|
|
/*++
Copyright (c) 1999 Microsoft Corporation
Module Name:
pshelper.c
Abstract:
EPROCESS and ETHREAD field access for NTOS-external components
Author:
Gerardo Bermudez (gerardob) 10-Aug-1999
Revision History:
--*/
#include "psp.h"
#ifdef ALLOC_PRAGMA
#pragma alloc_text (PAGE, PsIsProcessBeingDebugged)
#pragma alloc_text (PAGE, PsIsThreadImpersonating)
#pragma alloc_text (PAGE, PsReferenceProcessFilePointer)
#pragma alloc_text (PAGE, PsSetProcessWin32Process)
#pragma alloc_text (PAGE, PsSetProcessSecurityPort)
#pragma alloc_text (PAGE, PsSetJobUIRestrictionsClass)
#pragma alloc_text (PAGE, PsSetProcessWindowStation)
#pragma alloc_text (PAGE, PsGetProcessSecurityPort)
#pragma alloc_text (PAGE, PsSetThreadWin32Thread)
#pragma alloc_text (PAGE, PsGetProcessExitProcessCalled)
#pragma alloc_text (PAGE, PsGetThreadSessionId)
#pragma alloc_text (PAGE, PsSetProcessPriorityClass)
#endif
/*++
--*/#undef PsGetCurrentProcess
PEPROCESSPsGetCurrentProcess( VOID ){ return _PsGetCurrentProcess();}
/*++
--*/ULONG PsGetCurrentProcessSessionId( VOID ){ return MmGetSessionId (_PsGetCurrentProcess());}
/*++
--*/#undef PsGetCurrentThread
PETHREADPsGetCurrentThread( VOID ){ return _PsGetCurrentThread();}
/*++
--*/PVOIDPsGetCurrentThreadStackBase( VOID ){ return KeGetCurrentThread()->StackBase;}
/*++
--*/PVOIDPsGetCurrentThreadStackLimit( VOID ){ return KeGetCurrentThread()->StackLimit;}
/*++
--*/CCHARPsGetCurrentThreadPreviousMode( VOID ){ return KeGetPreviousMode();}
/*++
--*/PERESOURCEPsGetJobLock( PEJOB Job ){ return &Job->JobLock;}
/*++
--*/ULONGPsGetJobSessionId( PEJOB Job ){ return Job->SessionId;}
/*++
--*/ULONGPsGetJobUIRestrictionsClass( PEJOB Job ){ return Job->UIRestrictionsClass;}
/*++
--*/LONGLONGPsGetProcessCreateTimeQuadPart( PEPROCESS Process ){ return Process->CreateTime.QuadPart;}
/*++
--*/PVOIDPsGetProcessDebugPort( PEPROCESS Process ){ return Process->DebugPort;}
BOOLEANPsIsProcessBeingDebugged( PEPROCESS Process ){ if (Process->DebugPort != NULL) { return TRUE; } else { return FALSE; }}
/*++
--*/BOOLEANPsGetProcessExitProcessCalled( PEPROCESS Process ){ return (BOOLEAN) ((Process->Flags&PS_PROCESS_FLAGS_PROCESS_EXITING) != 0);}
/*++
--*/NTSTATUSPsGetProcessExitStatus( PEPROCESS Process ){ return Process->ExitStatus;}
/*++
--*/HANDLEPsGetProcessId( PEPROCESS Process ){ return Process->UniqueProcessId;}
/*++
--*/UCHAR *PsGetProcessImageFileName( PEPROCESS Process ){ return Process->ImageFileName;}
/*++
--*/
HANDLEPsGetProcessInheritedFromUniqueProcessId( PEPROCESS Process ){ return Process->InheritedFromUniqueProcessId;}
/*++
--*/PEJOBPsGetProcessJob( PEPROCESS Process ){ return Process->Job;}
/*++
--*/ULONGPsGetProcessSessionId( PEPROCESS Process ){ return MmGetSessionId (Process);}
/*++
--*/PVOIDPsGetProcessSectionBaseAddress( PEPROCESS Process ){ return Process->SectionBaseAddress;}
/*++
--*/PPEBPsGetProcessPeb( PEPROCESS Process ){ return Process->Peb;}
/*++
--*/UCHARPsGetProcessPriorityClass( PEPROCESS Process ){ return Process->PriorityClass;}
/*++
--*/HANDLEPsGetProcessWin32WindowStation( PEPROCESS Process ){ return Process->Win32WindowStation;}
/*++
--*/
PVOIDPsGetProcessWin32Process( PEPROCESS Process ){ return Process->Win32Process;}
/*++
--*/
PVOIDPsGetProcessWow64Process( PEPROCESS Process ){ return PS_GET_WOW64_PROCESS (Process);}
/*++
--*/HANDLEPsGetThreadId( PETHREAD Thread ){ return Thread->Cid.UniqueThread;}
/*++
--*/CCHARPsGetThreadFreezeCount( PETHREAD Thread ){ return Thread->Tcb.FreezeCount;}
/*++
--*/BOOLEANPsGetThreadHardErrorsAreDisabled( PETHREAD Thread){ return (BOOLEAN) (Thread->CrossThreadFlags&PS_CROSS_THREAD_FLAGS_HARD_ERRORS_DISABLED) != 0;}
/*++
--*/PEPROCESSPsGetThreadProcess( PETHREAD Thread ){ return THREAD_TO_PROCESS(Thread);}
/*++
--*/
HANDLEPsGetThreadProcessId( PETHREAD Thread ){ return Thread->Cid.UniqueProcess;}
/*++
--*/
ULONGPsGetThreadSessionId( PETHREAD Thread ){ return MmGetSessionId (THREAD_TO_PROCESS(Thread));}
/*++
--*/PVOIDPsGetThreadTeb( PETHREAD Thread ){ return Thread->Tcb.Teb;}
/*++
--*/PVOIDPsGetThreadWin32Thread( PETHREAD Thread ){ return Thread->Tcb.Win32Thread;}
/*++
--*/BOOLEANPsIsSystemThread( PETHREAD Thread ){ return (BOOLEAN)(IS_SYSTEM_THREAD(Thread));}
/*++
--*/
VOIDPsSetJobUIRestrictionsClass( PEJOB Job, ULONG UIRestrictionsClass ){ Job->UIRestrictionsClass = UIRestrictionsClass;}
/*++
--*/
VOIDPsSetProcessPriorityClass( PEPROCESS Process, UCHAR PriorityClass ){ Process->PriorityClass = PriorityClass;}
/*++
--*/NTSTATUSPsSetProcessWin32Process( PEPROCESS Process, PVOID Win32Process, PVOID PrevWin32Process ){ NTSTATUS Status; PETHREAD CurrentThread;
Status = STATUS_SUCCESS;
CurrentThread = PsGetCurrentThread ();
PspLockProcessExclusive (Process, CurrentThread);
if (Win32Process != NULL) { if ((Process->Flags&PS_PROCESS_FLAGS_PROCESS_DELETE) == 0 && Process->Win32Process == NULL) { Process->Win32Process = Win32Process; } else { Status = STATUS_PROCESS_IS_TERMINATING; } } else { if (Process->Win32Process == PrevWin32Process) { Process->Win32Process = NULL; } else { Status = STATUS_UNSUCCESSFUL; } }
PspUnlockProcessExclusive (Process, CurrentThread); return Status;}
/*++
--*/VOIDPsSetProcessWindowStation( PEPROCESS Process, HANDLE Win32WindowStation ){ Process->Win32WindowStation = Win32WindowStation;}
/*++
--*/VOIDPsSetThreadHardErrorsAreDisabled( PETHREAD Thread, BOOLEAN HardErrorsAreDisabled ){ if (HardErrorsAreDisabled) { PS_SET_BITS (&Thread->CrossThreadFlags, PS_CROSS_THREAD_FLAGS_HARD_ERRORS_DISABLED); } else { PS_CLEAR_BITS (&Thread->CrossThreadFlags, PS_CROSS_THREAD_FLAGS_HARD_ERRORS_DISABLED); }}
/*++
--*/VOIDPsSetThreadWin32Thread( PETHREAD Thread, PVOID Win32Thread, PVOID PrevWin32Thread ){ if (Win32Thread != NULL) { InterlockedExchangePointer(&Thread->Tcb.Win32Thread, Win32Thread); } else { InterlockedCompareExchangePointer(&Thread->Tcb.Win32Thread, Win32Thread, PrevWin32Thread); }}
/*++
--*/PVOIDPsGetProcessSecurityPort( PEPROCESS Process ){ return Process->SecurityPort ;}
/*++
--*/NTSTATUSPsSetProcessSecurityPort( PEPROCESS Process, PVOID Port ){ Process->SecurityPort = Port ; return STATUS_SUCCESS ;}
BOOLEANPsIsThreadImpersonating ( IN PETHREAD Thread )/*++
Routine Description:
This routine returns TRUE if the specified thread is impersonating otherwise it returns false.
Arguments:
Thread - Thread to be queried
Return Value:
BOOLEAN - TRUE: Thread is impersonating, FALSE: Thread is not impersonating.
--*/{ PAGED_CODE ();
return (BOOLEAN) (PS_IS_THREAD_IMPERSONATING (Thread));}
�NTSTATUSPsReferenceProcessFilePointer ( IN PEPROCESS Process, OUT PVOID *OutFileObject )
/*++
Routine Description:
This routine returns a referenced pointer to the FilePointer of Process. This is a rundown protected wrapper around MmGetFileObjectForSection.
Arguments:
Process - Supplies the process to query.
OutFileObject - Returns the file object backing the requested section if success is returned.
Return Value:
NTSTATUS. Environment:
Kernel mode, PASSIVE_LEVEL.
--*/
{ PFILE_OBJECT FileObject;
PAGED_CODE(); if (!ExAcquireRundownProtection (&Process->RundownProtect)) { return STATUS_UNSUCCESSFUL; }
if (Process->SectionObject == NULL) { ExReleaseRundownProtection (&Process->RundownProtect); return STATUS_UNSUCCESSFUL; }
FileObject = MmGetFileObjectForSection ((PVOID)Process->SectionObject);
*OutFileObject = FileObject;
ObReferenceObject (FileObject);
ExReleaseRundownProtection (&Process->RundownProtect);
return STATUS_SUCCESS;}
|
