InitializeListHead
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
DesiredAccess
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
_ETHREAD::Terminated
ULONG Terminated
Definition: pstypes.h:1105
PsCreateSystemThread
NTSTATUS NTAPI PsCreateSystemThread(OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN HANDLE ProcessHandle, IN PCLIENT_ID ClientId, IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext)
Definition: thread.c:602
PspSystemThreadStartup
VOID NTAPI PspSystemThreadStartup(IN PKSTART_ROUTINE StartRoutine, IN PVOID StartContext)
Definition: thread.c:139
PsWrapApcWow64Thread
NTSTATUS NTAPI PsWrapApcWow64Thread(IN OUT PVOID *ApcContext, IN OUT PVOID *ApcRoutine)
Definition: thread.c:932
SeDeleteAccessState
VOID NTAPI SeDeleteAccessState(IN PACCESS_STATE AccessState)
Definition: access.c:460
ObDereferenceObjectEx
LONG FASTCALL ObDereferenceObjectEx(IN PVOID Object, IN LONG Count)
Definition: obref.c:90
NtCreateThread
NTSTATUS NTAPI NtCreateThread(OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN HANDLE ProcessHandle, OUT PCLIENT_ID ClientId, IN PCONTEXT ThreadContext, IN PINITIAL_TEB InitialTeb, IN BOOLEAN CreateSuspended)
Definition: thread.c:941
PsGetCurrentThreadId
HANDLE NTAPI PsGetCurrentThreadId(VOID)
Definition: thread.c:715
hThread
HANDLE hThread
Definition: wizard.c:27
_SECURITY_SUBJECT_CONTEXT
Definition: setypes.h:189
_KTHREAD::Teb
PVOID Teb
Definition: ketypes.h:1697
_LARGE_INTEGER
Definition: typedefs.h:100
DPRINT1
#define DPRINT1
Definition: precomp.h:8
THREAD_TERMINATE
#define THREAD_TERMINATE
Definition: nt_native.h:1336
_KTHREAD::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:1551
ObFastDereferenceObject
VOID FASTCALL ObFastDereferenceObject(IN PEX_FAST_REF FastRef, IN PVOID Object)
Definition: obref.c:169
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
_LARGE_INTEGER::u
struct _LARGE_INTEGER::@2192 u
OUT
#define OUT
Definition: typedefs.h:39
ObReferenceObject
#define ObReferenceObject
Definition: obfuncs.h:204
KeForceResumeThread
ULONG NTAPI KeForceResumeThread(IN PKTHREAD Thread)
Definition: thrdobj.c:276
_KTHREAD::Win32Thread
PVOID Win32Thread
Definition: ketypes.h:1756
THREAD_QUERY_INFORMATION
#define THREAD_QUERY_INFORMATION
Definition: pstypes.h:141
PspSystemDllEntryPoint
PVOID PspSystemDllEntryPoint
Definition: psmgr.c:43
ULONG
unsigned int ULONG
Definition: retypes.h:1
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: debug.h:114
_EXCEPTION_POINTERS
Definition: rtltypes.h:195
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
_HANDLE_TABLE_ENTRY::Object
PVOID Object
Definition: extypes.h:599
MmGetSessionId
ULONG NTAPI MmGetSessionId(IN PEPROCESS Process)
Definition: session.c:180
_EXCEPTION_POINTERS::ExceptionRecord
PEXCEPTION_RECORD ExceptionRecord
Definition: rtltypes.h:196
PSTRACE
#define PSTRACE(x, fmt,...)
Definition: ps.h:57
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
PspTerminateThreadByPointer
NTSTATUS NTAPI PspTerminateThreadByPointer(IN PETHREAD Thread, IN NTSTATUS ExitStatus, IN BOOLEAN bSelf)
Definition: kill.c:987
PsGetThreadTeb
PTEB NTAPI PsGetThreadTeb(IN PETHREAD Thread)
Definition: thread.c:775
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
SeCreateAccessStateEx
NTSTATUS NTAPI SeCreateAccessStateEx(IN PETHREAD Thread, IN PEPROCESS Process, IN OUT PACCESS_STATE AccessState, IN PAUX_ACCESS_DATA AuxData, IN ACCESS_MASK Access, IN PGENERIC_MAPPING GenericMapping)
Definition: access.c:378
_ETHREAD::HardErrorsAreDisabled
ULONG HardErrorsAreDisabled
Definition: pstypes.h:1114
PsIsThreadTerminating
BOOLEAN NTAPI PsIsThreadTerminating(IN PETHREAD Thread)
Definition: thread.c:868
ProcessHandle
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2745
_ETHREAD::HideFromDebugger
ULONG HideFromDebugger
Definition: pstypes.h:1111
KeGetTrapFrame
#define KeGetTrapFrame(Thread)
Definition: ke.h:145
_ETHREAD::IrpList
LIST_ENTRY IrpList
Definition: pstypes.h:1075
APC_LEVEL
#define APC_LEVEL
Definition: env_spec_w32.h:695
PsProcessType
POBJECT_TYPE PsProcessType
Definition: process.c:20
ACCESS_MASK
ULONG ACCESS_MASK
Definition: nt_native.h:40
KeBugCheckEx
VOID NTAPI KeBugCheckEx(_In_ ULONG BugCheckCode, _In_ ULONG_PTR BugCheckParameter1, _In_ ULONG_PTR BugCheckParameter2, _In_ ULONG_PTR BugCheckParameter3, _In_ ULONG_PTR BugCheckParameter4)
Definition: rtlcompat.c:107
OPTIONAL
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68
KeUninitThread
VOID NTAPI KeUninitThread(IN PKTHREAD Thread)
Definition: thrdobj.c:926
_ETHREAD::ActiveTimerListLock
KSPIN_LOCK ActiveTimerListLock
Definition: pstypes.h:1057