ReactOS  r74227
pstypes.h
Go to the documentation of this file.
1 /*++ NDK Version: 0098
2 
3 Copyright (c) Alex Ionescu. All rights reserved.
4 
5 Header Name:
6 
7  pstypes.h
8 
9 Abstract:
10 
11  Type definitions for the Process Manager
12 
13 Author:
14 
15  Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16 
17 --*/
18 
19 #ifndef _PSTYPES_H
20 #define _PSTYPES_H
21 
22 //
23 // Dependencies
24 //
25 #include <umtypes.h>
26 #include <ldrtypes.h>
27 #include <mmtypes.h>
28 #include <obtypes.h>
29 #include <rtltypes.h>
30 #ifndef NTOS_MODE_USER
31 #include <extypes.h>
32 #include <setypes.h>
33 #endif
34 
35 #ifdef __cplusplus
36 extern "C" {
37 #endif
38 
39 #ifndef NTOS_MODE_USER
40 
41 //
42 // Kernel Exported Object Types
43 //
45 
46 #endif // !NTOS_MODE_USER
47 
48 //
49 // KUSER_SHARED_DATA location in User Mode
50 //
51 #define USER_SHARED_DATA (0x7FFE0000)
52 
53 //
54 // Global Flags
55 //
56 #define FLG_STOP_ON_EXCEPTION 0x00000001
57 #define FLG_SHOW_LDR_SNAPS 0x00000002
58 #define FLG_DEBUG_INITIAL_COMMAND 0x00000004
59 #define FLG_STOP_ON_HUNG_GUI 0x00000008
60 #define FLG_HEAP_ENABLE_TAIL_CHECK 0x00000010
61 #define FLG_HEAP_ENABLE_FREE_CHECK 0x00000020
62 #define FLG_HEAP_VALIDATE_PARAMETERS 0x00000040
63 #define FLG_HEAP_VALIDATE_ALL 0x00000080
64 #define FLG_POOL_ENABLE_TAIL_CHECK 0x00000100
65 #define FLG_POOL_ENABLE_FREE_CHECK 0x00000200
66 #define FLG_POOL_ENABLE_TAGGING 0x00000400
67 #define FLG_HEAP_ENABLE_TAGGING 0x00000800
68 #define FLG_USER_STACK_TRACE_DB 0x00001000
69 #define FLG_KERNEL_STACK_TRACE_DB 0x00002000
70 #define FLG_MAINTAIN_OBJECT_TYPELIST 0x00004000
71 #define FLG_HEAP_ENABLE_TAG_BY_DLL 0x00008000
72 #define FLG_DISABLE_STACK_EXTENSION 0x00010000
73 #define FLG_ENABLE_CSRDEBUG 0x00020000
74 #define FLG_ENABLE_KDEBUG_SYMBOL_LOAD 0x00040000
75 #define FLG_DISABLE_PAGE_KERNEL_STACKS 0x00080000
76 #if (NTDDI_VERSION < NTDDI_WINXP)
77 #define FLG_HEAP_ENABLE_CALL_TRACING 0x00100000
78 #else
79 #define FLG_ENABLE_SYSTEM_CRIT_BREAKS 0x00100000
80 #endif
81 #define FLG_HEAP_DISABLE_COALESCING 0x00200000
82 #define FLG_ENABLE_CLOSE_EXCEPTIONS 0x00400000
83 #define FLG_ENABLE_EXCEPTION_LOGGING 0x00800000
84 #define FLG_ENABLE_HANDLE_TYPE_TAGGING 0x01000000
85 #define FLG_HEAP_PAGE_ALLOCS 0x02000000
86 #define FLG_DEBUG_INITIAL_COMMAND_EX 0x04000000
87 #define FLG_VALID_BITS 0x07FFFFFF
88 
89 //
90 // Flags for NtCreateProcessEx
91 //
92 #define PROCESS_CREATE_FLAGS_BREAKAWAY 0x00000001
93 #define PROCESS_CREATE_FLAGS_NO_DEBUG_INHERIT 0x00000002
94 #define PROCESS_CREATE_FLAGS_INHERIT_HANDLES 0x00000004
95 #define PROCESS_CREATE_FLAGS_OVERRIDE_ADDRESS_SPACE 0x00000008
96 #define PROCESS_CREATE_FLAGS_LARGE_PAGES 0x00000010
97 #define PROCESS_CREATE_FLAGS_ALL_LARGE_PAGE_FLAGS PROCESS_CREATE_FLAGS_LARGE_PAGES
98 #define PROCESS_CREATE_FLAGS_LEGAL_MASK (PROCESS_CREATE_FLAGS_BREAKAWAY | \
99  PROCESS_CREATE_FLAGS_NO_DEBUG_INHERIT | \
100  PROCESS_CREATE_FLAGS_INHERIT_HANDLES | \
101  PROCESS_CREATE_FLAGS_OVERRIDE_ADDRESS_SPACE | \
102  PROCESS_CREATE_FLAGS_ALL_LARGE_PAGE_FLAGS)
103 
104 //
105 // Process priority classes
106 //
107 #define PROCESS_PRIORITY_CLASS_INVALID 0
108 #define PROCESS_PRIORITY_CLASS_IDLE 1
109 #define PROCESS_PRIORITY_CLASS_NORMAL 2
110 #define PROCESS_PRIORITY_CLASS_HIGH 3
111 #define PROCESS_PRIORITY_CLASS_REALTIME 4
112 #define PROCESS_PRIORITY_CLASS_BELOW_NORMAL 5
113 #define PROCESS_PRIORITY_CLASS_ABOVE_NORMAL 6
114 
115 //
116 // Process base priorities
117 //
118 #define PROCESS_PRIORITY_IDLE 3
119 #define PROCESS_PRIORITY_NORMAL 8
120 #define PROCESS_PRIORITY_NORMAL_FOREGROUND 9
121 
122 //
123 // Process memory priorities
124 //
125 #define MEMORY_PRIORITY_BACKGROUND 0
126 #define MEMORY_PRIORITY_UNKNOWN 1
127 #define MEMORY_PRIORITY_FOREGROUND 2
128 
129 //
130 // Process Priority Separation Values (OR)
131 //
132 #define PSP_DEFAULT_QUANTUMS 0x00
133 #define PSP_VARIABLE_QUANTUMS 0x04
134 #define PSP_FIXED_QUANTUMS 0x08
135 #define PSP_LONG_QUANTUMS 0x10
136 #define PSP_SHORT_QUANTUMS 0x20
137 
138 #ifndef NTOS_MODE_USER
139 //
140 // Thread Access Types
141 //
142 #define THREAD_QUERY_INFORMATION 0x0040
143 #define THREAD_SET_THREAD_TOKEN 0x0080
144 #define THREAD_IMPERSONATE 0x0100
145 #define THREAD_DIRECT_IMPERSONATION 0x0200
146 
147 //
148 // Process Access Types
149 //
150 #define PROCESS_TERMINATE 0x0001
151 #define PROCESS_CREATE_THREAD 0x0002
152 #define PROCESS_SET_SESSIONID 0x0004
153 #define PROCESS_VM_OPERATION 0x0008
154 #define PROCESS_VM_READ 0x0010
155 #define PROCESS_VM_WRITE 0x0020
156 #define PROCESS_CREATE_PROCESS 0x0080
157 #define PROCESS_SET_QUOTA 0x0100
158 #define PROCESS_SET_INFORMATION 0x0200
159 #define PROCESS_QUERY_INFORMATION 0x0400
160 #define PROCESS_SUSPEND_RESUME 0x0800
161 #define PROCESS_QUERY_LIMITED_INFORMATION 0x1000
162 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
163 #define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
164  SYNCHRONIZE | \
165  0xFFFF)
166 #else
167 #define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
168  SYNCHRONIZE | \
169  0xFFF)
170 #endif
171 
172 //
173 // Thread Base Priorities
174 //
175 #define THREAD_BASE_PRIORITY_LOWRT 15
176 #define THREAD_BASE_PRIORITY_MAX 2
177 #define THREAD_BASE_PRIORITY_MIN -2
178 #define THREAD_BASE_PRIORITY_IDLE -15
179 
180 //
181 // TLS Slots
182 //
183 #define TLS_MINIMUM_AVAILABLE 64
184 
185 //
186 // TEB Active Frame Flags
187 //
188 #define TEB_ACTIVE_FRAME_CONTEXT_FLAG_EXTENDED 0x1
189 
190 //
191 // Job Access Types
192 //
193 #define JOB_OBJECT_ASSIGN_PROCESS 0x1
194 #define JOB_OBJECT_SET_ATTRIBUTES 0x2
195 #define JOB_OBJECT_QUERY 0x4
196 #define JOB_OBJECT_TERMINATE 0x8
197 #define JOB_OBJECT_SET_SECURITY_ATTRIBUTES 0x10
198 #define JOB_OBJECT_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \
199  SYNCHRONIZE | \
200  31)
201 
202 //
203 // Job Limit Flags
204 //
205 #define JOB_OBJECT_LIMIT_WORKINGSET 0x1
206 #define JOB_OBJECT_LIMIT_PROCESS_TIME 0x2
207 #define JOB_OBJECT_LIMIT_JOB_TIME 0x4
208 #define JOB_OBJECT_LIMIT_ACTIVE_PROCESS 0x8
209 #define JOB_OBJECT_LIMIT_AFFINITY 0x10
210 #define JOB_OBJECT_LIMIT_PRIORITY_CLASS 0x20
211 #define JOB_OBJECT_LIMIT_PRESERVE_JOB_TIME 0x40
212 #define JOB_OBJECT_LIMIT_SCHEDULING_CLASS 0x80
213 #define JOB_OBJECT_LIMIT_PROCESS_MEMORY 0x100
214 #define JOB_OBJECT_LIMIT_JOB_MEMORY 0x200
215 #define JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION 0x400
216 #define JOB_OBJECT_LIMIT_BREAKAWAY_OK 0x800
217 #define JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK 0x1000
218 #define JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE 0x2000
219 
220 //
221 // Cross Thread Flags
222 //
223 #define CT_TERMINATED_BIT 0x1
224 #define CT_DEAD_THREAD_BIT 0x2
225 #define CT_HIDE_FROM_DEBUGGER_BIT 0x4
226 #define CT_ACTIVE_IMPERSONATION_INFO_BIT 0x8
227 #define CT_SYSTEM_THREAD_BIT 0x10
228 #define CT_HARD_ERRORS_ARE_DISABLED_BIT 0x20
229 #define CT_BREAK_ON_TERMINATION_BIT 0x40
230 #define CT_SKIP_CREATION_MSG_BIT 0x80
231 #define CT_SKIP_TERMINATION_MSG_BIT 0x100
232 
233 //
234 // Same Thread Passive Flags
235 //
236 #define STP_ACTIVE_EX_WORKER_BIT 0x1
237 #define STP_EX_WORKER_CAN_WAIT_USER_BIT 0x2
238 #define STP_MEMORY_MAKER_BIT 0x4
239 #define STP_KEYED_EVENT_IN_USE_BIT 0x8
240 
241 //
242 // Same Thread APC Flags
243 //
244 #define STA_LPC_RECEIVED_MSG_ID_VALID_BIT 0x1
245 #define STA_LPC_EXIT_THREAD_CALLED_BIT 0x2
246 #define STA_ADDRESS_SPACE_OWNER_BIT 0x4
247 #define STA_OWNS_WORKING_SET_BITS 0x1F8
248 
249 //
250 // Kernel Process flags (maybe in ketypes.h?)
251 //
252 #define KPSF_AUTO_ALIGNMENT_BIT 0
253 #define KPSF_DISABLE_BOOST_BIT 1
254 
255 //
256 // Process Flags
257 //
258 #define PSF_CREATE_REPORTED_BIT 0x1
259 #define PSF_NO_DEBUG_INHERIT_BIT 0x2
260 #define PSF_PROCESS_EXITING_BIT 0x4
261 #define PSF_PROCESS_DELETE_BIT 0x8
262 #define PSF_WOW64_SPLIT_PAGES_BIT 0x10
263 #define PSF_VM_DELETED_BIT 0x20
264 #define PSF_OUTSWAP_ENABLED_BIT 0x40
265 #define PSF_OUTSWAPPED_BIT 0x80
266 #define PSF_FORK_FAILED_BIT 0x100
267 #define PSF_WOW64_VA_SPACE_4GB_BIT 0x200
268 #define PSF_ADDRESS_SPACE_INITIALIZED_BIT 0x400
269 #define PSF_SET_TIMER_RESOLUTION_BIT 0x1000
270 #define PSF_BREAK_ON_TERMINATION_BIT 0x2000
271 #define PSF_SESSION_CREATION_UNDERWAY_BIT 0x4000
272 #define PSF_WRITE_WATCH_BIT 0x8000
273 #define PSF_PROCESS_IN_SESSION_BIT 0x10000
274 #define PSF_OVERRIDE_ADDRESS_SPACE_BIT 0x20000
275 #define PSF_HAS_ADDRESS_SPACE_BIT 0x40000
276 #define PSF_LAUNCH_PREFETCHED_BIT 0x80000
277 #define PSF_INJECT_INPAGE_ERRORS_BIT 0x100000
278 #define PSF_VM_TOP_DOWN_BIT 0x200000
279 #define PSF_IMAGE_NOTIFY_DONE_BIT 0x400000
280 #define PSF_PDE_UPDATE_NEEDED_BIT 0x800000
281 #define PSF_VDM_ALLOWED_BIT 0x1000000
282 #define PSF_SWAP_ALLOWED_BIT 0x2000000
283 #define PSF_CREATE_FAILED_BIT 0x4000000
284 #define PSF_DEFAULT_IO_PRIORITY_BIT 0x8000000
285 
286 //
287 // Vista Process Flags
288 //
289 #define PSF2_PROTECTED_BIT 0x800
290 #endif
291 
292 //
293 // TLS/FLS Defines
294 //
295 #define TLS_EXPANSION_SLOTS 1024
296 
297 #ifdef NTOS_MODE_USER
298 //
299 // Thread Native Base Priorities
300 //
301 #define LOW_PRIORITY 0
302 #define LOW_REALTIME_PRIORITY 16
303 #define HIGH_PRIORITY 31
304 #define MAXIMUM_PRIORITY 32
305 
306 //
307 // Current Process/Thread built-in 'special' handles
308 //
309 #define NtCurrentProcess() ((HANDLE)(LONG_PTR)-1)
310 #define ZwCurrentProcess() NtCurrentProcess()
311 #define NtCurrentThread() ((HANDLE)(LONG_PTR)-2)
312 #define ZwCurrentThread() NtCurrentThread()
313 
314 //
315 // Process/Thread/Job Information Classes for NtQueryInformationProcess/Thread/Job
316 //
317 typedef enum _PROCESSINFOCLASS
318 {
323  ProcessTimes,
368 
369 typedef enum _THREADINFOCLASS
370 {
372  ThreadTimes,
401 
402 #else
403 
405 {
410 
412 {
425 
426 //
427 // Power Event Events for Win32K Power Event Callback
428 //
429 typedef enum _PSPOWEREVENTTYPE
430 {
445 
446 //
447 // Power State Tasks for Win32K Power State Callback
448 //
449 typedef enum _POWERSTATETASK
450 {
468 
469 //
470 // Win32K Job Callback Types
471 //
473 {
478 
479 //
480 // Win32K Thread Callback Types
481 //
483 {
487 
488 //
489 // Declare empty structure definitions so that they may be referenced by
490 // routines before they are defined
491 //
492 struct _W32THREAD;
493 struct _W32PROCESS;
494 //struct _ETHREAD;
503 
504 //
505 // Win32K Process and Thread Callbacks
506 //
507 typedef
508 NTSTATUS
509 (NTAPI *PKWIN32_PROCESS_CALLOUT)(
510  _In_ struct _EPROCESS *Process,
512 );
513 
514 typedef
515 NTSTATUS
517  _In_ struct _ETHREAD *Thread,
519 );
520 
521 typedef
522 NTSTATUS
524  VOID
525 );
526 
527 typedef
528 NTSTATUS
531 );
532 
533 typedef
534 NTSTATUS
537 );
538 
539 typedef
540 NTSTATUS
543 );
544 
545 typedef
546 NTSTATUS
548  VOID
549 );
550 
551 typedef
552 NTSTATUS
555 );
556 
557 typedef
558 NTSTATUS
561 );
562 
563 typedef
564 NTSTATUS
567 );
568 
569 typedef
570 NTSTATUS
573 );
574 
575 typedef
576 NTSTATUS
579 );
580 
581 typedef
582 NTSTATUS
585 );
586 
587 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
588 typedef
589 NTSTATUS
591  _In_ struct _EPROCESS *Process,
594 );
595 #endif
596 
597 //
598 // Lego Callback
599 //
600 typedef
601 VOID
604 );
605 
606 #endif
607 
608 typedef NTSTATUS
610  VOID
611 );
612 
613 //
614 // Descriptor Table Entry Definition
615 //
616 #if (_M_IX86)
617 #define _DESCRIPTOR_TABLE_ENTRY_DEFINED
618 typedef struct _DESCRIPTOR_TABLE_ENTRY
619 {
620  ULONG Selector;
622 } DESCRIPTOR_TABLE_ENTRY, *PDESCRIPTOR_TABLE_ENTRY;
623 #endif
624 
625 //
626 // PEB Lock Routine
627 //
628 typedef VOID
630  PVOID PebLock
631 );
632 
633 //
634 // PEB Free Block Descriptor
635 //
636 typedef struct _PEB_FREE_BLOCK
637 {
638  struct _PEB_FREE_BLOCK* Next;
639  ULONG Size;
641 
642 //
643 // Initial PEB
644 //
645 typedef struct _INITIAL_PEB
646 {
650  union
651  {
653 #if (NTDDI_VERSION >= NTDDI_WS03)
654  struct
655  {
657 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
661 #else
662  BOOLEAN SpareBits:7;
663 #endif
664  };
665 #else
666  BOOLEAN SpareBool;
667 #endif
668  };
671 
672 //
673 // Initial TEB
674 //
675 typedef struct _INITIAL_TEB
676 {
683 
684 //
685 // TEB Active Frame Structures
686 //
688 {
693 
695 {
700 
701 typedef struct _TEB_ACTIVE_FRAME
702 {
705  PCTEB_ACTIVE_FRAME_CONTEXT Context;
707 typedef const struct _TEB_ACTIVE_FRAME *PCTEB_ACTIVE_FRAME;
708 
709 typedef struct _TEB_ACTIVE_FRAME_EX
710 {
715 
716 typedef struct _CLIENT_ID32
717 {
721 
722 typedef struct _CLIENT_ID64
723 {
727 
728 #if (NTDDI_VERSION < NTDDI_WS03)
729 typedef struct _Wx86ThreadState
730 {
731  PULONG CallBx86Eip;
732  PVOID DeallocationCpu;
733  BOOLEAN UseKnownWx86Dll;
734  CHAR OleStubInvoked;
735 } Wx86ThreadState, *PWx86ThreadState;
736 #endif
737 
738 //
739 // PEB.AppCompatFlags
740 // Tag FLAG_MASK_KERNEL
741 //
742 typedef enum _APPCOMPAT_FLAGS
743 {
749  DisableCicero = 0x100,
760  DoNotAddToCache = 0x80000000,
762 
763 
764 //
765 // Process Environment Block (PEB)
766 // Thread Environment Block (TEB)
767 //
768 #include "peb_teb.h"
769 
770 #ifdef _WIN64
771 //
772 // Explicit 32 bit PEB/TEB
773 //
774 #define EXPLICIT_32BIT
775 #include "peb_teb.h"
776 #undef EXPLICIT_32BIT
777 
778 //
779 // Explicit 64 bit PEB/TEB
780 //
781 #define EXPLICIT_64BIT
782 #include "peb_teb.h"
783 #undef EXPLICIT_64BIT
784 #endif
785 
786 #ifdef NTOS_MODE_USER
787 
788 //
789 // Process Information Structures for NtQueryProcessInformation
790 //
791 typedef struct _PROCESS_BASIC_INFORMATION
792 {
800 
801 typedef struct _PROCESS_ACCESS_TOKEN
802 {
803  HANDLE Token;
804  HANDLE Thread;
806 
807 typedef struct _PROCESS_DEVICEMAP_INFORMATION
808 {
809  union
810  {
811  struct
812  {
814  } Set;
815  struct
816  {
817  ULONG DriveMap;
818  UCHAR DriveType[32];
819  } Query;
820  };
822 
823 typedef struct _KERNEL_USER_TIMES
824 {
830 
831 typedef struct _POOLED_USAGE_AND_LIMITS
832 {
843 
844 typedef struct _PROCESS_SESSION_INFORMATION
845 {
848 
849 #endif
850 
852 {
856 
858 {
861 
862 //
863 // Apphelp SHIM Cache
864 //
866 {
872 
876 
877 
879 {
883 
884 
885 //
886 // Thread Information Structures for NtQueryProcessInformation
887 //
888 typedef struct _THREAD_BASIC_INFORMATION
889 {
897 
898 #ifndef NTOS_MODE_USER
899 
900 //
901 // Job Set Array
902 //
903 typedef struct _JOB_SET_ARRAY
904 {
909 
910 //
911 // EPROCESS Quota Structures
912 //
913 typedef struct _EPROCESS_QUOTA_ENTRY
914 {
920 
921 typedef struct _EPROCESS_QUOTA_BLOCK
922 {
928 
929 //
930 // Process Pagefault History
931 //
932 typedef struct _PAGEFAULT_HISTORY
933 {
940 
941 //
942 // Process Impersonation Information
943 //
945 {
951 
952 //
953 // Process Termination Port
954 //
955 typedef struct _TERMINATION_PORT
956 {
960 
961 //
962 // Per-Process APC Rate Limiting
963 //
964 typedef struct _PSP_RATE_APC
965 {
966  union
967  {
970  };
974 
975 //
976 // Executive Thread (ETHREAD)
977 //
978 typedef struct _ETHREAD
979 {
982  union
983  {
987  };
988  union
989  {
992  };
994  union
995  {
999 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1001 #endif
1002  };
1006 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1008 #else
1009  union
1010  {
1011  KSEMAPHORE LpcReplySemaphore;
1013  };
1014  union
1015  {
1016  PVOID LpcReplyMessage;
1017  PVOID LpcWaitingOnPort;
1018  };
1019 #endif
1020  PPS_IMPERSONATION_INFORMATION ImpersonationInfo;
1024 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1025  PPSP_RATE_APC RateControlApc;
1026 #else
1027  struct _EPROCESS *ThreadsProcess;
1028 #endif
1030  union
1031  {
1034  };
1038 #if (NTDDI_VERSION < NTDDI_LONGHORN)
1039  ULONG LpcReplyMessageId;
1040 #endif
1042 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1044 #else
1046 #endif
1047  union
1048  {
1049  struct
1050  {
1052 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1054 #else
1055  ULONG DeadThread:1;
1056 #endif
1064 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1069 #endif
1070  };
1072  };
1073  union
1074  {
1075  struct
1076  {
1081 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1083 #endif
1084  };
1086  };
1087  union
1088  {
1089  struct
1090  {
1093 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1095 #else
1096  ULONG AddressSpaceOwner:1;
1097 #endif
1104 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1108 #else
1109  ULONG ApcNeeded:1;
1110 #endif
1111  };
1113  };
1114 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1116 #else
1117  UCHAR ForwardClusterOnly;
1118 #endif
1121 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1123  union
1124  {
1127  };
1131 #endif
1132 } ETHREAD;
1133 
1134 //
1135 // Executive Process (EPROCESS)
1136 //
1137 typedef struct _EPROCESS
1138 {
1146  SIZE_T QuotaUsage[3]; /* 0=PagedPool, 1=NonPagedPool, 2=Pagefile */
1147  SIZE_T QuotaPeak[3]; /* ditto */
1153 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1154  union
1155  {
1159  };
1160 #else
1161  PVOID ExceptionPort;
1162 #endif
1166 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1169 #else
1171  KSPIN_LOCK HyperSpaceLock;
1172 #endif
1180  struct _EJOB *Job;
1183  PEPROCESS_QUOTA_BLOCK QuotaBlock;
1184  PPAGEFAULT_HISTORY WorkingSetWatch;
1191 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1194 #else
1195  PVOID Spare0[3];
1196 #endif
1197  union
1198  {
1201  };
1208 #ifdef _M_AMD64
1209  struct _WOW64_PROCESS *Wow64Process;
1210 #else
1212 #endif
1214 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1216 #else
1218 #endif
1221  struct _PEB* Peb;
1234 #ifdef _M_AMD64
1235  ULONG Spares[2];
1236 #else
1238 #endif
1240 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1241  union
1242  {
1243  struct
1244  {
1260  };
1262  };
1263 #else
1264  ULONG JobStatus;
1265 #endif
1266  union
1267  {
1268  struct
1269  {
1283 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1285 #else
1286  ULONG SessionCreationUnderway:1;
1287 #endif
1299 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1301 #else
1302  ULONG CreateFailed:1;
1303 #endif
1305 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1307 #else
1308  ULONG Spare1:1;
1309  ULONG Spare2:1;
1310 #endif
1311  };
1313  };
1315 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1317 #else
1318  USHORT NextPageColor;
1319 #endif
1320  union
1321  {
1322  struct
1323  {
1326  };
1328  };
1332 } EPROCESS;
1333 
1334 //
1335 // Job Token Filter Data
1336 //
1337 #include <pshpack1.h>
1338 typedef struct _PS_JOB_TOKEN_FILTER
1339 {
1350 
1351 //
1352 // Executive Job (EJOB)
1353 //
1354 typedef struct _EJOB
1355 {
1379  PPS_JOB_TOKEN_FILTER Filter;
1397 #if (NTDDI_VERSION >= NTDDI_WINXP) && (NTDDI_VERSION < NTDDI_WS03)
1399 #elif (NTDDI_VERSION >= NTDDI_WS03) && (NTDDI_VERSION < NTDDI_LONGHORN)
1401 #elif (NTDDI_VERSION >= NTDDI_LONGHORN)
1403 #endif
1407 } EJOB, *PEJOB;
1408 #include <poppack.h>
1409 
1410 //
1411 // Win32K Callback Registration Data
1412 //
1414 {
1418 
1420 {
1427 
1429 {
1434 
1436 {
1443 
1445 {
1451 
1453 {
1460 
1462 {
1465 
1467 {
1479 
1480 typedef struct _WIN32_CALLOUTS_FPNS
1481 {
1482  PKWIN32_PROCESS_CALLOUT ProcessCallout;
1483  PKWIN32_THREAD_CALLOUT ThreadCallout;
1484  PKWIN32_GLOBALATOMTABLE_CALLOUT GlobalAtomTableCallout;
1485  PKWIN32_POWEREVENT_CALLOUT PowerEventCallout;
1486  PKWIN32_POWERSTATE_CALLOUT PowerStateCallout;
1487  PKWIN32_JOB_CALLOUT JobCallout;
1488  PGDI_BATCHFLUSH_ROUTINE BatchFlushRoutine;
1489  PKWIN32_SESSION_CALLOUT DesktopOpenProcedure;
1490  PKWIN32_SESSION_CALLOUT DesktopOkToCloseProcedure;
1491  PKWIN32_SESSION_CALLOUT DesktopCloseProcedure;
1492  PKWIN32_SESSION_CALLOUT DesktopDeleteProcedure;
1493  PKWIN32_SESSION_CALLOUT WindowStationOkToCloseProcedure;
1494  PKWIN32_SESSION_CALLOUT WindowStationCloseProcedure;
1495  PKWIN32_SESSION_CALLOUT WindowStationDeleteProcedure;
1496  PKWIN32_SESSION_CALLOUT WindowStationParseProcedure;
1497  PKWIN32_SESSION_CALLOUT WindowStationOpenProcedure;
1498 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1499  PKWIN32_WIN32DATACOLLECTION_CALLOUT Win32DataCollectionProcedure;
1500 #endif
1502 
1503 #endif // !NTOS_MODE_USER
1504 
1505 #ifdef __cplusplus
1506 }; // extern "C"
1507 #endif
1508 
1509 #endif // _PSTYPES_H
struct _WIN32_POWEREVENT_PARAMETERS WIN32_POWEREVENT_PARAMETERS
KSEMAPHORE KeyedWaitSemaphore
Definition: pstypes.h:1007
LARGE_INTEGER WriteOperationCount
Definition: pstypes.h:1224
DWORD *typedef PVOID
Definition: winlogon.h:52
ULONG LimitFlags
Definition: pstypes.h:1370
PKWIN32_POWERSTATE_CALLOUT PowerStateCallout
Definition: pstypes.h:1486
struct _TEB_ACTIVE_FRAME_CONTEXT TEB_ACTIVE_FRAME_CONTEXT
enum _PROCESSINFOCLASS PROCESSINFOCLASS
struct _WIN32_CALLOUTS_FPNS * PWIN32_CALLOUTS_FPNS
LIST_ENTRY PostBlockList
Definition: pstypes.h:993
ULONGLONG Filler
Definition: pstypes.h:1200
struct _POOLED_USAGE_AND_LIMITS POOLED_USAGE_AND_LIMITS
BOOLEAN SpareBits
Definition: pstypes.h:660
struct _PROCESS_FOREGROUND_BACKGROUND PROCESS_FOREGROUND_BACKGROUND
_JOBOBJECTINFOCLASS
Definition: pstypes.h:411
ULONG64 UniqueProcess
Definition: pstypes.h:724
LIST_ENTRY MmProcessLinks
Definition: pstypes.h:1237
struct _PROCESS_PRIORITY_CLASS PROCESS_PRIORITY_CLASS
LARGE_INTEGER ExitTime
Definition: pstypes.h:984
HARDWARE_PTE PageDirectoryPte
Definition: pstypes.h:1199
struct _TERMINATION_PORT * PTERMINATION_PORT
ULONG EndOfJobTimeAction
Definition: pstypes.h:1380
ULONG Wow64SplitPages
Definition: pstypes.h:1274
LIST_ENTRY ThreadListEntry
Definition: pstypes.h:1035
struct _KERNEL_USER_TIMES * PKERNEL_USER_TIMES
LARGE_INTEGER ReadOperationCount
Definition: pstypes.h:1223
ULONG JobFlags
Definition: pstypes.h:1406
ULONG Spare1
Definition: pstypes.h:1106
const struct _TEB_ACTIVE_FRAME_CONTEXT * PCTEB_ACTIVE_FRAME_CONTEXT
Definition: pstypes.h:692
NTSTATUS(NTAPI * PPOST_PROCESS_INIT_ROUTINE)(VOID)
Definition: pstypes.h:609
ULONG SkipTerminationMsg
Definition: pstypes.h:1063
enum _PSW32THREADCALLOUTTYPE PSW32THREADCALLOUTTYPE
PVOID Win32StartParameter
Definition: pstypes.h:1000
struct _PS_IMPERSONATION_INFORMATION * PPS_IMPERSONATION_INFORMATION
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: pstypes.h:949
ULONG CapturedGroupCount
Definition: pstypes.h:1343
Type
Definition: Type.h:6
ULONG ReportCommitChanges
Definition: pstypes.h:1249
KAFFINITY AffinityMask
Definition: compat.h:579
PKWIN32_SESSION_CALLOUT WindowStationOkToCloseProcedure
Definition: pstypes.h:1493
struct _WIN32_CLOSEMETHOD_PARAMETERS * PWIN32_CLOSEMETHOD_PARAMETERS
OB_OPEN_REASON OpenReason
Definition: pstypes.h:1437
UCHAR CacheManagerActive
Definition: pstypes.h:1115
SINGLE_LIST_ENTRY NextApc
Definition: pstypes.h:968
struct _PS_JOB_TOKEN_FILTER PS_JOB_TOKEN_FILTER
ULONG WriteWatch
Definition: pstypes.h:1288
Definition: ntbasedef.h:627
ULONG Flags2
Definition: pstypes.h:1261
ULONG OwnsSystemWorkingSetShared
Definition: pstypes.h:1101
struct _PROCESS_DEVICEMAP_INFORMATION * PPROCESS_DEVICEMAP_INFORMATION
NTSTATUS(NTAPI * PKWIN32_OKTOCLOSEMETHOD_CALLOUT)(_In_ struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS *Parameters)
Definition: pstypes.h:559
PGDI_BATCHFLUSH_ROUTINE BatchFlushRoutine
Definition: pstypes.h:1488
ULONG BreakOnTermination
Definition: pstypes.h:1282
struct _THREAD_BASIC_INFORMATION THREAD_BASIC_INFORMATION
SIZE_T QuotaPeak[3]
Definition: pstypes.h:1147
BOOLEAN BitField
Definition: pstypes.h:652
LIST_ENTRY KeyedWaitChain
Definition: pstypes.h:986
HANDLE InheritedFromUniqueProcessId
Definition: pstypes.h:1186
PPSP_RATE_APC RateControlApc
Definition: pstypes.h:1025
SIZE_T PeakVirtualSize
Definition: pstypes.h:1149
enum _PSW32JOBCALLOUTTYPE PSW32JOBCALLOUTTYPE
LARGE_INTEGER TotalUserTime
Definition: pstypes.h:1360
ULONG CurrentIndex
Definition: pstypes.h:934
struct _EPROCESS_QUOTA_ENTRY EPROCESS_QUOTA_ENTRY
const char * PCSTR
Definition: typedefs.h:52
struct _TEB_ACTIVE_FRAME_EX TEB_ACTIVE_FRAME_EX
ULONG CapturedPrivilegesLength
Definition: pstypes.h:1348
UCHAR SubSystemMajorVersion
Definition: pstypes.h:1325
ULONG MemoryMaker
Definition: pstypes.h:1079
struct _TEB_ACTIVE_FRAME * Previous
Definition: pstypes.h:704
char CHAR
Definition: xmlstorage.h:175
LARGE_INTEGER CreateTime
Definition: pstypes.h:981
LARGE_INTEGER ThisPeriodTotalKernelTime
Definition: pstypes.h:1363
KEVENT Event
Definition: pstypes.h:1356
LARGE_INTEGER UserTime
Definition: winternl.h:981
struct _TEB_ACTIVE_FRAME * PTEB_ACTIVE_FRAME
EX_RUNDOWN_REF RundownProtect
Definition: pstypes.h:1036
KTHREAD Tcb
Definition: pstypes.h:980
PVOID ExceptionPortData
Definition: pstypes.h:1156
PFN_NUMBER NumberOfPrivatePages
Definition: pstypes.h:1177
struct _TEB_ACTIVE_FRAME TEB_ACTIVE_FRAME
PSID_AND_ATTRIBUTES CapturedSids
Definition: pstypes.h:1341
ULONG LpcReceivedMessageId
Definition: pstypes.h:1033
struct _PS_JOB_TOKEN_FILTER * PPS_JOB_TOKEN_FILTER
ULONG JobNotReallyActive
Definition: pstypes.h:1245
struct _TERMINATION_PORT TERMINATION_PORT
struct _POOLED_USAGE_AND_LIMITS * PPOOLED_USAGE_AND_LIMITS
_PSPROCESSPRIORITYMODE
Definition: pstypes.h:404
ERESOURCE JobLock
Definition: pstypes.h:1359
LIST_ENTRY ActiveTimerListHead
Definition: pstypes.h:1004
ULONG AlpcMessageId
Definition: pstypes.h:1122
ULONG TotalTerminatedProcesses
Definition: pstypes.h:1367
PVOID PACCESS_TOKEN
Definition: setypes.h:11
struct _PROCESS_SESSION_INFORMATION PROCESS_SESSION_INFORMATION
PVOID CloneRoot
Definition: pstypes.h:1176
PKWIN32_POWEREVENT_CALLOUT PowerEventCallout
Definition: pstypes.h:1485
ULONG OutswapEnabled
Definition: pstypes.h:1276
PFN_NUMBER NumberOfLockedPages
Definition: pstypes.h:1178
ULONG ProcessVerifierTarget
Definition: pstypes.h:1259
PVOID Token
Definition: pstypes.h:1378
KPROCESSOR_MODE AccessMode
Definition: pstypes.h:1471
ULONG CapturedGroupsLength
Definition: pstypes.h:1345
SIZE_T CommitChargeLimit
Definition: pstypes.h:1229
PKWIN32_THREAD_CALLOUT ThreadCallout
Definition: pstypes.h:1483
struct _EJOB * Job
Definition: pstypes.h:1180
PVOID KeyedWaitValue
Definition: pstypes.h:998
KAPC RateApc
Definition: pstypes.h:972
_In_ PVOID Parameter
Definition: ldrtypes.h:239
struct _PROCESS_ACCESS_TOKEN PROCESS_ACCESS_TOKEN
char * LPSTR
Definition: xmlstorage.h:182
ULONG Cookie
Definition: pstypes.h:1331
ULONGLONG WriteTransferCount
Definition: pstypes.h:1389
struct _TERMINATION_PORT * Next
Definition: pstypes.h:957
#define NTSYSAPI
Definition: ntoskrnl.h:14
ULONG PeakProcessMemoryUsed
Definition: pstypes.h:1394
ULONG ActiveProcesses
Definition: pstypes.h:1366
ULONG ForkFailed
Definition: pstypes.h:1278
enum _SYSTEM_POWER_STATE SYSTEM_POWER_STATE
struct _JOB_SET_ARRAY JOB_SET_ARRAY
NTSTATUS LastThreadExitStatus
Definition: pstypes.h:1220
HANDLE UniqueProcessId
Definition: pstypes.h:1144
LONG KPRIORITY
Definition: compat.h:454
ULONG PdeUpdateNeeded
Definition: pstypes.h:1296
PKWIN32_SESSION_CALLOUT DesktopCloseProcedure
Definition: pstypes.h:1491
SIZE_T Return
Definition: pstypes.h:918
SIZE_T QuotaUsage[3]
Definition: pstypes.h:1146
KPRIORITY BasePriority
Definition: compat.h:581
_In_ BOOLEAN Create
Definition: pstypes.h:512
ULONG Affinity
Definition: pstypes.h:1374
ULONG_PTR HardwareTrigger
Definition: pstypes.h:1174
PKSTART_ROUTINE StartAddress
Definition: pstypes.h:1032
ULONG ThreadIoPriority
Definition: pstypes.h:1066
uint32_t ULONG_PTR
Definition: typedefs.h:64
LARGE_INTEGER CreateTime
Definition: pstypes.h:1141
NTSTATUS ExitStatus
Definition: pstypes.h:1314
EPROCESS_QUOTA_ENTRY QuotaEntry[3]
Definition: pstypes.h:923
LARGE_INTEGER ExitTime
Definition: winternl.h:979
PVOID DeviceMap
Definition: pstypes.h:1190
SIZE_T PeakNonPagedPoolUsage
Definition: pstypes.h:138
UCHAR PriorityClass
Definition: pstypes.h:1329
NTSTATUS(NTAPI * PKWIN32_THREAD_CALLOUT)(_In_ struct _ETHREAD *Thread, _In_ PSW32THREADCALLOUTTYPE Type)
Definition: pstypes.h:516
struct _WIN32_JOBCALLOUT_PARAMETERS * PWIN32_JOBCALLOUT_PARAMETERS
ULONG NumaAware
Definition: pstypes.h:1255
ULONG CacheManagerCount
Definition: pstypes.h:1130
struct _ETHREAD * ReaperLink
Definition: pstypes.h:997
struct _CLIENT_ID32 CLIENT_ID32
ULONG AccountingFolded
Definition: pstypes.h:1246
struct _WIN32_POWEREVENT_PARAMETERS * PWIN32_POWEREVENT_PARAMETERS
PKWIN32_SESSION_CALLOUT WindowStationDeleteProcedure
Definition: pstypes.h:1495
ULONG OwnsSessionWorkingSetShared
Definition: pstypes.h:1103
struct _PROCESS_FOREGROUND_BACKGROUND * PPROCESS_FOREGROUND_BACKGROUND
ULONG PFN_NUMBER
Definition: ke.h:8
struct _INITIAL_TEB * PINITIAL_TEB
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
enum _PSPROCESSPRIORITYMODE PSPROCESSPRIORITYMODE
PPS_IMPERSONATION_INFORMATION ImpersonationInfo
Definition: pstypes.h:1020
KSTART_ROUTINE * PKSTART_ROUTINE
Definition: ketypes.h:472
ULONG ProcessExiting
Definition: pstypes.h:1272
_PSW32THREADCALLOUTTYPE
Definition: pstypes.h:482
KSEMAPHORE AlpcWaitSemaphore
Definition: pstypes.h:1129
ULONG ThreadInserted
Definition: pstypes.h:1053
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
ULONG RefTraceEnabled
Definition: pstypes.h:1254
uint64_t ULONG64
Definition: typedefs.h:66
struct _WIN32_PARSEMETHOD_PARAMETERS WIN32_PARSEMETHOD_PARAMETERS
ULONG ActiveThreads
Definition: pstypes.h:1213
PVOID Win32StartAddress
Definition: pstypes.h:1029
struct _EPROCESS EPROCESS
ULONG ActiveExWorker
Definition: pstypes.h:1077
ULONG OwnsSessionWorkingSetExclusive
Definition: pstypes.h:1102
const struct _TEB_ACTIVE_FRAME * PCTEB_ACTIVE_FRAME
Definition: pstypes.h:707
struct _INITIAL_PEB * PINITIAL_PEB
NTSTATUS(NTAPI * PKWIN32_JOB_CALLOUT)(_In_ struct _WIN32_JOBCALLOUT_PARAMETERS *Parameters)
Definition: pstypes.h:541
struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS * PWIN32_OKAYTOCLOSEMETHOD_PARAMETERS
ULONGLONG ReadTransferCount
Definition: pstypes.h:1388
PVOID Win32WindowStation
Definition: pstypes.h:1185
BOOLEAN ReadImageFileExecOptions
Definition: pstypes.h:648
PKWIN32_JOB_CALLOUT JobCallout
Definition: pstypes.h:1487
LIST_ENTRY LpcReplyChain
Definition: pstypes.h:985
BOOLEAN ImageUsesLargePages
Definition: pstypes.h:656
ULONG SchedulingClass
Definition: pstypes.h:1384
struct _PEB * Peb
Definition: pstypes.h:1221
TEB_ACTIVE_FRAME BasicFrame
Definition: pstypes.h:711
ULONG SameThreadPassiveFlags
Definition: pstypes.h:1085
LARGE_INTEGER OtherTransferCount
Definition: pstypes.h:1228
ULONG ReportPhysicalPageChanges
Definition: pstypes.h:1251
#define _Out_
Definition: no_sal2.h:323
struct _WIN32_OPENMETHOD_PARAMETERS WIN32_OPENMETHOD_PARAMETERS
PVOID AlpcMessage
Definition: pstypes.h:1125
PVOID StackBase
Definition: pstypes.h:679
LIST_ENTRY ProcessListHead
Definition: pstypes.h:1358
ULONG SpareUlong0
Definition: pstypes.h:1043
LARGE_INTEGER ThisPeriodTotalUserTime
Definition: pstypes.h:1362
PKWIN32_SESSION_CALLOUT DesktopOkToCloseProcedure
Definition: pstypes.h:1490
ULONG Outswapped
Definition: pstypes.h:1277
LIST_ENTRY ThreadListHead
Definition: pstypes.h:1206
enum _PSPOWEREVENTTYPE PSPOWEREVENTTYPE
ULONG MemberLevel
Definition: pstypes.h:1405
LARGE_INTEGER PerProcessUserTimeLimit
Definition: pstypes.h:1368
PKWIN32_SESSION_CALLOUT DesktopDeleteProcedure
Definition: pstypes.h:1492
PVOID SectionObject
Definition: pstypes.h:1181
ULONG HandleTableRundown
Definition: pstypes.h:1252
struct _INITIAL_TEB INITIAL_TEB
PVOID VdmObjects
Definition: pstypes.h:1189
PCTEB_ACTIVE_FRAME_CONTEXT Context
Definition: pstypes.h:705
struct _TERMINATION_PORT * TerminationPort
Definition: pstypes.h:996
TEB_ACTIVE_FRAME_CONTEXT BasicContext
Definition: pstypes.h:696
_APPCOMPAT_FLAGS
Definition: pstypes.h:742
ULONG_PTR InheritedFromUniqueProcessId
Definition: pstypes.h:340
struct _PSP_RATE_APC * PPSP_RATE_APC
ULONG CreateReported
Definition: pstypes.h:1270
EX_PUSH_LOCK AddressCreationLock
Definition: pstypes.h:1167
PVOID Session
Definition: pstypes.h:1202
ULONG MemberLevel
Definition: pstypes.h:906
BOOLEAN BeingDebugged
Definition: pstypes.h:649
VOID(NTAPI * PPEBLOCKROUTINE)(PVOID PebLock)
Definition: pstypes.h:629
SE_AUDIT_PROCESS_CREATION_INFO SeAuditProcessCreationInfo
Definition: pstypes.h:1232
FAST_MUTEX
Definition: extypes.h:17
UNICODE_STRING ImageName
Definition: pstypes.h:880
NTSTATUS(NTAPI * PKWIN32_PARSEMETHOD_CALLOUT)(_In_ struct _WIN32_PARSEMETHOD_PARAMETERS *Parameters)
Definition: pstypes.h:577
struct _CLIENT_ID64 CLIENT_ID64
ULONG CurrentJobMemoryUsed
Definition: pstypes.h:1396
PVOID SecurityPort
Definition: pstypes.h:1207
unsigned char BOOLEAN
LIST_ENTRY SessionProcessLinks
Definition: pstypes.h:1151
ULONG AlpcReceiveAttributeSet
Definition: pstypes.h:1126
UCHAR SubSystemMinorVersion
Definition: pstypes.h:1324
ULONG ModifiedPageCount
Definition: pstypes.h:1239
ULONG VmDeleted
Definition: pstypes.h:1275
NTSTATUS(NTAPI * PKWIN32_GLOBALATOMTABLE_CALLOUT)(VOID)
Definition: pstypes.h:523
ULONG VmTopDown
Definition: pstypes.h:1294
ULONG MaximumWorkingSetSize
Definition: pstypes.h:1372
PVOID CompletionPort
Definition: pstypes.h:1381
EX_PUSH_LOCK MemoryLimitsLock
Definition: pstypes.h:1402
ULONG ExitProcessReported
Definition: pstypes.h:1248
ULONG NeedsHandleRundown
Definition: pstypes.h:1253
NTSTATUS(NTAPI * PKWIN32_SESSION_CALLOUT)(_In_ PVOID Parameter)
Definition: pstypes.h:583
struct _PAGEFAULT_HISTORY PAGEFAULT_HISTORY
ULONG UniqueProcess
Definition: pstypes.h:718
EX_FAST_REF Token
Definition: pstypes.h:1164
uint64_t ULONGLONG
Definition: typedefs.h:66
LARGE_INTEGER CreateTime
Definition: winternl.h:978
PKWIN32_GLOBALATOMTABLE_CALLOUT GlobalAtomTableCallout
Definition: pstypes.h:1484
CLIENT_ID Cid
Definition: pstypes.h:1005
LIST_ENTRY JobLinks
Definition: pstypes.h:1357
ULONG NewProcessReported
Definition: pstypes.h:1247
UCHAR ExceptionPortState
Definition: pstypes.h:1158
enum _THREADINFOCLASS THREADINFOCLASS
struct _PROCESS_BASIC_INFORMATION * PPROCESS_BASIC_INFORMATION
enum _APPCOMPAT_FLAGS APPCOMPAT_FLAGS
struct _WIN32_DELETEMETHOD_PARAMETERS * PWIN32_DELETEMETHOD_PARAMETERS
HANDLE JobHandle
Definition: pstypes.h:905
PKWIN32_SESSION_CALLOUT WindowStationCloseProcedure
Definition: pstypes.h:1494
struct _APPHELP_CACHE_SERVICE_LOOKUP * PAPPHELP_CACHE_SERVICE_LOOKUP
struct _WIN32_PARSEMETHOD_PARAMETERS * PWIN32_PARSEMETHOD_PARAMETERS
PVOID AweInfo
Definition: pstypes.h:1231
SIZE_T CommitChargePeak
Definition: pstypes.h:1230
struct _WIN32_DELETEMETHOD_PARAMETERS WIN32_DELETEMETHOD_PARAMETERS
ULONG SkipCreationMsg
Definition: pstypes.h:1062
struct _PROCESS_DEVICEMAP_INFORMATION::@3371::@3373 Query
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
ULONG ImagePathHash
Definition: pstypes.h:1215
ULONG BreakOnTermination
Definition: pstypes.h:1061
const struct _TEB_ACTIVE_FRAME_EX * PCTEB_ACTIVE_FRAME_EX
Definition: pstypes.h:714
ULONG_PTR TopLevelIrp
Definition: pstypes.h:1022
PVOID CompletionKey
Definition: pstypes.h:1382
PSPOWEREVENTTYPE EventNumber
Definition: pstypes.h:1415
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
struct _EPROCESS_QUOTA_BLOCK * PEPROCESS_QUOTA_BLOCK
struct _PS_IMPERSONATION_INFORMATION PS_IMPERSONATION_INFORMATION
ULONG ActiveImpersonationInfo
Definition: pstypes.h:1058
ULONG SmapAllowed
Definition: pstypes.h:1298
LARGE_INTEGER WriteTransferCount
Definition: pstypes.h:1227
NTSTATUS(NTAPI * PKWIN32_POWERSTATE_CALLOUT)(_In_ struct _WIN32_POWERSTATE_PARAMETERS *Parameters)
Definition: pstypes.h:535
ULONG DefaultIoPriority
Definition: pstypes.h:1304
PVOID StackLimit
Definition: pstypes.h:680
ULONGLONG TargetGEneration
Definition: pstypes.h:971
BOOLEAN IsLegacyProcess
Definition: pstypes.h:659
ULONG VdmAllowed
Definition: pstypes.h:1297
struct _EJOB EJOB
PLUID_AND_ATTRIBUTES CapturedPrivileges
Definition: pstypes.h:1347
struct _WIN32_CALLOUTS_FPNS WIN32_CALLOUTS_FPNS
PEPROCESS_QUOTA_BLOCK QuotaBlock
Definition: pstypes.h:1183
ULONG SetTimerResolution
Definition: pstypes.h:1281
unsigned char UCHAR
Definition: xmlstorage.h:181
PVOID * Win32Process
Definition: pstypes.h:1179
_PSPOWEREVENTTYPE
Definition: pstypes.h:429
LARGE_INTEGER PerJobUserTimeLimit
Definition: pstypes.h:1369
struct _WIN32_OPENMETHOD_PARAMETERS * PWIN32_OPENMETHOD_PARAMETERS
KSPIN_LOCK SpinLock
Definition: pstypes.h:936
PKWIN32_SESSION_CALLOUT DesktopOpenProcedure
Definition: pstypes.h:1489
ULONG CrossThreadFlags
Definition: pstypes.h:1071
struct _EJOB * PEJOB
LARGE_INTEGER TotalKernelTime
Definition: pstypes.h:1361
ULONG ProcessInserted
Definition: pstypes.h:1300
ULONG CapturedSidsLength
Definition: pstypes.h:1342
LIST_ENTRY ActiveProcessLinks
Definition: pstypes.h:1145
ULONG JobMemoryLimit
Definition: pstypes.h:1393
POWER_ACTION
Definition: ntpoapi.h:122
PSID_AND_ATTRIBUTES CapturedGroups
Definition: pstypes.h:1344
PVOID AllocatedStackBase
Definition: pstypes.h:681
#define VOID
Definition: acefi.h:69
PSECURITY_QUALITY_OF_SERVICE SecurityQos
Definition: pstypes.h:1476
ULONG ReadClusterSize
Definition: pstypes.h:1041
PPS_JOB_TOKEN_FILTER Filter
Definition: pstypes.h:1379
EX_FAST_REF PrefetchTrace
Definition: pstypes.h:1222
Definition: ketypes.h:520
ULONG SecurityLimitFlags
Definition: pstypes.h:1377
EX_RUNDOWN_REF RundownProtect
Definition: pstypes.h:1143
PDEVICE_OBJECT DeviceToVerify
Definition: pstypes.h:1023
ULONG ProcessMemoryLimit
Definition: pstypes.h:1392
Definition: typedefs.h:118
PVOID LdtInformation
Definition: pstypes.h:1187
struct _APPHELP_CACHE_SERVICE_LOOKUP APPHELP_CACHE_SERVICE_LOOKUP
KPROCESS Pcb
Definition: pstypes.h:1139
ULONGLONG OtherOperationCount
Definition: pstypes.h:1387
ULONG OwnsSystemWorkingSetExclusive
Definition: pstypes.h:1100
struct _WIN32_POWERSTATE_PARAMETERS * PWIN32_POWERSTATE_PARAMETERS
ULONG TotalProcesses
Definition: pstypes.h:1365
PVOID ExtensionIdentifier
Definition: pstypes.h:712
struct _KERNEL_USER_TIMES KERNEL_USER_TIMES
struct _JOB_SET_ARRAY * PJOB_SET_ARRAY
ULONG SuppressSymbolLoad
Definition: pstypes.h:1105
struct _WIN32_OKAYTOCLOSEMETHOD_PARAMETERS WIN32_OKAYTOCLOSEMETHOD_PARAMETERS
UCHAR PriorityClass
Definition: pstypes.h:1375
PPAGEFAULT_HISTORY WorkingSetWatch
Definition: pstypes.h:1184
PROCESS_WS_WATCH_INFORMATION WatchInfo[1]
Definition: pstypes.h:938
ULONG SystemThread
Definition: pstypes.h:1059
PVOID LockedPagesList
Definition: pstypes.h:1205
struct _PEB_FREE_BLOCK PEB_FREE_BLOCK
PVOID VadFreeHint
Definition: pstypes.h:1188
ULONG ActiveProcessLimit
Definition: pstypes.h:1373
struct _PROCESS_ACCESS_TOKEN * PPROCESS_ACCESS_TOKEN
MMSUPPORT Vm
Definition: pstypes.h:1233
ULONG ImageNotifyDone
Definition: pstypes.h:1295
ULONG LastReportMemory
Definition: pstypes.h:1250
enum _OB_OPEN_REASON OB_OPEN_REASON
struct _PROCESS_SESSION_INFORMATION * PPROCESS_SESSION_INFORMATION
SYSTEM_POWER_STATE MinSystemState
Definition: pstypes.h:1423
PVOID OfsChain
Definition: pstypes.h:991
Definition: compat.h:428
struct _CLIENT_ID64 * PCLIENT_ID64
ULONG Flags
Definition: pstypes.h:907
#define _In_
Definition: no_sal2.h:204
PHANDLE_TABLE ObjectTable
Definition: pstypes.h:1163
PMM_AVL_TABLE PhysicalVadRoot
Definition: pstypes.h:1175
struct _PROCESS_DEVICEMAP_INFORMATION PROCESS_DEVICEMAP_INFORMATION
ULONG_PTR SIZE_T
Definition: typedefs.h:79
HANDLE Mutant
Definition: pstypes.h:669
ULONG OverrideAddressSpace
Definition: pstypes.h:1290
ULONG ExceptionPortValue
Definition: pstypes.h:1157
DWORD *typedef HANDLE
Definition: winlogon.h:52
ULONG LaunchPrefetched
Definition: pstypes.h:1292
ULONG HasAddressSpace
Definition: pstypes.h:1291
LONG NTSTATUS
Definition: DriverTester.h:11
NTSTATUS ExitStatus
Definition: pstypes.h:990
_POWERSTATETASK
Definition: pstypes.h:449
ULONGLONG OtherTransferCount
Definition: pstypes.h:1390
ULONG LpcExitThreadCalled
Definition: pstypes.h:1092
LIST_ENTRY AlpcWaitListEntry
Definition: pstypes.h:1128
POBJECT_TYPE NTSYSAPI PsJobType
Definition: job.c:19
Definition: ntddk_ex.h:242
NTSTATUS(NTAPI * PKWIN32_OPENMETHOD_CALLOUT)(_In_ struct _WIN32_OPENMETHOD_PARAMETERS *Parameters)
Definition: pstypes.h:553
SIZE_T Usage
Definition: pstypes.h:915
PVOID DebugPort
Definition: pstypes.h:1152
struct _INITIAL_PEB INITIAL_PEB
ULONG PendingRatecontrol
Definition: pstypes.h:1068
NTSTATUS(NTAPI * PKWIN32_DELETEMETHOD_CALLOUT)(_In_ struct _WIN32_DELETEMETHOD_PARAMETERS *Parameters)
Definition: pstypes.h:571
USHORT Spare7
Definition: pstypes.h:1316
unsigned short USHORT
Definition: pedump.c:61
ULONG SparePsFlags1
Definition: pstypes.h:1306
ULONG MinimumWorkingSetSize
Definition: pstypes.h:1371
struct _CLIENT_ID32 * PCLIENT_ID32
ULONG_PTR KAFFINITY
Definition: compat.h:75
ULONG UIRestrictionsClass
Definition: pstypes.h:1376
struct _EPROCESS_QUOTA_BLOCK EPROCESS_QUOTA_BLOCK
LIST_ENTRY QuotaList
Definition: pstypes.h:924
ULONG Terminated
Definition: pstypes.h:1051
ULONG KSPIN_LOCK
Definition: env_spec_w32.h:72
SIZE_T Limit
Definition: pstypes.h:916
ULONG TotalPageFaultCount
Definition: pstypes.h:1364
_APPHELPCACHESERVICECLASS
Definition: pstypes.h:865
NTSTATUS(NTAPI * PKWIN32_WIN32DATACOLLECTION_CALLOUT)(_In_ struct _EPROCESS *Process, _In_ PVOID Callback, _In_ PVOID Context)
Definition: pstypes.h:590
ULONG OwnsProcessWorkingSetShared
Definition: pstypes.h:1099
PVOID EtwDataSource
Definition: pstypes.h:1192
UCHAR ActiveFaultCount
Definition: pstypes.h:1120
enum _APPHELPCACHESERVICECLASS APPHELPCACHESERVICECLASS
ULONG CapturedPrivilegeCount
Definition: pstypes.h:1346
struct _WIN32_CLOSEMETHOD_PARAMETERS WIN32_CLOSEMETHOD_PARAMETERS
unsigned int * PULONG
Definition: retypes.h:1
LIST_ENTRY JobLinks
Definition: pstypes.h:1204
PETHREAD RotateInProgress
Definition: pstypes.h:1168
struct _PAGEFAULT_HISTORY * PPAGEFAULT_HISTORY
NTSTATUS(NTAPI * PGDI_BATCHFLUSH_ROUTINE)(VOID)
Definition: pstypes.h:547
struct _PEB_FREE_BLOCK * PPEB_FREE_BLOCK
ULONG DeprioritizeViews
Definition: pstypes.h:1284
struct _THREAD_BASIC_INFORMATION * PTHREAD_BASIC_INFORMATION
LIST_ENTRY JobSetLinks
Definition: pstypes.h:1404
struct _PROCESS_DEVICEMAP_INFORMATION::@3371::@3372 Set
ULONGLONG ReadOperationCount
Definition: pstypes.h:1385
struct _PROCESS_PRIORITY_CLASS * PPROCESS_PRIORITY_CLASS
ULONG DefaultHardErrorProcessing
Definition: pstypes.h:1219
ULONG SessionId
Definition: pstypes.h:1383
ULONG Flags
Definition: pstypes.h:1312
ULONG NoDebugInherit
Definition: pstypes.h:1271
LARGE_INTEGER OtherOperationCount
Definition: pstypes.h:1225
enum _POWERSTATETASK POWERSTATETASK
LARGE_INTEGER ReadTransferCount
Definition: pstypes.h:1226
_THREADINFOCLASS
Definition: compat.h:583
ULONG ProcessDelete
Definition: pstypes.h:1273
PVOID FreeTebHint
Definition: pstypes.h:1193
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
VOID(NTAPI * PLEGO_NOTIFY_ROUTINE)(_In_ PKTHREAD Thread)
Definition: pstypes.h:602
ULONG DefaultPagePriority
Definition: pstypes.h:1257
ULONGLONG WriteOperationCount
Definition: pstypes.h:1386
struct _WIN32_JOBCALLOUT_PARAMETERS WIN32_JOBCALLOUT_PARAMETERS
struct _EPROCESS_QUOTA_ENTRY * PEPROCESS_QUOTA_ENTRY
PSW32JOBCALLOUTTYPE CalloutType
Definition: pstypes.h:1431
struct _TEB_ACTIVE_FRAME_EX * PTEB_ACTIVE_FRAME_EX
struct _TEB_ACTIVE_FRAME_CONTEXT_EX TEB_ACTIVE_FRAME_CONTEXT_EX
ULONG ProtectedProcess
Definition: pstypes.h:1256
struct tagContext Context
Definition: acpixf.h:1013
ULONG ERESOURCE
Definition: env_spec_w32.h:594
CHAR ImageFileName[16]
Definition: pstypes.h:1203
NTSTATUS(NTAPI * PKWIN32_POWEREVENT_CALLOUT)(_In_ struct _WIN32_POWEREVENT_PARAMETERS *Parameters)
Definition: pstypes.h:529
PKWIN32_SESSION_CALLOUT WindowStationOpenProcedure
Definition: pstypes.h:1497
unsigned int ULONG
Definition: retypes.h:1
struct _PROCESS_BASIC_INFORMATION PROCESS_BASIC_INFORMATION
typedef NTSTATUS(NTAPI *PKWIN32_PROCESS_CALLOUT)(_In_ struct _EPROCESS *Process
ULONG KeyedEventInUse
Definition: pstypes.h:1080
ULONG ProcessDeleteSelf
Definition: pstypes.h:1258
PVOID PaeTop
Definition: pstypes.h:1211
Definition: pstypes.h:913
struct _TEB_ACTIVE_FRAME_CONTEXT_EX * PTEB_ACTIVE_FRAME_CONTEXT_EX
struct _WIN32_POWERSTATE_PARAMETERS WIN32_POWERSTATE_PARAMETERS
const struct _TEB_ACTIVE_FRAME_CONTEXT_EX * PCTEB_ACTIVE_FRAME_CONTEXT_EX
Definition: pstypes.h:699
EX_PUSH_LOCK ProcessLock
Definition: pstypes.h:1140
ULONG PriorityRegionActive
Definition: pstypes.h:1107
PETHREAD ForkInProgress
Definition: pstypes.h:1173
ULONG OwnsProcessWorkingSetExclusive
Definition: pstypes.h:1098
POWERSTATETASK PowerStateTask
Definition: pstypes.h:1425
PUNICODE_STRING RemainingName
Definition: pstypes.h:1474
ULONG ExWorkerCanWaitUser
Definition: pstypes.h:1078
PKWIN32_SESSION_CALLOUT WindowStationParseProcedure
Definition: pstypes.h:1496
ULONG AddressSpaceInitialized
Definition: pstypes.h:1280
UCHAR DisablePageFaultClustering
Definition: pstypes.h:1119
ULONG SameThreadApcFlags
Definition: pstypes.h:1112
USHORT SubSystemVersion
Definition: pstypes.h:1327
ULONG Wow64VaSpace4Gb
Definition: pstypes.h:1279
PKWIN32_PROCESS_CALLOUT ProcessCallout
Definition: pstypes.h:1482
PVOID PreviousStackBase
Definition: pstypes.h:677
EX_PUSH_LOCK ThreadLock
Definition: pstypes.h:1037
struct _TEB_ACTIVE_FRAME_CONTEXT * PTEB_ACTIVE_FRAME_CONTEXT
PVOID PreviousStackLimit
Definition: pstypes.h:678
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13
LARGE_INTEGER ExitTime
Definition: pstypes.h:1142
ULONG HardErrorsAreDisabled
Definition: pstypes.h:1060
PVOID SectionBaseAddress
Definition: pstypes.h:1182
SIZE_T VirtualSize
Definition: pstypes.h:1150
enum _JOBOBJECTINFOCLASS JOBOBJECTINFOCLASS
SIZE_T CommitCharge
Definition: pstypes.h:1148
struct _PEB_FREE_BLOCK * Next
Definition: ntddk_ex.h:234
MM_AVL_TABLE VadRoot
Definition: pstypes.h:1330
ULONG HideFromDebugger
Definition: pstypes.h:1057
_Out_ PUNICODE_STRING CompleteName
Definition: pstypes.h:1473
ULONG UniqueThread
Definition: pstypes.h:719
ULONG64 UniqueThread
Definition: pstypes.h:725
LPFNPSPCALLBACK Callback
Definition: desk.c:111
ULONGLONG ExcessCycles
Definition: pstypes.h:969
_PROCESSINFOCLASS
Definition: winternl.h:392
LARGE_INTEGER KernelTime
Definition: winternl.h:980
LIST_ENTRY IrpList
Definition: pstypes.h:1021
PKWIN32_WIN32DATACOLLECTION_CALLOUT Win32DataCollectionProcedure
Definition: pstypes.h:1499
BOOLEAN IsProtectedProcess
Definition: pstypes.h:658
_PSW32JOBCALLOUTTYPE
Definition: pstypes.h:472
ULONG InjectInpageErrors
Definition: pstypes.h:1293
ULONG ACCESS_MASK
Definition: nt_native.h:40
SIZE_T Peak
Definition: pstypes.h:917
ULONG CreateMsgSent
Definition: pstypes.h:1065
ULONG ThreadPagePriority
Definition: pstypes.h:1067
ULONG LpcReceivedMsgIdValid
Definition: pstypes.h:1091
struct _ETHREAD ETHREAD
IN SCSI_ADAPTER_CONTROL_TYPE IN PVOID Parameters
Definition: srb.h:488
NTSTATUS(NTAPI * PKWIN32_CLOSEMETHOD_CALLOUT)(_In_ struct _WIN32_CLOSEMETHOD_PARAMETERS *Parameters)
Definition: pstypes.h:565
BOOLEAN InheritedAddressSpace
Definition: pstypes.h:647
PFN_NUMBER WorkingSetPage
Definition: pstypes.h:1165
struct _PSP_RATE_APC PSP_RATE_APC
ULONG RateApcState
Definition: pstypes.h:1082
ULONG PeakJobMemoryUsed
Definition: pstypes.h:1395
IO_COUNTERS IoInfo
Definition: pstypes.h:1391
ULONG ProcessInSession
Definition: pstypes.h:1289
ULONG Spare
Definition: pstypes.h:1094
_In_ PSTORAGE_PROPERTY_ID _Outptr_ PSTORAGE_DESCRIPTOR_HEADER * Descriptor
Definition: classpnp.h:966
KSPIN_LOCK ActiveTimerListLock
Definition: pstypes.h:1003