My Project
Loading...
Searching...
No Matches
ps.h File Reference
#include <stdint.h>
#include <stddef.h>
#include "me.h"
#include "ht.h"
#include "ob.h"
#include "core.h"
#include "exception.h"

Go to the source code of this file.

Data Structures

struct  _EPROCESS
struct  _ETHREAD
struct  _STACK_REAPER_ENTRY

Macros

#define MT_THREAD_TERMINATE   0x0001
#define MT_THREAD_SUSPEND_RESUME   0x0002
#define MT_THREAD_SET_CONTEXT   0x0004
#define MT_THREAD_GET_CONTEXT   0x0008
#define MT_THREAD_QUERY_INFO   0x0010
#define MT_THREAD_SET_INFO   0x0020
#define MT_THREAD_ALL_ACCESS   0x003F
#define MT_PROCESS_TERMINATE   0x0001
#define MT_PROCESS_CREATE_THREAD   0x0002
#define MT_PROCESS_VM_OPERATION   0x0004
#define MT_PROCESS_VM_READ   0x0008
#define MT_PROCESS_VM_WRITE   0x0010
#define MT_PROCESS_DUP_HANDLE   0x0020
#define MT_PROCESS_SET_INFO   0x0040
#define MT_PROCESS_QUERY_INFO   0x0080
#define MT_PROCESS_SUSPEND_RESUME   0x0100
#define MT_PROCESS_CREATE_PROCESS   0x0200
#define MT_PROCESS_ALL_ACCESS   0x01FF
#define PROCESS_STACK_SIZE   (32*1024)
#define PROCESS_STACK_ALIGNMENT   16

Typedefs

typedef enum _THREAD_STATE THREAD_STATE
typedef enum _THREAD_STATEPTHREAD_STATE
typedef enum _PROCESS_STATE PROCESS_STATE
typedef enum _PROCESS_STATEPPROCESS_STATE
typedef enum _PS_PHASE_ROUTINE PS_PHASE_ROUTINE
typedef struct _EPROCESS EPROCESS
typedef struct _EPROCESSPEPROCESS
typedef struct _ETHREAD ETHREAD
typedef struct _ETHREADPETHREAD
typedef struct _STACK_REAPER_ENTRY STACK_REAPER_ENTRY
typedef struct _STACK_REAPER_ENTRYPSTACK_REAPER_ENTRY
typedef void * THREAD_PARAMETER
typedef void(* ThreadEntry) (THREAD_PARAMETER)

Enumerations

enum  _THREAD_STATE {
  THREAD_RUNNING , THREAD_READY , THREAD_BLOCKED , THREAD_TERMINATING ,
  THREAD_TERMINATED , THREAD_ZOMBIE
}
enum  _PROCESS_STATE {
  PROCESS_RUNNING = 0 , PROCESS_READY , PROCESS_WAITING , PROCESS_TERMINATING ,
  PROCESS_TERMINATED , PROCESS_SUSPENDED
}
enum  _PS_PHASE_ROUTINE { PS_PHASE_INITIALIZE_SYSTEM = 0 , PS_PHASE_INITIALIZE_WORKER_THREADS }

Functions

MTSTATUS PsCreateProcess (IN const char *ExecutablePath, OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, _In_Opt HANDLE ParentProcess)
MTSTATUS PsCreateThread (HANDLE ProcessHandle, PHANDLE ThreadHandle, ThreadEntry EntryPoint, THREAD_PARAMETER ThreadParameter, TimeSliceTicks TimeSlice)
void MsYieldExecution (PTRAP_FRAME threadRegisters)
MTSTATUS PsCreateSystemThread (ThreadEntry entry, THREAD_PARAMETER parameter, TimeSliceTicks TIMESLICE)
MTSTATUS PsInitializeSystem (IN enum _PS_PHASE_ROUTINE Phase)
void PsDeferKernelStackDeletion (void *StackBase, bool IsLarge)
void PsTerminateProcess (IN PEPROCESS Process)
void PsTerminateThread (IN PETHREAD Thread, IN MTSTATUS ExitStatus)
void PsDeleteThread (IN void *Object)
PETHREAD PsGetCurrentThread (void)
void PsInitializeWorkerThreads (void)
void PsInitializeCidTable (void)
FORCEINLINE PEPROCESS PsGetCurrentProcess (void)
FORCEINLINE void PsTerminateCurrentThread (void)
FORCEINLINE void PsTerminateCurrentProcess (void)
FORCEINLINE PETHREAD PsGetEThreadFromIThread (IN PITHREAD IThread)
FORCEINLINE PEPROCESS PsGetEProcessFromIProcess (IN PIPROCESS IProcess)
FORCEINLINE bool PsIsKernelThread (IN PETHREAD Thread)
HANDLE PsAllocateProcessId (IN PEPROCESS Process)
HANDLE PsAllocateThreadId (IN PETHREAD Thread)
PEPROCESS PsLookupProcessByProcessId (IN HANDLE ProcessId)
PETHREAD PsLookupThreadByThreadId (IN HANDLE ThreadId)
void PsFreeCid (IN HANDLE Cid)
FORCEINLINE void MeEnqueueThreadWithLock (Queue *queue, PETHREAD thread)
FORCEINLINE PETHREAD MeDequeueThreadWithLock (Queue *q)
FORCEINLINE void MeEnqueueThread (Queue *queue, PETHREAD thread)
FORCEINLINE PETHREAD MeDequeueThread (Queue *q)

Variables

EPROCESS PsInitialSystemProcess
POBJECT_TYPE PsProcessType
POBJECT_TYPE PsThreadType

Macro Definition Documentation

◆ MT_PROCESS_ALL_ACCESS

#define MT_PROCESS_ALL_ACCESS   0x01FF

Definition at line 89 of file ps.h.

◆ MT_PROCESS_CREATE_PROCESS

#define MT_PROCESS_CREATE_PROCESS   0x0200

Definition at line 87 of file ps.h.

◆ MT_PROCESS_CREATE_THREAD

#define MT_PROCESS_CREATE_THREAD   0x0002

Definition at line 79 of file ps.h.

◆ MT_PROCESS_DUP_HANDLE

#define MT_PROCESS_DUP_HANDLE   0x0020

Definition at line 83 of file ps.h.

◆ MT_PROCESS_QUERY_INFO

#define MT_PROCESS_QUERY_INFO   0x0080

Definition at line 85 of file ps.h.

◆ MT_PROCESS_SET_INFO

#define MT_PROCESS_SET_INFO   0x0040

Definition at line 84 of file ps.h.

◆ MT_PROCESS_SUSPEND_RESUME

#define MT_PROCESS_SUSPEND_RESUME   0x0100

Definition at line 86 of file ps.h.

◆ MT_PROCESS_TERMINATE

#define MT_PROCESS_TERMINATE   0x0001

Definition at line 78 of file ps.h.

◆ MT_PROCESS_VM_OPERATION

#define MT_PROCESS_VM_OPERATION   0x0004

Definition at line 80 of file ps.h.

◆ MT_PROCESS_VM_READ

#define MT_PROCESS_VM_READ   0x0008

Definition at line 81 of file ps.h.

◆ MT_PROCESS_VM_WRITE

#define MT_PROCESS_VM_WRITE   0x0010

Definition at line 82 of file ps.h.

◆ MT_THREAD_ALL_ACCESS

#define MT_THREAD_ALL_ACCESS   0x003F

Definition at line 72 of file ps.h.

◆ MT_THREAD_GET_CONTEXT

#define MT_THREAD_GET_CONTEXT   0x0008

Definition at line 68 of file ps.h.

◆ MT_THREAD_QUERY_INFO

#define MT_THREAD_QUERY_INFO   0x0010

Definition at line 69 of file ps.h.

◆ MT_THREAD_SET_CONTEXT

#define MT_THREAD_SET_CONTEXT   0x0004

Definition at line 67 of file ps.h.

◆ MT_THREAD_SET_INFO

#define MT_THREAD_SET_INFO   0x0020

Definition at line 70 of file ps.h.

◆ MT_THREAD_SUSPEND_RESUME

#define MT_THREAD_SUSPEND_RESUME   0x0002

Definition at line 66 of file ps.h.

◆ MT_THREAD_TERMINATE

#define MT_THREAD_TERMINATE   0x0001

Definition at line 65 of file ps.h.

◆ PROCESS_STACK_ALIGNMENT

#define PROCESS_STACK_ALIGNMENT   16

Definition at line 142 of file ps.h.

◆ PROCESS_STACK_SIZE

#define PROCESS_STACK_SIZE   (32*1024)

Definition at line 141 of file ps.h.

Typedef Documentation

◆ EPROCESS

typedef struct _EPROCESS EPROCESS

◆ ETHREAD

typedef struct _ETHREAD ETHREAD

◆ PEPROCESS

typedef struct _EPROCESS * PEPROCESS

◆ PETHREAD

typedef struct _ETHREAD * PETHREAD

◆ PPROCESS_STATE

typedef enum _PROCESS_STATE * PPROCESS_STATE

◆ PROCESS_STATE

typedef enum _PROCESS_STATE PROCESS_STATE

◆ PS_PHASE_ROUTINE

typedef enum _PS_PHASE_ROUTINE PS_PHASE_ROUTINE

◆ PSTACK_REAPER_ENTRY

typedef struct _STACK_REAPER_ENTRY * PSTACK_REAPER_ENTRY

◆ PTHREAD_STATE

typedef enum _THREAD_STATE * PTHREAD_STATE

◆ STACK_REAPER_ENTRY

typedef struct _STACK_REAPER_ENTRY STACK_REAPER_ENTRY

◆ THREAD_PARAMETER

typedef void* THREAD_PARAMETER

Definition at line 146 of file ps.h.

◆ THREAD_STATE

typedef enum _THREAD_STATE THREAD_STATE

◆ ThreadEntry

typedef void(* ThreadEntry) (THREAD_PARAMETER)

Definition at line 147 of file ps.h.

Enumeration Type Documentation

◆ _PROCESS_STATE

enum _PROCESS_STATE
Enumerator
PROCESS_RUNNING 
PROCESS_READY 
PROCESS_WAITING 
PROCESS_TERMINATING 
PROCESS_TERMINATED 
PROCESS_SUSPENDED 

Definition at line 46 of file ps.h.

◆ _PS_PHASE_ROUTINE

enum _PS_PHASE_ROUTINE
Enumerator
PS_PHASE_INITIALIZE_SYSTEM 
PS_PHASE_INITIALIZE_WORKER_THREADS 

Definition at line 55 of file ps.h.

◆ _THREAD_STATE

enum _THREAD_STATE
Enumerator
THREAD_RUNNING 
THREAD_READY 
THREAD_BLOCKED 
THREAD_TERMINATING 
THREAD_TERMINATED 
THREAD_ZOMBIE 

Definition at line 37 of file ps.h.

Function Documentation

◆ MeDequeueThread()

FORCEINLINE PETHREAD MeDequeueThread ( Queue * q)

Definition at line 394 of file ps.h.

◆ MeDequeueThreadWithLock()

FORCEINLINE PETHREAD MeDequeueThreadWithLock ( Queue * q)

Definition at line 336 of file ps.h.

◆ MeEnqueueThread()

FORCEINLINE void MeEnqueueThread ( Queue * queue,
PETHREAD thread )

Definition at line 371 of file ps.h.

◆ MeEnqueueThreadWithLock()

FORCEINLINE void MeEnqueueThreadWithLock ( Queue * queue,
PETHREAD thread )

Definition at line 306 of file ps.h.

◆ MsYieldExecution()

void MsYieldExecution ( PTRAP_FRAME threadRegisters)
extern

◆ PsAllocateProcessId()

HANDLE PsAllocateProcessId ( IN PEPROCESS Process)

Definition at line 59 of file cid.c.

◆ PsAllocateThreadId()

HANDLE PsAllocateThreadId ( IN PETHREAD Thread)

Definition at line 88 of file cid.c.

◆ PsCreateProcess()

MTSTATUS PsCreateProcess ( IN const char * ExecutablePath,
OUT PHANDLE ProcessHandle,
IN ACCESS_MASK DesiredAccess,
_In_Opt HANDLE ParentProcess )

Definition at line 50 of file process.c.

◆ PsCreateSystemThread()

MTSTATUS PsCreateSystemThread ( ThreadEntry entry,
THREAD_PARAMETER parameter,
TimeSliceTicks TIMESLICE )

Definition at line 122 of file thread.c.

◆ PsCreateThread()

MTSTATUS PsCreateThread ( HANDLE ProcessHandle,
PHANDLE ThreadHandle,
ThreadEntry EntryPoint,
THREAD_PARAMETER ThreadParameter,
TimeSliceTicks TimeSlice )

Definition at line 34 of file thread.c.

◆ PsDeferKernelStackDeletion()

void PsDeferKernelStackDeletion ( void * StackBase,
bool IsLarge )

Definition at line 65 of file pswork.c.

◆ PsDeleteThread()

void PsDeleteThread ( IN void * Object)

Definition at line 220 of file thread.c.

◆ PsFreeCid()

void PsFreeCid ( IN HANDLE Cid)

Definition at line 163 of file cid.c.

◆ PsGetCurrentProcess()

FORCEINLINE PEPROCESS PsGetCurrentProcess ( void )

Definition at line 212 of file ps.h.

◆ PsGetCurrentThread()

PETHREAD PsGetCurrentThread ( void )

Definition at line 191 of file thread.c.

◆ PsGetEProcessFromIProcess()

FORCEINLINE PEPROCESS PsGetEProcessFromIProcess ( IN PIPROCESS IProcess)

Definition at line 249 of file ps.h.

◆ PsGetEThreadFromIThread()

FORCEINLINE PETHREAD PsGetEThreadFromIThread ( IN PITHREAD IThread)

Definition at line 239 of file ps.h.

◆ PsInitializeCidTable()

void PsInitializeCidTable ( void )

Definition at line 27 of file cid.c.

◆ PsInitializeSystem()

MTSTATUS PsInitializeSystem ( IN enum _PS_PHASE_ROUTINE Phase)

Definition at line 97 of file psmgr.c.

◆ PsInitializeWorkerThreads()

void PsInitializeWorkerThreads ( void )

Definition at line 89 of file pswork.c.

◆ PsIsKernelThread()

FORCEINLINE bool PsIsKernelThread ( IN PETHREAD Thread)

Definition at line 259 of file ps.h.

◆ PsLookupProcessByProcessId()

PEPROCESS PsLookupProcessByProcessId ( IN HANDLE ProcessId)

Definition at line 113 of file cid.c.

◆ PsLookupThreadByThreadId()

PETHREAD PsLookupThreadByThreadId ( IN HANDLE ThreadId)

Definition at line 138 of file cid.c.

◆ PsTerminateCurrentProcess()

FORCEINLINE void PsTerminateCurrentProcess ( void )

Definition at line 233 of file ps.h.

◆ PsTerminateCurrentThread()

FORCEINLINE void PsTerminateCurrentThread ( void )

Definition at line 227 of file ps.h.

◆ PsTerminateProcess()

void PsTerminateProcess ( IN PEPROCESS Process)

Definition at line 231 of file process.c.

◆ PsTerminateThread()

void PsTerminateThread ( IN PETHREAD Thread,
IN MTSTATUS ExitStatus )

Definition at line 196 of file thread.c.

Variable Documentation

◆ PsInitialSystemProcess

EPROCESS PsInitialSystemProcess
extern

The Stack Overflow check only checks for minor overflows, that don't completely smash the stack, yet do change the canaries (since it only checks in function epilogue) Complete stack smashes are guarded with the guard page in MiCreateKernelStack.

Definition at line 162 of file kernel.c.

◆ PsProcessType

POBJECT_TYPE PsProcessType
extern

Definition at line 30 of file psmgr.c.

◆ PsThreadType

POBJECT_TYPE PsThreadType
extern

Definition at line 31 of file psmgr.c.