archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/base/published/ntpsapi.w

1421 lines
36 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /*++ BUILD Version: 0007 // Increment this if a change has global effects
  3. Copyright (c) Microsoft Corporation. All rights reserved.
  5. Module Name:
  7. ntpsapi.h
  9. Abstract:
  11. This module contains the process structure APIs and any public data
  12. structures needed to call these APIs.
  14. Author:
  16. Mark Lucovsky (markl) 24-Feb-1989
  18. Revision History:
  20. --*/
  22. #ifndef _NTPSAPI_
  23. #define _NTPSAPI_
  25. #if _MSC_VER > 1000
  26. #pragma once
  27. #endif
  29. #ifdef __cplusplus
  30. extern "C" {
  31. #endif
  33. //
  34. // Process Specific Access Rights
  35. //
  37. #define PROCESS_TERMINATE (0x0001) // winnt
  38. #define PROCESS_CREATE_THREAD (0x0002) // winnt
  39. #define PROCESS_SET_SESSIONID (0x0004) // winnt
  40. #define PROCESS_VM_OPERATION (0x0008) // winnt
  41. #define PROCESS_VM_READ (0x0010) // winnt
  42. #define PROCESS_VM_WRITE (0x0020) // winnt
  43. // begin_ntddk begin_wdm begin_ntifs
  44. #define PROCESS_DUP_HANDLE (0x0040) // winnt
  45. // end_ntddk end_wdm end_ntifs
  46. #define PROCESS_CREATE_PROCESS (0x0080) // winnt
  47. #define PROCESS_SET_QUOTA (0x0100) // winnt
  48. #define PROCESS_SET_INFORMATION (0x0200) // winnt
  49. #define PROCESS_QUERY_INFORMATION (0x0400) // winnt
  50. #define PROCESS_SET_PORT (0x0800)
  51. #define PROCESS_SUSPEND_RESUME (0x0800) // winnt
  53. // begin_winnt begin_ntddk begin_wdm begin_ntifs
  54. #define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | \
  55. 0xFFF)
  56. // begin_nthal
  58. #if defined(_WIN64)
  60. #define MAXIMUM_PROCESSORS 64
  62. #else
  64. #define MAXIMUM_PROCESSORS 32
  66. #endif
  68. // end_nthal
  70. // end_winnt
  72. //
  73. // Thread Specific Access Rights
  74. //
  76. #define THREAD_TERMINATE (0x0001) // winnt
  77. // end_ntddk end_wdm end_ntifs
  78. #define THREAD_SUSPEND_RESUME (0x0002) // winnt
  79. #define THREAD_ALERT (0x0004)
  80. #define THREAD_GET_CONTEXT (0x0008) // winnt
  81. #define THREAD_SET_CONTEXT (0x0010) // winnt
  82. // begin_ntddk begin_wdm begin_ntifs
  83. #define THREAD_SET_INFORMATION (0x0020) // winnt
  84. // end_ntddk end_wdm end_ntifs
  85. #define THREAD_QUERY_INFORMATION (0x0040) // winnt
  86. // begin_winnt
  87. #define THREAD_SET_THREAD_TOKEN (0x0080)
  88. #define THREAD_IMPERSONATE (0x0100)
  89. #define THREAD_DIRECT_IMPERSONATION (0x0200)
  90. // begin_ntddk begin_wdm begin_ntifs
  92. #define THREAD_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | \
  93. 0x3FF)
  95. // end_ntddk end_wdm end_ntifs
  96. // end_winnt
  98. //
  99. // Job Object Specific Access Rights
  100. //
  102. // begin_winnt
  103. #define JOB_OBJECT_ASSIGN_PROCESS (0x0001)
  104. #define JOB_OBJECT_SET_ATTRIBUTES (0x0002)
  105. #define JOB_OBJECT_QUERY (0x0004)
  106. #define JOB_OBJECT_TERMINATE (0x0008)
  107. #define JOB_OBJECT_SET_SECURITY_ATTRIBUTES (0x0010)
  108. #define JOB_OBJECT_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | \
  109. 0x1F )
  111. typedef struct _JOB_SET_ARRAY {
  112. HANDLE JobHandle; // Handle to job object to insert
  113. ULONG MemberLevel; // Level of this job in the set. Must be > 0. Can be sparse.
  114. ULONG Flags; // Unused. Must be zero
  115. } JOB_SET_ARRAY, *PJOB_SET_ARRAY;
  117. // end_winnt
  119. //
  120. // Process Environment Block
  121. //
  122. #ifdef _MAC
  123. #pragma warning( disable : 4121)
  124. #endif
  126. typedef struct _PEB_LDR_DATA {
  127. ULONG Length;
  128. BOOLEAN Initialized;
  129. HANDLE SsHandle;
  130. LIST_ENTRY InLoadOrderModuleList;
  131. LIST_ENTRY InMemoryOrderModuleList;
  132. LIST_ENTRY InInitializationOrderModuleList;
  133. PVOID EntryInProgress;
  134. } PEB_LDR_DATA, *PPEB_LDR_DATA;
  136. #ifdef _MAC
  137. #pragma warning( default : 4121 )
  138. #endif
  139. //
  140. // Handle tag bits for Peb Stdio File Handles
  141. //
  143. #define PEB_STDIO_HANDLE_NATIVE 0
  144. #define PEB_STDIO_HANDLE_SUBSYS 1
  145. #define PEB_STDIO_HANDLE_PM 2
  146. #define PEB_STDIO_HANDLE_RESERVED 3
  148. #define GDI_HANDLE_BUFFER_SIZE32 34
  149. #define GDI_HANDLE_BUFFER_SIZE64 60
  151. #if !defined(_IA64_) && !defined(_AMD64_)
  152. #define GDI_HANDLE_BUFFER_SIZE GDI_HANDLE_BUFFER_SIZE32
  153. #else
  154. #define GDI_HANDLE_BUFFER_SIZE GDI_HANDLE_BUFFER_SIZE64
  155. #endif
  157. typedef ULONG GDI_HANDLE_BUFFER32[GDI_HANDLE_BUFFER_SIZE32];
  158. typedef ULONG GDI_HANDLE_BUFFER64[GDI_HANDLE_BUFFER_SIZE64];
  159. typedef ULONG GDI_HANDLE_BUFFER [GDI_HANDLE_BUFFER_SIZE ];
  161. #define FOREGROUND_BASE_PRIORITY 9
  162. #define NORMAL_BASE_PRIORITY 8
  164. typedef struct _PEB_FREE_BLOCK {
  165. struct _PEB_FREE_BLOCK *Next;
  166. ULONG Size;
  167. } PEB_FREE_BLOCK, *PPEB_FREE_BLOCK;
  169. // begin_ntddk begin_wdm begin_nthal begin_ntifs
  170. //
  171. // ClientId
  172. //
  174. typedef struct _CLIENT_ID {
  175. HANDLE UniqueProcess;
  176. HANDLE UniqueThread;
  177. } CLIENT_ID;
  178. typedef CLIENT_ID *PCLIENT_ID;
  180. // end_ntddk end_wdm end_nthal end_ntifs
  182. #if !defined(CLIENT_ID64_DEFINED)
  184. typedef struct _CLIENT_ID64 {
  185. ULONGLONG UniqueProcess;
  186. ULONGLONG UniqueThread;
  187. } CLIENT_ID64;
  189. typedef CLIENT_ID64 *PCLIENT_ID64;
  191. #define CLIENT_ID64_DEFINED
  193. #endif
  195. #define FLS_MAXIMUM_AVAILABLE 128 // winnt
  196. #define TLS_MINIMUM_AVAILABLE 64 // winnt
  197. #define TLS_EXPANSION_SLOTS 1024
  199. typedef
  200. VOID
  201. (*PPS_POST_PROCESS_INIT_ROUTINE) (
  202. VOID
  203. );
  205. // begin_nthal begin_ntddk begin_ntifs
  206. //
  207. // Thread Environment Block (and portable part of Thread Information Block)
  208. //
  210. //
  211. // NT_TIB - Thread Information Block - Portable part.
  212. //
  213. // This is the subsystem portable part of the Thread Information Block.
  214. // It appears as the first part of the TEB for all threads which have
  215. // a user mode component.
  216. //
  217. // end_nthal end_ntddk end_ntifs
  218. // This structure MUST MATCH OS/2 V2.0!
  219. //
  220. // There is another, non-portable part of the TIB which is used
  221. // for by subsystems, i.e. Os2Tib for OS/2 threads. SubSystemTib
  222. // points there.
  223. // begin_nthal begin_ntddk begin_ntifs
  224. //
  226. // begin_winnt
  228. typedef struct _NT_TIB {
  229. struct _EXCEPTION_REGISTRATION_RECORD *ExceptionList;
  230. PVOID StackBase;
  231. PVOID StackLimit;
  232. PVOID SubSystemTib;
  233. union {
  234. PVOID FiberData;
  235. ULONG Version;
  236. };
  237. PVOID ArbitraryUserPointer;
  238. struct _NT_TIB *Self;
  239. } NT_TIB;
  240. typedef NT_TIB *PNT_TIB;
  242. //
  243. // 32 and 64 bit specific version for wow64 and the debugger
  244. //
  245. typedef struct _NT_TIB32 {
  246. ULONG ExceptionList;
  247. ULONG StackBase;
  248. ULONG StackLimit;
  249. ULONG SubSystemTib;
  250. union {
  251. ULONG FiberData;
  252. ULONG Version;
  253. };
  254. ULONG ArbitraryUserPointer;
  255. ULONG Self;
  256. } NT_TIB32, *PNT_TIB32;
  258. typedef struct _NT_TIB64 {
  259. ULONG64 ExceptionList;
  260. ULONG64 StackBase;
  261. ULONG64 StackLimit;
  262. ULONG64 SubSystemTib;
  263. union {
  264. ULONG64 FiberData;
  265. ULONG Version;
  266. };
  267. ULONG64 ArbitraryUserPointer;
  268. ULONG64 Self;
  269. } NT_TIB64, *PNT_TIB64;
  271. // end_nthal end_ntddk end_ntifs end_winnt
  273. //
  274. // Gdi command batching
  275. //
  277. #define GDI_BATCH_BUFFER_SIZE 310
  279. typedef struct _GDI_TEB_BATCH {
  280. ULONG Offset;
  281. ULONG_PTR HDC;
  282. ULONG Buffer[GDI_BATCH_BUFFER_SIZE];
  283. } GDI_TEB_BATCH,*PGDI_TEB_BATCH;
  286. //
  287. // Wx86 thread state information
  288. //
  290. typedef struct _Wx86ThreadState {
  291. PULONG CallBx86Eip;
  292. PVOID DeallocationCpu;
  293. BOOLEAN UseKnownWx86Dll;
  294. char OleStubInvoked;
  295. } WX86THREAD, *PWX86THREAD;
  297. //
  298. // TEB - The thread environment block
  299. //
  301. #define STATIC_UNICODE_BUFFER_LENGTH 261
  302. #define WIN32_CLIENT_INFO_LENGTH 62
  304. #define WIN32_CLIENT_INFO_SPIN_COUNT 1
  306. typedef PVOID* PPVOID;
  308. #include "pebteb.h"
  310. // begin_winnt
  312. #if !defined(_X86_) && !defined(_IA64_) && !defined(_AMD64_)
  313. #define WX86
  314. #endif
  316. // end_winnt
  319. #if defined(WX86)
  320. #define Wx86CurrentTib() ((PWX86TIB)NtCurrentTeb()->Vdm)
  321. #else
  322. #define Wx86CurrentTib() (NULL)
  323. #endif
  325. #if !defined(_X86_) && !defined(_IA64_)
  326. //
  327. // Exception Registration structure
  328. //
  329. // X86 Call frame record definition, normally defined in nti386.h
  330. // which is not included on risc.
  331. //
  333. typedef struct _EXCEPTION_REGISTRATION_RECORD {
  334. struct _EXCEPTION_REGISTRATION_RECORD *Next;
  335. PEXCEPTION_ROUTINE Handler;
  336. } EXCEPTION_REGISTRATION_RECORD;
  338. typedef EXCEPTION_REGISTRATION_RECORD *PEXCEPTION_REGISTRATION_RECORD;
  339. #endif
  341. typedef struct _Wx86TIB {
  342. ULONG Size;
  343. ULONG InitialPc;
  344. VOID * POINTER_32 StackBase;
  345. VOID * POINTER_32 StackLimit;
  346. VOID * POINTER_32 DeallocationStack;
  347. ULONG LogFlags;
  348. ULONG InitialSp;
  349. UCHAR SimulationCount;
  350. BOOLEAN InCpuSimulation;
  351. BOOLEAN EmulateInitialPc;
  352. BOOLEAN Initialized;
  353. EXCEPTION_REGISTRATION_RECORD * POINTER_32 ExceptionList;
  354. VOID * POINTER_32 CpuContext;
  355. CONTEXT * POINTER_32 InitialExceptionContext;
  356. VOID * POINTER_32 pCallersRIID;
  357. VOID * POINTER_32 pCallersUnknown;
  358. ULONG Flags;
  359. VOID * POINTER_32 SelfRegDllName;
  360. VOID * POINTER_32 SelfRegDllHandle;
  361. } WX86TIB, *PWX86TIB;
  363. #define EXCEPTION_CHAIN_END ((struct _EXCEPTION_REGISTRATION_RECORD * POINTER_32)-1)
  367. //
  368. // The version number of OS2
  369. //
  372. #define MAJOR_VERSION 30 // Cruiser uses 20 (not 20H)
  373. #define MINOR_VERSION 00
  374. #define OS2_VERSION (MAJOR_VERSION << 8 | MINOR_VERSION )
  376. #if DBG
  377. //
  378. // Reserve the last 9 SystemReserved pointers for debugging
  379. //
  380. #define DBG_TEB_THREADNAME 16
  381. #define DBG_TEB_RESERVED_1 15
  382. #define DBG_TEB_RESERVED_2 14
  383. #define DBG_TEB_RESERVED_3 13
  384. #define DBG_TEB_RESERVED_4 12
  385. #define DBG_TEB_RESERVED_5 11
  386. #define DBG_TEB_RESERVED_6 10
  387. #define DBG_TEB_RESERVED_7 9
  388. #define DBG_TEB_RESERVED_8 8
  389. #endif // DBG
  391. typedef struct _INITIAL_TEB {
  392. struct {
  393. PVOID OldStackBase;
  394. PVOID OldStackLimit;
  395. #if defined(_IA64_)
  396. PVOID OldBStoreLimit;
  397. #endif // defined(_IA64_)
  398. } OldInitialTeb;
  399. PVOID StackBase;
  400. PVOID StackLimit;
  401. #if defined(_IA64_)
  402. PVOID BStoreLimit;
  403. #endif // defined(_IA64_)
  404. PVOID StackAllocationBase;
  405. } INITIAL_TEB, *PINITIAL_TEB;
  407. #define PROCESS_PRIORITY_CLASS_UNKNOWN 0
  408. #define PROCESS_PRIORITY_CLASS_IDLE 1
  409. #define PROCESS_PRIORITY_CLASS_NORMAL 2
  410. #define PROCESS_PRIORITY_CLASS_HIGH 3
  411. #define PROCESS_PRIORITY_CLASS_REALTIME 4
  412. #define PROCESS_PRIORITY_CLASS_BELOW_NORMAL 5
  413. #define PROCESS_PRIORITY_CLASS_ABOVE_NORMAL 6
  415. typedef struct _PROCESS_PRIORITY_CLASS {
  416. BOOLEAN Foreground;
  417. UCHAR PriorityClass;
  418. } PROCESS_PRIORITY_CLASS, *PPROCESS_PRIORITY_CLASS;
  420. typedef struct _PROCESS_FOREGROUND_BACKGROUND {
  421. BOOLEAN Foreground;
  422. } PROCESS_FOREGROUND_BACKGROUND, *PPROCESS_FOREGROUND_BACKGROUND;
  425. //
  426. // Define process debug flags
  427. //
  428. #define PROCESS_DEBUG_INHERIT 0x00000001
  431. // begin_ntddk begin_ntifs
  432. //
  433. // Process Information Classes
  434. //
  436. typedef enum _PROCESSINFOCLASS {
  437. ProcessBasicInformation,
  438. ProcessQuotaLimits,
  439. ProcessIoCounters,
  440. ProcessVmCounters,
  441. ProcessTimes,
  442. ProcessBasePriority,
  443. ProcessRaisePriority,
  444. ProcessDebugPort,
  445. ProcessExceptionPort,
  446. ProcessAccessToken,
  447. ProcessLdtInformation,
  448. ProcessLdtSize,
  449. ProcessDefaultHardErrorMode,
  450. ProcessIoPortHandlers, // Note: this is kernel mode only
  451. ProcessPooledUsageAndLimits,
  452. ProcessWorkingSetWatch,
  453. ProcessUserModeIOPL,
  454. ProcessEnableAlignmentFaultFixup,
  455. ProcessPriorityClass,
  456. ProcessWx86Information,
  457. ProcessHandleCount,
  458. ProcessAffinityMask,
  459. ProcessPriorityBoost,
  460. ProcessDeviceMap,
  461. ProcessSessionInformation,
  462. ProcessForegroundInformation,
  463. ProcessWow64Information,
  464. ProcessImageFileName,
  465. ProcessLUIDDeviceMapsEnabled,
  466. ProcessBreakOnTermination,
  467. ProcessDebugObjectHandle,
  468. ProcessDebugFlags,
  469. ProcessHandleTracing,
  470. MaxProcessInfoClass // MaxProcessInfoClass should always be the last enum
  471. } PROCESSINFOCLASS;
  473. //
  474. // Thread Information Classes
  475. //
  477. typedef enum _THREADINFOCLASS {
  478. ThreadBasicInformation,
  479. ThreadTimes,
  480. ThreadPriority,
  481. ThreadBasePriority,
  482. ThreadAffinityMask,
  483. ThreadImpersonationToken,
  484. ThreadDescriptorTableEntry,
  485. ThreadEnableAlignmentFaultFixup,
  486. ThreadEventPair_Reusable,
  487. ThreadQuerySetWin32StartAddress,
  488. ThreadZeroTlsCell,
  489. ThreadPerformanceCount,
  490. ThreadAmILastThread,
  491. ThreadIdealProcessor,
  492. ThreadPriorityBoost,
  493. ThreadSetTlsArrayAddress,
  494. ThreadIsIoPending,
  495. ThreadHideFromDebugger,
  496. ThreadBreakOnTermination,
  497. MaxThreadInfoClass
  498. } THREADINFOCLASS;
  499. // end_ntddk end_ntifs
  501. #define PROCESS_PRIORITY_SEPARATION_MASK 0x00000003
  502. #define PROCESS_PRIORITY_SEPARATION_MAX 0x00000002
  503. #define PROCESS_QUANTUM_VARIABLE_MASK 0x0000000c
  504. #define PROCESS_QUANTUM_VARIABLE_DEF 0x00000000
  505. #define PROCESS_QUANTUM_VARIABLE_VALUE 0x00000004
  506. #define PROCESS_QUANTUM_FIXED_VALUE 0x00000008
  507. #define PROCESS_QUANTUM_LONG_MASK 0x00000030
  508. #define PROCESS_QUANTUM_LONG_DEF 0x00000000
  509. #define PROCESS_QUANTUM_LONG_VALUE 0x00000010
  510. #define PROCESS_QUANTUM_SHORT_VALUE 0x00000020
  513. #define PROCESS_HARDERROR_ALIGNMENT_BIT 0x0004 // from winbase.h, but not tagged
  515. //
  516. // thread base priority ranges
  517. //
  518. // begin_winnt
  519. #define THREAD_BASE_PRIORITY_LOWRT 15 // value that gets a thread to LowRealtime-1
  520. #define THREAD_BASE_PRIORITY_MAX 2 // maximum thread base priority boost
  521. #define THREAD_BASE_PRIORITY_MIN (-2) // minimum thread base priority boost
  522. #define THREAD_BASE_PRIORITY_IDLE (-15) // value that gets a thread to idle
  523. // end_winnt
  525. // begin_ntddk begin_ntifs
  526. //
  527. // Process Information Structures
  528. //
  530. //
  531. // PageFaultHistory Information
  532. // NtQueryInformationProcess using ProcessWorkingSetWatch
  533. //
  534. typedef struct _PROCESS_WS_WATCH_INFORMATION {
  535. PVOID FaultingPc;
  536. PVOID FaultingVa;
  537. } PROCESS_WS_WATCH_INFORMATION, *PPROCESS_WS_WATCH_INFORMATION;
  539. //
  540. // Basic Process Information
  541. // NtQueryInformationProcess using ProcessBasicInfo
  542. //
  544. typedef struct _PROCESS_BASIC_INFORMATION {
  545. NTSTATUS ExitStatus;
  546. PPEB PebBaseAddress;
  547. ULONG_PTR AffinityMask;
  548. KPRIORITY BasePriority;
  549. ULONG_PTR UniqueProcessId;
  550. ULONG_PTR InheritedFromUniqueProcessId;
  551. } PROCESS_BASIC_INFORMATION;
  552. typedef PROCESS_BASIC_INFORMATION *PPROCESS_BASIC_INFORMATION;
  555. // end_ntddk end_ntifs
  556. typedef struct _PROCESS_BASIC_INFORMATION64 {
  557. NTSTATUS ExitStatus;
  558. ULONG32 Pad1;
  559. ULONG64 PebBaseAddress;
  560. ULONG64 AffinityMask;
  561. KPRIORITY BasePriority;
  562. ULONG32 Pad2;
  563. ULONG64 UniqueProcessId;
  564. ULONG64 InheritedFromUniqueProcessId;
  565. } PROCESS_BASIC_INFORMATION64;
  566. typedef PROCESS_BASIC_INFORMATION64 *PPROCESS_BASIC_INFORMATION64;
  568. #if !defined(SORTPP_PASS) && !defined(MIDL_PASS) && !defined(RC_INVOKED) && defined(_WIN64) && !defined(_X86AMD64_)
  569. C_ASSERT(sizeof(PROCESS_BASIC_INFORMATION) == sizeof(PROCESS_BASIC_INFORMATION64));
  570. #endif
  571. // begin_ntddk begin_ntifs
  573. //
  574. // Process Device Map information
  575. // NtQueryInformationProcess using ProcessDeviceMap
  576. // NtSetInformationProcess using ProcessDeviceMap
  577. //
  579. typedef struct _PROCESS_DEVICEMAP_INFORMATION {
  580. union {
  581. struct {
  582. HANDLE DirectoryHandle;
  583. } Set;
  584. struct {
  585. ULONG DriveMap;
  586. UCHAR DriveType[ 32 ];
  587. } Query;
  588. };
  589. } PROCESS_DEVICEMAP_INFORMATION, *PPROCESS_DEVICEMAP_INFORMATION;
  591. typedef struct _PROCESS_DEVICEMAP_INFORMATION_EX {
  592. union {
  593. struct {
  594. HANDLE DirectoryHandle;
  595. } Set;
  596. struct {
  597. ULONG DriveMap;
  598. UCHAR DriveType[ 32 ];
  599. } Query;
  600. };
  601. ULONG Flags; // specifies that the query type
  602. } PROCESS_DEVICEMAP_INFORMATION_EX, *PPROCESS_DEVICEMAP_INFORMATION_EX;
  604. //
  605. // PROCESS_DEVICEMAP_INFORMATION_EX flags
  606. //
  607. #define PROCESS_LUID_DOSDEVICES_ONLY 0x00000001
  609. //
  610. // Multi-User Session specific Process Information
  611. // NtQueryInformationProcess using ProcessSessionInformation
  612. //
  614. typedef struct _PROCESS_SESSION_INFORMATION {
  615. ULONG SessionId;
  616. } PROCESS_SESSION_INFORMATION, *PPROCESS_SESSION_INFORMATION;
  619. typedef struct _PROCESS_HANDLE_TRACING_ENABLE {
  620. ULONG Flags;
  621. } PROCESS_HANDLE_TRACING_ENABLE, *PPROCESS_HANDLE_TRACING_ENABLE;
  623. typedef struct _PROCESS_HANDLE_TRACING_ENABLE_EX {
  624. ULONG Flags;
  625. ULONG TotalSlots;
  626. } PROCESS_HANDLE_TRACING_ENABLE_EX, *PPROCESS_HANDLE_TRACING_ENABLE_EX;
  629. #define PROCESS_HANDLE_TRACING_MAX_STACKS 16
  631. typedef struct _PROCESS_HANDLE_TRACING_ENTRY {
  632. HANDLE Handle;
  633. CLIENT_ID ClientId;
  634. ULONG Type;
  635. PVOID Stacks[PROCESS_HANDLE_TRACING_MAX_STACKS];
  636. } PROCESS_HANDLE_TRACING_ENTRY, *PPROCESS_HANDLE_TRACING_ENTRY;
  638. typedef struct _PROCESS_HANDLE_TRACING_QUERY {
  639. HANDLE Handle;
  640. ULONG TotalTraces;
  641. PROCESS_HANDLE_TRACING_ENTRY HandleTrace[1];
  642. } PROCESS_HANDLE_TRACING_QUERY, *PPROCESS_HANDLE_TRACING_QUERY;
  644. //
  645. // Process Quotas
  646. // NtQueryInformationProcess using ProcessQuotaLimits
  647. // NtQueryInformationProcess using ProcessPooledQuotaLimits
  648. // NtSetInformationProcess using ProcessQuotaLimits
  649. //
  651. // begin_winnt
  653. typedef struct _QUOTA_LIMITS {
  654. SIZE_T PagedPoolLimit;
  655. SIZE_T NonPagedPoolLimit;
  656. SIZE_T MinimumWorkingSetSize;
  657. SIZE_T MaximumWorkingSetSize;
  658. SIZE_T PagefileLimit;
  659. LARGE_INTEGER TimeLimit;
  660. } QUOTA_LIMITS, *PQUOTA_LIMITS;
  662. #define QUOTA_LIMITS_HARDWS_MIN_ENABLE 0x00000001
  663. #define QUOTA_LIMITS_HARDWS_MIN_DISABLE 0x00000002
  664. #define QUOTA_LIMITS_HARDWS_MAX_ENABLE 0x00000004
  665. #define QUOTA_LIMITS_HARDWS_MAX_DISABLE 0x00000008
  667. typedef struct _QUOTA_LIMITS_EX {
  668. SIZE_T PagedPoolLimit;
  669. SIZE_T NonPagedPoolLimit;
  670. SIZE_T MinimumWorkingSetSize;
  671. SIZE_T MaximumWorkingSetSize;
  672. SIZE_T PagefileLimit;
  673. LARGE_INTEGER TimeLimit;
  674. SIZE_T Reserved1;
  675. SIZE_T Reserved2;
  676. SIZE_T Reserved3;
  677. SIZE_T Reserved4;
  678. ULONG Flags;
  679. ULONG Reserved5;
  680. } QUOTA_LIMITS_EX, *PQUOTA_LIMITS_EX;
  682. // end_winnt
  684. //
  685. // Process I/O Counters
  686. // NtQueryInformationProcess using ProcessIoCounters
  687. //
  689. // begin_winnt
  690. typedef struct _IO_COUNTERS {
  691. ULONGLONG ReadOperationCount;
  692. ULONGLONG WriteOperationCount;
  693. ULONGLONG OtherOperationCount;
  694. ULONGLONG ReadTransferCount;
  695. ULONGLONG WriteTransferCount;
  696. ULONGLONG OtherTransferCount;
  697. } IO_COUNTERS;
  698. typedef IO_COUNTERS *PIO_COUNTERS;
  700. // end_winnt
  702. //
  703. // Process Virtual Memory Counters
  704. // NtQueryInformationProcess using ProcessVmCounters
  705. //
  707. typedef struct _VM_COUNTERS {
  708. SIZE_T PeakVirtualSize;
  709. SIZE_T VirtualSize;
  710. ULONG PageFaultCount;
  711. SIZE_T PeakWorkingSetSize;
  712. SIZE_T WorkingSetSize;
  713. SIZE_T QuotaPeakPagedPoolUsage;
  714. SIZE_T QuotaPagedPoolUsage;
  715. SIZE_T QuotaPeakNonPagedPoolUsage;
  716. SIZE_T QuotaNonPagedPoolUsage;
  717. SIZE_T PagefileUsage;
  718. SIZE_T PeakPagefileUsage;
  719. } VM_COUNTERS;
  720. typedef VM_COUNTERS *PVM_COUNTERS;
  722. typedef struct _VM_COUNTERS_EX {
  723. SIZE_T PeakVirtualSize;
  724. SIZE_T VirtualSize;
  725. ULONG PageFaultCount;
  726. SIZE_T PeakWorkingSetSize;
  727. SIZE_T WorkingSetSize;
  728. SIZE_T QuotaPeakPagedPoolUsage;
  729. SIZE_T QuotaPagedPoolUsage;
  730. SIZE_T QuotaPeakNonPagedPoolUsage;
  731. SIZE_T QuotaNonPagedPoolUsage;
  732. SIZE_T PagefileUsage;
  733. SIZE_T PeakPagefileUsage;
  734. SIZE_T PrivateUsage;
  735. } VM_COUNTERS_EX;
  736. typedef VM_COUNTERS_EX *PVM_COUNTERS_EX;
  738. //
  739. // Process Pooled Quota Usage and Limits
  740. // NtQueryInformationProcess using ProcessPooledUsageAndLimits
  741. //
  743. typedef struct _POOLED_USAGE_AND_LIMITS {
  744. SIZE_T PeakPagedPoolUsage;
  745. SIZE_T PagedPoolUsage;
  746. SIZE_T PagedPoolLimit;
  747. SIZE_T PeakNonPagedPoolUsage;
  748. SIZE_T NonPagedPoolUsage;
  749. SIZE_T NonPagedPoolLimit;
  750. SIZE_T PeakPagefileUsage;
  751. SIZE_T PagefileUsage;
  752. SIZE_T PagefileLimit;
  753. } POOLED_USAGE_AND_LIMITS;
  754. typedef POOLED_USAGE_AND_LIMITS *PPOOLED_USAGE_AND_LIMITS;
  756. //
  757. // Process Security Context Information
  758. // NtSetInformationProcess using ProcessAccessToken
  759. // PROCESS_SET_ACCESS_TOKEN access to the process is needed
  760. // to use this info level.
  761. //
  763. typedef struct _PROCESS_ACCESS_TOKEN {
  765. //
  766. // Handle to Primary token to assign to the process.
  767. // TOKEN_ASSIGN_PRIMARY access to this token is needed.
  768. //
  770. HANDLE Token;
  772. //
  773. // Handle to the initial thread of the process.
  774. // A process's access token can only be changed if the process has
  775. // no threads or one thread. If the process has no threads, this
  776. // field must be set to NULL. Otherwise, it must contain a handle
  777. // open to the process's only thread. THREAD_QUERY_INFORMATION access
  778. // is needed via this handle.
  780. HANDLE Thread;
  782. } PROCESS_ACCESS_TOKEN, *PPROCESS_ACCESS_TOKEN;
  784. //
  785. // Process/Thread System and User Time
  786. // NtQueryInformationProcess using ProcessTimes
  787. // NtQueryInformationThread using ThreadTimes
  788. //
  790. typedef struct _KERNEL_USER_TIMES {
  791. LARGE_INTEGER CreateTime;
  792. LARGE_INTEGER ExitTime;
  793. LARGE_INTEGER KernelTime;
  794. LARGE_INTEGER UserTime;
  795. } KERNEL_USER_TIMES;
  796. typedef KERNEL_USER_TIMES *PKERNEL_USER_TIMES;
  797. // end_ntddk end_ntifs
  800. //
  801. // Thread Information Structures
  802. //
  804. //
  805. // Basic Thread Information
  806. // NtQueryInformationThread using ThreadBasicInfo
  807. //
  809. typedef struct _THREAD_BASIC_INFORMATION {
  810. NTSTATUS ExitStatus;
  811. PTEB TebBaseAddress;
  812. CLIENT_ID ClientId;
  813. ULONG_PTR AffinityMask;
  814. KPRIORITY Priority;
  815. LONG BasePriority;
  816. } THREAD_BASIC_INFORMATION;
  817. typedef THREAD_BASIC_INFORMATION *PTHREAD_BASIC_INFORMATION;
  819. #if defined(_AMD64_) || defined(_IA64_)
  820. #include <pshpck16.h>
  821. #endif
  823. typedef struct _FIBER {
  824. PVOID FiberData;
  826. //
  827. // Matches first three DWORDs of TEB
  828. //
  830. struct _EXCEPTION_REGISTRATION_RECORD *ExceptionList;
  831. PVOID StackBase;
  832. PVOID StackLimit;
  834. //
  835. // Used by base to free a thread's stack
  836. //
  838. PVOID DeallocationStack;
  839. CONTEXT FiberContext;
  840. PWX86TIB Wx86Tib;
  842. #ifdef _IA64_
  844. PVOID DeallocationBStore;
  845. PVOID BStoreLimit;
  847. #endif
  849. //
  850. // Fiber local storage data.
  851. //
  853. PVOID FlsData;
  854. } FIBER, *PFIBER;
  856. #if defined(_AMD64_) || defined(_IA64_)
  857. #include <poppack.h>
  858. #endif
  860. //
  861. //
  862. // Process Object APIs
  863. //
  865. NTSYSCALLAPI
  866. NTSTATUS
  867. NTAPI
  868. NtCreateProcess(
  869. OUT PHANDLE ProcessHandle,
  870. IN ACCESS_MASK DesiredAccess,
  871. IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
  872. IN HANDLE ParentProcess,
  873. IN BOOLEAN InheritObjectTable,
  874. IN HANDLE SectionHandle OPTIONAL,
  875. IN HANDLE DebugPort OPTIONAL,
  876. IN HANDLE ExceptionPort OPTIONAL
  877. );
  879. #define PROCESS_CREATE_FLAGS_BREAKAWAY 0x00000001
  880. #define PROCESS_CREATE_FLAGS_NO_DEBUG_INHERIT 0x00000002
  881. #define PROCESS_CREATE_FLAGS_INHERIT_HANDLES 0x00000004
  882. #define PROCESS_CREATE_FLAGS_OVERRIDE_ADDRESS_SPACE 0x00000008
  883. #define PROCESS_CREATE_FLAGS_LEGAL_MASK 0x0000000f
  885. NTSYSCALLAPI
  886. NTSTATUS
  887. NTAPI
  888. NtCreateProcessEx(
  889. OUT PHANDLE ProcessHandle,
  890. IN ACCESS_MASK DesiredAccess,
  891. IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
  892. IN HANDLE ParentProcess,
  893. IN ULONG Flags,
  894. IN HANDLE SectionHandle OPTIONAL,
  895. IN HANDLE DebugPort OPTIONAL,
  896. IN HANDLE ExceptionPort OPTIONAL,
  897. IN ULONG JobMemberLevel
  898. );
  900. // begin_ntddk begin_ntifs
  901. NTSYSCALLAPI
  902. NTSTATUS
  903. NTAPI
  904. NtOpenProcess (
  905. OUT PHANDLE ProcessHandle,
  906. IN ACCESS_MASK DesiredAccess,
  907. IN POBJECT_ATTRIBUTES ObjectAttributes,
  908. IN PCLIENT_ID ClientId OPTIONAL
  909. );
  910. // end_ntddk end_ntifs
  913. NTSYSCALLAPI
  914. NTSTATUS
  915. NTAPI
  916. NtTerminateProcess(
  917. IN HANDLE ProcessHandle OPTIONAL,
  918. IN NTSTATUS ExitStatus
  919. );
  922. #define NtCurrentProcess() ( (HANDLE)(LONG_PTR) -1 ) // ntddk wdm ntifs
  923. #define ZwCurrentProcess() NtCurrentProcess() // ntddk wdm ntifs
  925. #if defined(RTL_USE_KERNEL_PEB_RTN) || defined(NTOS_KERNEL_RUNTIME)
  927. #define NtCurrentPeb() (PsGetCurrentProcess ()->Peb)
  929. #else
  931. #define NtCurrentPeb() (NtCurrentTeb()->ProcessEnvironmentBlock)
  933. #endif
  935. // begin_ntddk begin_ntifs
  936. NTSYSCALLAPI
  937. NTSTATUS
  938. NTAPI
  939. NtQueryInformationProcess(
  940. IN HANDLE ProcessHandle,
  941. IN PROCESSINFOCLASS ProcessInformationClass,
  942. OUT PVOID ProcessInformation,
  943. IN ULONG ProcessInformationLength,
  944. OUT PULONG ReturnLength OPTIONAL
  945. );
  946. // end_ntddk end_ntifs
  949. NTSYSCALLAPI
  950. NTSTATUS
  951. NTAPI
  952. NtGetNextProcess (
  953. IN HANDLE ProcessHandle,
  954. IN ACCESS_MASK DesiredAccess,
  955. IN ULONG HandleAttributes,
  956. IN ULONG Flags,
  957. OUT PHANDLE NewProcessHandle
  958. );
  960. NTSYSCALLAPI
  961. NTSTATUS
  962. NTAPI
  963. NtGetNextThread (
  964. IN HANDLE ProcessHandle,
  965. IN HANDLE ThreadHandle,
  966. IN ACCESS_MASK DesiredAccess,
  967. IN ULONG HandleAttributes,
  968. IN ULONG Flags,
  969. OUT PHANDLE NewThreadHandle
  970. );
  972. NTSYSCALLAPI
  973. NTSTATUS
  974. NTAPI
  975. NtQueryPortInformationProcess(
  976. VOID
  977. );
  979. NTSYSCALLAPI
  980. ULONG
  981. NTAPI
  982. NtGetCurrentProcessorNumber(
  983. VOID
  984. );
  986. NTSYSCALLAPI
  987. NTSTATUS
  988. NTAPI
  989. NtSetInformationProcess(
  990. IN HANDLE ProcessHandle,
  991. IN PROCESSINFOCLASS ProcessInformationClass,
  992. IN PVOID ProcessInformation,
  993. IN ULONG ProcessInformationLength
  994. );
  996. //
  997. // Thread Object APIs
  998. //
  1000. NTSYSCALLAPI
  1001. NTSTATUS
  1002. NTAPI
  1003. NtCreateThread(
  1004. OUT PHANDLE ThreadHandle,
  1005. IN ACCESS_MASK DesiredAccess,
  1006. IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
  1007. IN HANDLE ProcessHandle,
  1008. OUT PCLIENT_ID ClientId,
  1009. IN PCONTEXT ThreadContext,
  1010. IN PINITIAL_TEB InitialTeb,
  1011. IN BOOLEAN CreateSuspended
  1012. );
  1014. NTSYSCALLAPI
  1015. NTSTATUS
  1016. NTAPI
  1017. NtOpenThread (
  1018. OUT PHANDLE ThreadHandle,
  1019. IN ACCESS_MASK DesiredAccess,
  1020. IN POBJECT_ATTRIBUTES ObjectAttributes,
  1021. IN PCLIENT_ID ClientId OPTIONAL
  1022. );
  1024. NTSYSCALLAPI
  1025. NTSTATUS
  1026. NTAPI
  1027. NtTerminateThread(
  1028. IN HANDLE ThreadHandle OPTIONAL,
  1029. IN NTSTATUS ExitStatus
  1030. );
  1032. #define NtCurrentThread() ( (HANDLE)(LONG_PTR) -2 ) // ntddk wdm ntifs
  1033. #define ZwCurrentThread() NtCurrentThread() // ntddk wdm ntifs
  1035. NTSYSCALLAPI
  1036. NTSTATUS
  1037. NTAPI
  1038. NtSuspendThread(
  1039. IN HANDLE ThreadHandle,
  1040. OUT PULONG PreviousSuspendCount OPTIONAL
  1041. );
  1043. NTSYSCALLAPI
  1044. NTSTATUS
  1045. NTAPI
  1046. NtResumeThread(
  1047. IN HANDLE ThreadHandle,
  1048. OUT PULONG PreviousSuspendCount OPTIONAL
  1049. );
  1051. NTSYSCALLAPI
  1052. NTSTATUS
  1053. NTAPI
  1054. NtSuspendProcess (
  1055. IN HANDLE ProcessHandle
  1056. );
  1058. NTSYSCALLAPI
  1059. NTSTATUS
  1060. NTAPI
  1061. NtResumeProcess (
  1062. IN HANDLE ProcessHandle
  1063. );
  1066. NTSYSCALLAPI
  1067. NTSTATUS
  1068. NTAPI
  1069. NtGetContextThread(
  1070. IN HANDLE ThreadHandle,
  1071. IN OUT PCONTEXT ThreadContext
  1072. );
  1074. NTSYSCALLAPI
  1075. NTSTATUS
  1076. NTAPI
  1077. NtSetContextThread(
  1078. IN HANDLE ThreadHandle,
  1079. IN PCONTEXT ThreadContext
  1080. );
  1082. NTSYSCALLAPI
  1083. NTSTATUS
  1084. NTAPI
  1085. NtQueryInformationThread(
  1086. IN HANDLE ThreadHandle,
  1087. IN THREADINFOCLASS ThreadInformationClass,
  1088. OUT PVOID ThreadInformation,
  1089. IN ULONG ThreadInformationLength,
  1090. OUT PULONG ReturnLength OPTIONAL
  1091. );
  1093. // begin_ntifs
  1094. NTSYSCALLAPI
  1095. NTSTATUS
  1096. NTAPI
  1097. NtSetInformationThread(
  1098. IN HANDLE ThreadHandle,
  1099. IN THREADINFOCLASS ThreadInformationClass,
  1100. IN PVOID ThreadInformation,
  1101. IN ULONG ThreadInformationLength
  1102. );
  1103. // end_ntifs
  1105. NTSYSCALLAPI
  1106. NTSTATUS
  1107. NTAPI
  1108. NtAlertThread(
  1109. IN HANDLE ThreadHandle
  1110. );
  1112. NTSYSCALLAPI
  1113. NTSTATUS
  1114. NTAPI
  1115. NtAlertResumeThread(
  1116. IN HANDLE ThreadHandle,
  1117. OUT PULONG PreviousSuspendCount OPTIONAL
  1118. );
  1120. NTSYSCALLAPI
  1121. NTSTATUS
  1122. NTAPI
  1123. NtImpersonateThread(
  1124. IN HANDLE ServerThreadHandle,
  1125. IN HANDLE ClientThreadHandle,
  1126. IN PSECURITY_QUALITY_OF_SERVICE SecurityQos
  1127. );
  1129. NTSYSCALLAPI
  1130. NTSTATUS
  1131. NTAPI
  1132. NtTestAlert(
  1133. VOID
  1134. );
  1136. NTSYSCALLAPI
  1137. NTSTATUS
  1138. NTAPI
  1139. NtRegisterThreadTerminatePort(
  1140. IN HANDLE PortHandle
  1141. );
  1143. NTSYSCALLAPI
  1144. NTSTATUS
  1145. NTAPI
  1146. NtSetLdtEntries(
  1147. IN ULONG Selector0,
  1148. IN ULONG Entry0Low,
  1149. IN ULONG Entry0Hi,
  1150. IN ULONG Selector1,
  1151. IN ULONG Entry1Low,
  1152. IN ULONG Entry1High
  1153. );
  1155. typedef
  1156. VOID
  1157. (*PPS_APC_ROUTINE) (
  1158. IN PVOID ApcArgument1,
  1159. IN PVOID ApcArgument2,
  1160. IN PVOID ApcArgument3
  1161. );
  1163. NTSYSCALLAPI
  1164. NTSTATUS
  1165. NTAPI
  1166. NtQueueApcThread(
  1167. IN HANDLE ThreadHandle,
  1168. IN PPS_APC_ROUTINE ApcRoutine,
  1169. IN PVOID ApcArgument1,
  1170. IN PVOID ApcArgument2,
  1171. IN PVOID ApcArgument3
  1172. );
  1174. //
  1175. // Job Object APIs
  1176. //
  1178. NTSYSCALLAPI
  1179. NTSTATUS
  1180. NTAPI
  1181. NtCreateJobObject (
  1182. OUT PHANDLE JobHandle,
  1183. IN ACCESS_MASK DesiredAccess,
  1184. IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL
  1185. );
  1187. NTSYSCALLAPI
  1188. NTSTATUS
  1189. NTAPI
  1190. NtOpenJobObject(
  1191. OUT PHANDLE JobHandle,
  1192. IN ACCESS_MASK DesiredAccess,
  1193. IN POBJECT_ATTRIBUTES ObjectAttributes
  1194. );
  1196. NTSYSCALLAPI
  1197. NTSTATUS
  1198. NTAPI
  1199. NtAssignProcessToJobObject(
  1200. IN HANDLE JobHandle,
  1201. IN HANDLE ProcessHandle
  1202. );
  1204. NTSYSCALLAPI
  1205. NTSTATUS
  1206. NTAPI
  1207. NtTerminateJobObject(
  1208. IN HANDLE JobHandle,
  1209. IN NTSTATUS ExitStatus
  1210. );
  1212. NTSYSCALLAPI
  1213. NTSTATUS
  1214. NTAPI
  1215. NtIsProcessInJob (
  1216. IN HANDLE ProcessHandle,
  1217. IN HANDLE JobHandle
  1218. );
  1220. NTSYSCALLAPI
  1221. NTSTATUS
  1222. NTAPI
  1223. NtCreateJobSet (
  1224. IN ULONG NumJob,
  1225. IN PJOB_SET_ARRAY UserJobSet,
  1226. IN ULONG Flags);
  1228. // begin_winnt
  1230. typedef struct _JOBOBJECT_BASIC_ACCOUNTING_INFORMATION {
  1231. LARGE_INTEGER TotalUserTime;
  1232. LARGE_INTEGER TotalKernelTime;
  1233. LARGE_INTEGER ThisPeriodTotalUserTime;
  1234. LARGE_INTEGER ThisPeriodTotalKernelTime;
  1235. ULONG TotalPageFaultCount;
  1236. ULONG TotalProcesses;
  1237. ULONG ActiveProcesses;
  1238. ULONG TotalTerminatedProcesses;
  1239. } JOBOBJECT_BASIC_ACCOUNTING_INFORMATION, *PJOBOBJECT_BASIC_ACCOUNTING_INFORMATION;
  1241. typedef struct _JOBOBJECT_BASIC_LIMIT_INFORMATION {
  1242. LARGE_INTEGER PerProcessUserTimeLimit;
  1243. LARGE_INTEGER PerJobUserTimeLimit;
  1244. ULONG LimitFlags;
  1245. SIZE_T MinimumWorkingSetSize;
  1246. SIZE_T MaximumWorkingSetSize;
  1247. ULONG ActiveProcessLimit;
  1248. ULONG_PTR Affinity;
  1249. ULONG PriorityClass;
  1250. ULONG SchedulingClass;
  1251. } JOBOBJECT_BASIC_LIMIT_INFORMATION, *PJOBOBJECT_BASIC_LIMIT_INFORMATION;
  1253. typedef struct _JOBOBJECT_EXTENDED_LIMIT_INFORMATION {
  1254. JOBOBJECT_BASIC_LIMIT_INFORMATION BasicLimitInformation;
  1255. IO_COUNTERS IoInfo;
  1256. SIZE_T ProcessMemoryLimit;
  1257. SIZE_T JobMemoryLimit;
  1258. SIZE_T PeakProcessMemoryUsed;
  1259. SIZE_T PeakJobMemoryUsed;
  1260. } JOBOBJECT_EXTENDED_LIMIT_INFORMATION, *PJOBOBJECT_EXTENDED_LIMIT_INFORMATION;
  1262. typedef struct _JOBOBJECT_BASIC_PROCESS_ID_LIST {
  1263. ULONG NumberOfAssignedProcesses;
  1264. ULONG NumberOfProcessIdsInList;
  1265. ULONG_PTR ProcessIdList[1];
  1266. } JOBOBJECT_BASIC_PROCESS_ID_LIST, *PJOBOBJECT_BASIC_PROCESS_ID_LIST;
  1268. typedef struct _JOBOBJECT_BASIC_UI_RESTRICTIONS {
  1269. ULONG UIRestrictionsClass;
  1270. } JOBOBJECT_BASIC_UI_RESTRICTIONS, *PJOBOBJECT_BASIC_UI_RESTRICTIONS;
  1272. typedef struct _JOBOBJECT_SECURITY_LIMIT_INFORMATION {
  1273. ULONG SecurityLimitFlags ;
  1274. HANDLE JobToken ;
  1275. PTOKEN_GROUPS SidsToDisable ;
  1276. PTOKEN_PRIVILEGES PrivilegesToDelete ;
  1277. PTOKEN_GROUPS RestrictedSids ;
  1278. } JOBOBJECT_SECURITY_LIMIT_INFORMATION, *PJOBOBJECT_SECURITY_LIMIT_INFORMATION ;
  1280. typedef struct _JOBOBJECT_END_OF_JOB_TIME_INFORMATION {
  1281. ULONG EndOfJobTimeAction;
  1282. } JOBOBJECT_END_OF_JOB_TIME_INFORMATION, *PJOBOBJECT_END_OF_JOB_TIME_INFORMATION;
  1284. typedef struct _JOBOBJECT_ASSOCIATE_COMPLETION_PORT {
  1285. PVOID CompletionKey;
  1286. HANDLE CompletionPort;
  1287. } JOBOBJECT_ASSOCIATE_COMPLETION_PORT, *PJOBOBJECT_ASSOCIATE_COMPLETION_PORT;
  1289. typedef struct _JOBOBJECT_BASIC_AND_IO_ACCOUNTING_INFORMATION {
  1290. JOBOBJECT_BASIC_ACCOUNTING_INFORMATION BasicInfo;
  1291. IO_COUNTERS IoInfo;
  1292. } JOBOBJECT_BASIC_AND_IO_ACCOUNTING_INFORMATION, *PJOBOBJECT_BASIC_AND_IO_ACCOUNTING_INFORMATION;
  1294. typedef struct _JOBOBJECT_JOBSET_INFORMATION {
  1295. ULONG MemberLevel;
  1296. } JOBOBJECT_JOBSET_INFORMATION, *PJOBOBJECT_JOBSET_INFORMATION;
  1298. #define JOB_OBJECT_TERMINATE_AT_END_OF_JOB 0
  1299. #define JOB_OBJECT_POST_AT_END_OF_JOB 1
  1301. //
  1302. // Completion Port Messages for job objects
  1303. //
  1304. // These values are returned via the lpNumberOfBytesTransferred parameter
  1305. //
  1307. #define JOB_OBJECT_MSG_END_OF_JOB_TIME 1
  1308. #define JOB_OBJECT_MSG_END_OF_PROCESS_TIME 2
  1309. #define JOB_OBJECT_MSG_ACTIVE_PROCESS_LIMIT 3
  1310. #define JOB_OBJECT_MSG_ACTIVE_PROCESS_ZERO 4
  1311. #define JOB_OBJECT_MSG_NEW_PROCESS 6
  1312. #define JOB_OBJECT_MSG_EXIT_PROCESS 7
  1313. #define JOB_OBJECT_MSG_ABNORMAL_EXIT_PROCESS 8
  1314. #define JOB_OBJECT_MSG_PROCESS_MEMORY_LIMIT 9
  1315. #define JOB_OBJECT_MSG_JOB_MEMORY_LIMIT 10
  1318. //
  1319. // Basic Limits
  1320. //
  1321. #define JOB_OBJECT_LIMIT_WORKINGSET 0x00000001
  1322. #define JOB_OBJECT_LIMIT_PROCESS_TIME 0x00000002
  1323. #define JOB_OBJECT_LIMIT_JOB_TIME 0x00000004
  1324. #define JOB_OBJECT_LIMIT_ACTIVE_PROCESS 0x00000008
  1325. #define JOB_OBJECT_LIMIT_AFFINITY 0x00000010
  1326. #define JOB_OBJECT_LIMIT_PRIORITY_CLASS 0x00000020
  1327. #define JOB_OBJECT_LIMIT_PRESERVE_JOB_TIME 0x00000040
  1328. #define JOB_OBJECT_LIMIT_SCHEDULING_CLASS 0x00000080
  1330. //
  1331. // Extended Limits
  1332. //
  1333. #define JOB_OBJECT_LIMIT_PROCESS_MEMORY 0x00000100
  1334. #define JOB_OBJECT_LIMIT_JOB_MEMORY 0x00000200
  1335. #define JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION 0x00000400
  1336. #define JOB_OBJECT_LIMIT_BREAKAWAY_OK 0x00000800
  1337. #define JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK 0x00001000
  1338. #define JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE 0x00002000
  1340. #define JOB_OBJECT_LIMIT_RESERVED2 0x00004000
  1341. #define JOB_OBJECT_LIMIT_RESERVED3 0x00008000
  1342. #define JOB_OBJECT_LIMIT_RESERVED4 0x00010000
  1343. #define JOB_OBJECT_LIMIT_RESERVED5 0x00020000
  1344. #define JOB_OBJECT_LIMIT_RESERVED6 0x00040000
  1347. #define JOB_OBJECT_LIMIT_VALID_FLAGS 0x0007ffff
  1349. #define JOB_OBJECT_BASIC_LIMIT_VALID_FLAGS 0x000000ff
  1350. #define JOB_OBJECT_EXTENDED_LIMIT_VALID_FLAGS 0x00003fff
  1351. #define JOB_OBJECT_RESERVED_LIMIT_VALID_FLAGS 0x0007ffff
  1353. //
  1354. // UI restrictions for jobs
  1355. //
  1357. #define JOB_OBJECT_UILIMIT_NONE 0x00000000
  1359. #define JOB_OBJECT_UILIMIT_HANDLES 0x00000001
  1360. #define JOB_OBJECT_UILIMIT_READCLIPBOARD 0x00000002
  1361. #define JOB_OBJECT_UILIMIT_WRITECLIPBOARD 0x00000004
  1362. #define JOB_OBJECT_UILIMIT_SYSTEMPARAMETERS 0x00000008
  1363. #define JOB_OBJECT_UILIMIT_DISPLAYSETTINGS 0x00000010
  1364. #define JOB_OBJECT_UILIMIT_GLOBALATOMS 0x00000020
  1365. #define JOB_OBJECT_UILIMIT_DESKTOP 0x00000040
  1366. #define JOB_OBJECT_UILIMIT_EXITWINDOWS 0x00000080
  1368. #define JOB_OBJECT_UILIMIT_ALL 0x000000FF
  1370. #define JOB_OBJECT_UI_VALID_FLAGS 0x000000FF
  1372. #define JOB_OBJECT_SECURITY_NO_ADMIN 0x00000001
  1373. #define JOB_OBJECT_SECURITY_RESTRICTED_TOKEN 0x00000002
  1374. #define JOB_OBJECT_SECURITY_ONLY_TOKEN 0x00000004
  1375. #define JOB_OBJECT_SECURITY_FILTER_TOKENS 0x00000008
  1377. #define JOB_OBJECT_SECURITY_VALID_FLAGS 0x0000000f
  1379. typedef enum _JOBOBJECTINFOCLASS {
  1380. JobObjectBasicAccountingInformation = 1,
  1381. JobObjectBasicLimitInformation,
  1382. JobObjectBasicProcessIdList,
  1383. JobObjectBasicUIRestrictions,
  1384. JobObjectSecurityLimitInformation,
  1385. JobObjectEndOfJobTimeInformation,
  1386. JobObjectAssociateCompletionPortInformation,
  1387. JobObjectBasicAndIoAccountingInformation,
  1388. JobObjectExtendedLimitInformation,
  1389. JobObjectJobSetInformation,
  1390. MaxJobObjectInfoClass
  1391. } JOBOBJECTINFOCLASS;
  1392. //
  1393. // end_winnt
  1394. //
  1396. NTSYSCALLAPI
  1397. NTSTATUS
  1398. NTAPI
  1399. NtQueryInformationJobObject(
  1400. IN HANDLE JobHandle,
  1401. IN JOBOBJECTINFOCLASS JobObjectInformationClass,
  1402. OUT PVOID JobObjectInformation,
  1403. IN ULONG JobObjectInformationLength,
  1404. OUT PULONG ReturnLength OPTIONAL
  1405. );
  1407. NTSYSCALLAPI
  1408. NTSTATUS
  1409. NTAPI
  1410. NtSetInformationJobObject(
  1411. IN HANDLE JobHandle,
  1412. IN JOBOBJECTINFOCLASS JobObjectInformationClass,
  1413. IN PVOID JobObjectInformation,
  1414. IN ULONG JobObjectInformationLength
  1415. );
  1417. #ifdef __cplusplus
  1418. }
  1419. #endif
  1421. #endif // _NTPSAPI_