Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
/*
|
2006-07-19 23:21:19 +00:00
|
|
|
* PROJECT: ReactOS Kernel
|
|
|
|
|
* LICENSE: GPL - See COPYING in the top level directory
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
* FILE: ntoskrnl/ps/query.c
|
2006-07-19 23:21:19 +00:00
|
|
|
* PURPOSE: Process Manager: Thread/Process Query/Set Information
|
|
|
|
|
* PROGRAMMERS: Alex Ionescu (alex.ionescu@reactos.org)
|
|
|
|
|
* Thomas Weidenmueller (w3seek@reactos.org)
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/* INCLUDES ******************************************************************/
|
|
|
|
|
|
|
|
|
|
#include <ntoskrnl.h>
|
|
|
|
|
#define NDEBUG
|
|
|
|
|
#include <internal/debug.h>
|
|
|
|
|
|
2006-07-19 23:21:19 +00:00
|
|
|
/* Include Information Class Tables */
|
|
|
|
|
#include "internal/ps_i.h"
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-23 07:13:19 +00:00
|
|
|
/* Debugging Level */
|
2007-03-25 14:33:54 +00:00
|
|
|
ULONG PspTraceLevel = 0;
|
2006-07-23 07:13:19 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* PRIVATE FUNCTIONS *********************************************************/
|
|
|
|
|
|
2006-07-27 00:22:36 +00:00
|
|
|
NTSTATUS
|
|
|
|
|
NTAPI
|
|
|
|
|
PsReferenceProcessFilePointer(IN PEPROCESS Process,
|
|
|
|
|
OUT PFILE_OBJECT *FileObject)
|
|
|
|
|
{
|
|
|
|
|
PROS_SECTION_OBJECT Section;
|
|
|
|
|
PAGED_CODE();
|
|
|
|
|
|
|
|
|
|
/* Lock the process */
|
|
|
|
|
ExAcquireRundownProtection(&Process->RundownProtect);
|
|
|
|
|
|
|
|
|
|
/* Get the section */
|
|
|
|
|
Section = (PROS_SECTION_OBJECT)Process->SectionObject;
|
|
|
|
|
if (Section)
|
|
|
|
|
{
|
|
|
|
|
/* Get the file object and reference it */
|
|
|
|
|
*FileObject = MmGetFileObjectForSection(Section);
|
|
|
|
|
ObReferenceObject(*FileObject);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Release the protection */
|
|
|
|
|
ExReleaseRundownProtection(&Process->RundownProtect);
|
|
|
|
|
|
|
|
|
|
/* Return status */
|
|
|
|
|
return Section ? STATUS_SUCCESS : STATUS_UNSUCCESSFUL;
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* PUBLIC FUNCTIONS **********************************************************/
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
|
|
|
|
/*
|
2006-07-20 00:13:09 +00:00
|
|
|
* @implemented
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
*/
|
2006-07-19 23:21:19 +00:00
|
|
|
NTSTATUS
|
|
|
|
|
NTAPI
|
|
|
|
|
NtQueryInformationProcess(IN HANDLE ProcessHandle,
|
|
|
|
|
IN PROCESSINFOCLASS ProcessInformationClass,
|
|
|
|
|
OUT PVOID ProcessInformation,
|
|
|
|
|
IN ULONG ProcessInformationLength,
|
2006-07-20 00:13:09 +00:00
|
|
|
OUT PULONG ReturnLength OPTIONAL)
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
{
|
2006-07-19 23:21:19 +00:00
|
|
|
PEPROCESS Process;
|
|
|
|
|
KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
|
2007-01-25 22:39:32 +00:00
|
|
|
NTSTATUS Status = STATUS_SUCCESS;
|
2006-07-20 00:13:09 +00:00
|
|
|
ULONG Length = 0;
|
|
|
|
|
PPROCESS_BASIC_INFORMATION ProcessBasicInfo =
|
|
|
|
|
(PPROCESS_BASIC_INFORMATION)ProcessInformation;
|
|
|
|
|
PKERNEL_USER_TIMES ProcessTime = (PKERNEL_USER_TIMES)ProcessInformation;
|
|
|
|
|
ULONG HandleCount;
|
|
|
|
|
PPROCESS_SESSION_INFORMATION SessionInfo =
|
|
|
|
|
(PPROCESS_SESSION_INFORMATION)ProcessInformation;
|
|
|
|
|
PVM_COUNTERS VmCounters = (PVM_COUNTERS)ProcessInformation;
|
|
|
|
|
PROCESS_DEVICEMAP_INFORMATION DeviceMap;
|
2006-07-27 05:03:03 +00:00
|
|
|
PUNICODE_STRING ImageName;
|
2006-07-20 00:13:09 +00:00
|
|
|
ULONG Cookie;
|
2006-07-19 23:21:19 +00:00
|
|
|
PAGED_CODE();
|
|
|
|
|
|
|
|
|
|
/* Check validity of Information Class */
|
2007-01-25 22:39:32 +00:00
|
|
|
#if 0
|
2006-07-19 23:21:19 +00:00
|
|
|
Status = DefaultQueryInfoBufferCheck(ProcessInformationClass,
|
|
|
|
|
PsProcessInfoClass,
|
|
|
|
|
RTL_NUMBER_OF(PsProcessInfoClass),
|
|
|
|
|
ProcessInformation,
|
|
|
|
|
ProcessInformationLength,
|
|
|
|
|
ReturnLength,
|
|
|
|
|
PreviousMode);
|
2006-07-20 00:13:09 +00:00
|
|
|
if (!NT_SUCCESS(Status)) return Status;
|
2007-01-25 22:39:32 +00:00
|
|
|
#endif
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Check if this isn't the cookie class */
|
2006-07-19 23:21:19 +00:00
|
|
|
if(ProcessInformationClass != ProcessCookie)
|
|
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Reference the process */
|
2006-07-19 23:21:19 +00:00
|
|
|
Status = ObReferenceObjectByHandle(ProcessHandle,
|
|
|
|
|
PROCESS_QUERY_INFORMATION,
|
|
|
|
|
PsProcessType,
|
|
|
|
|
PreviousMode,
|
|
|
|
|
(PVOID*)&Process,
|
|
|
|
|
NULL);
|
2006-07-20 00:13:09 +00:00
|
|
|
if (!NT_SUCCESS(Status)) return Status;
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
|
|
|
|
else if(ProcessHandle != NtCurrentProcess())
|
|
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
/*
|
|
|
|
|
* Retreiving the process cookie is only allowed for the calling process
|
|
|
|
|
* itself! XP only allowes NtCurrentProcess() as process handles even if
|
|
|
|
|
* a real handle actually represents the current process.
|
|
|
|
|
*/
|
2006-07-19 23:21:19 +00:00
|
|
|
return STATUS_INVALID_PARAMETER;
|
|
|
|
|
}
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Check the information class */
|
2006-07-19 23:21:19 +00:00
|
|
|
switch (ProcessInformationClass)
|
|
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Basic process information */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessBasicInformation:
|
2006-07-20 00:13:09 +00:00
|
|
|
|
2007-08-26 07:51:51 +00:00
|
|
|
/* Set return length */
|
|
|
|
|
Length = sizeof(PROCESS_BASIC_INFORMATION);
|
|
|
|
|
|
|
|
|
|
if ( ProcessInformationLength != Length )
|
|
|
|
|
{
|
|
|
|
|
Status = STATUS_INFO_LENGTH_MISMATCH;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Protect writes with SEH */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Write all the information from the EPROCESS/KPROCESS */
|
|
|
|
|
ProcessBasicInfo->ExitStatus = Process->ExitStatus;
|
|
|
|
|
ProcessBasicInfo->PebBaseAddress = Process->Peb;
|
|
|
|
|
ProcessBasicInfo->AffinityMask = Process->Pcb.Affinity;
|
|
|
|
|
ProcessBasicInfo->UniqueProcessId = (ULONG)Process->
|
|
|
|
|
UniqueProcessId;
|
|
|
|
|
ProcessBasicInfo->InheritedFromUniqueProcessId =
|
|
|
|
|
(ULONG)Process->InheritedFromUniqueProcessId;
|
|
|
|
|
ProcessBasicInfo->BasePriority = Process->Pcb.BasePriority;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Get exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-20 00:13:09 +00:00
|
|
|
_SEH_END;
|
|
|
|
|
break;
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Quote limits and I/O Counters: not implemented */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessQuotaLimits:
|
|
|
|
|
case ProcessIoCounters:
|
2007-08-26 07:51:51 +00:00
|
|
|
|
|
|
|
|
Length = sizeof(IO_COUNTERS);
|
|
|
|
|
if ( ProcessInformationLength != Length )
|
|
|
|
|
{
|
|
|
|
|
Status = STATUS_INFO_LENGTH_MISMATCH;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-19 23:21:19 +00:00
|
|
|
Status = STATUS_NOT_IMPLEMENTED;
|
|
|
|
|
break;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Timing */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessTimes:
|
2006-07-20 00:13:09 +00:00
|
|
|
|
2007-08-26 07:51:51 +00:00
|
|
|
/* Set the return length */
|
|
|
|
|
Length = sizeof(KERNEL_USER_TIMES);
|
|
|
|
|
|
|
|
|
|
if ( ProcessInformationLength != Length )
|
|
|
|
|
{
|
|
|
|
|
Status = STATUS_INFO_LENGTH_MISMATCH;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Protect writes with SEH */
|
|
|
|
|
_SEH_TRY
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Copy time information from EPROCESS/KPROCESS */
|
|
|
|
|
ProcessTime->CreateTime = Process->CreateTime;
|
|
|
|
|
ProcessTime->UserTime.QuadPart = Process->Pcb.UserTime *
|
|
|
|
|
100000LL;
|
|
|
|
|
ProcessTime->KernelTime.QuadPart = Process->Pcb.KernelTime *
|
|
|
|
|
100000LL;
|
|
|
|
|
ProcessTime->ExitTime = Process->ExitTime;
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-20 00:13:09 +00:00
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
break;
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Process Debug Port */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessDebugPort:
|
2006-07-20 00:13:09 +00:00
|
|
|
|
|
|
|
|
/* Protect write with SEH */
|
|
|
|
|
_SEH_TRY
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Return whether or not we have a debug port */
|
|
|
|
|
*(PHANDLE)ProcessInformation = (Process->DebugPort ?
|
|
|
|
|
(HANDLE)-1 : NULL);
|
|
|
|
|
|
|
|
|
|
/* Set the return length*/
|
|
|
|
|
Length = sizeof(HANDLE);
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-20 00:13:09 +00:00
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
break;
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* LDT, WS and VDM Information: not implemented */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessLdtInformation:
|
|
|
|
|
case ProcessWorkingSetWatch:
|
|
|
|
|
case ProcessWx86Information:
|
|
|
|
|
Status = STATUS_NOT_IMPLEMENTED;
|
|
|
|
|
break;
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessHandleCount:
|
2006-07-20 00:13:09 +00:00
|
|
|
|
2007-08-26 07:51:51 +00:00
|
|
|
/* Set the return length*/
|
|
|
|
|
Length = sizeof(ULONG);
|
|
|
|
|
|
|
|
|
|
if ( ProcessInformationLength != Length )
|
|
|
|
|
{
|
|
|
|
|
Status = STATUS_INFO_LENGTH_MISMATCH;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Count the number of handles this process has */
|
|
|
|
|
HandleCount = ObpGetHandleCountByHandleTable(Process->ObjectTable);
|
|
|
|
|
|
|
|
|
|
/* Protect write in SEH */
|
|
|
|
|
_SEH_TRY
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Return the count of handles */
|
|
|
|
|
*(PULONG)ProcessInformation = HandleCount;
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-20 00:13:09 +00:00
|
|
|
_SEH_END;
|
|
|
|
|
break;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Session ID for the process */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessSessionInformation:
|
2006-07-20 00:13:09 +00:00
|
|
|
|
|
|
|
|
/* Enter SEH for write safety */
|
|
|
|
|
_SEH_TRY
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Write back the Session ID */
|
|
|
|
|
SessionInfo->SessionId = Process->Session;
|
|
|
|
|
|
|
|
|
|
/* Set the return length */
|
|
|
|
|
Length = sizeof(PROCESS_SESSION_INFORMATION);
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-20 00:13:09 +00:00
|
|
|
_SEH_END;
|
|
|
|
|
break;
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* WOW64: Not implemented */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessWow64Information:
|
|
|
|
|
Status = STATUS_NOT_IMPLEMENTED;
|
|
|
|
|
break;
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Virtual Memory Statistics */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessVmCounters:
|
2006-07-20 00:13:09 +00:00
|
|
|
|
2007-08-26 07:51:51 +00:00
|
|
|
/* Set the return length */
|
|
|
|
|
Length = sizeof(VM_COUNTERS);
|
|
|
|
|
|
|
|
|
|
if ( ProcessInformationLength != Length )
|
|
|
|
|
{
|
|
|
|
|
Status = STATUS_INFO_LENGTH_MISMATCH;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Enter SEH for write safety */
|
|
|
|
|
_SEH_TRY
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Return data from EPROCESS */
|
|
|
|
|
VmCounters->PeakVirtualSize = Process->PeakVirtualSize;
|
|
|
|
|
VmCounters->VirtualSize = Process->VirtualSize;
|
|
|
|
|
VmCounters->PageFaultCount = Process->Vm.PageFaultCount;
|
|
|
|
|
VmCounters->PeakWorkingSetSize = Process->Vm.PeakWorkingSetSize;
|
|
|
|
|
VmCounters->WorkingSetSize = Process->Vm.WorkingSetSize;
|
|
|
|
|
VmCounters->QuotaPeakPagedPoolUsage = Process->QuotaPeak[0];
|
|
|
|
|
VmCounters->QuotaPagedPoolUsage = Process->QuotaUsage[0];
|
|
|
|
|
VmCounters->QuotaPeakNonPagedPoolUsage = Process->QuotaPeak[1];
|
|
|
|
|
VmCounters->QuotaNonPagedPoolUsage = Process->QuotaUsage[1];
|
|
|
|
|
VmCounters->PagefileUsage = Process->QuotaUsage[2];
|
|
|
|
|
VmCounters->PeakPagefileUsage = Process->QuotaPeak[2];
|
|
|
|
|
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-20 00:13:09 +00:00
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
break;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Hard Error Processing Mode */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessDefaultHardErrorMode:
|
2006-07-20 00:13:09 +00:00
|
|
|
|
|
|
|
|
/* Enter SEH for writing back data */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Write the current processing mode */
|
|
|
|
|
*(PULONG)ProcessInformation = Process->
|
|
|
|
|
DefaultHardErrorProcessing;
|
|
|
|
|
|
|
|
|
|
/* Set the return length */
|
|
|
|
|
Length = sizeof(ULONG);
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-20 00:13:09 +00:00
|
|
|
_SEH_END;
|
|
|
|
|
break;
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Priority Boosting status */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessPriorityBoost:
|
2006-07-20 00:13:09 +00:00
|
|
|
|
|
|
|
|
/* Enter SEH for writing back data */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Return boost status */
|
|
|
|
|
*(PULONG)ProcessInformation = Process->Pcb.DisableBoost ?
|
|
|
|
|
FALSE : TRUE;
|
|
|
|
|
|
|
|
|
|
/* Set the return length */
|
|
|
|
|
Length = sizeof(ULONG);
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
2006-07-20 00:13:09 +00:00
|
|
|
_SEH_END;
|
|
|
|
|
break;
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* DOS Device Map */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessDeviceMap:
|
2006-07-20 00:13:09 +00:00
|
|
|
|
|
|
|
|
/* Query the device map information */
|
|
|
|
|
ObQueryDeviceMapInformation(Process, &DeviceMap);
|
|
|
|
|
|
|
|
|
|
/* Enter SEH for writing back data */
|
|
|
|
|
_SEH_TRY
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
*(PPROCESS_DEVICEMAP_INFORMATION)ProcessInformation = DeviceMap;
|
|
|
|
|
|
|
|
|
|
/* Set the return length */
|
|
|
|
|
Length = sizeof(PROCESS_DEVICEMAP_INFORMATION);
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
2006-07-20 00:13:09 +00:00
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
break;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Priority class */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessPriorityClass:
|
2006-07-20 00:13:09 +00:00
|
|
|
|
|
|
|
|
/* Enter SEH for writing back data */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Return current priority class */
|
|
|
|
|
*(PUSHORT)ProcessInformation = Process->PriorityClass;
|
|
|
|
|
|
|
|
|
|
/* Set the return length */
|
|
|
|
|
Length = sizeof(USHORT);
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-20 00:13:09 +00:00
|
|
|
_SEH_END;
|
|
|
|
|
break;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessImageFileName:
|
2006-07-20 00:13:09 +00:00
|
|
|
|
|
|
|
|
/* Get the image path */
|
2006-07-27 05:03:03 +00:00
|
|
|
Status = SeLocateProcessImageName(Process, &ImageName);
|
|
|
|
|
if (NT_SUCCESS(Status))
|
|
|
|
|
{
|
|
|
|
|
/* Set return length */
|
|
|
|
|
Length = ImageName->MaximumLength +
|
|
|
|
|
sizeof(OBJECT_NAME_INFORMATION);
|
|
|
|
|
|
|
|
|
|
/* Make sure it's large enough */
|
|
|
|
|
if (Length <= ProcessInformationLength)
|
|
|
|
|
{
|
|
|
|
|
/* Enter SEH to protect write */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Copy it */
|
2006-10-22 09:06:58 +00:00
|
|
|
RtlCopyMemory(ProcessInformation,
|
2006-07-27 05:03:03 +00:00
|
|
|
ImageName,
|
|
|
|
|
Length);
|
|
|
|
|
|
|
|
|
|
/* Update pointer */
|
|
|
|
|
((PUNICODE_STRING)ProcessInformation)->Buffer =
|
|
|
|
|
(PWSTR)((PUNICODE_STRING)ProcessInformation + 1);
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
}
|
|
|
|
|
}
|
2006-07-20 00:13:09 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
/* Per-process security cookie */
|
|
|
|
|
case ProcessCookie:
|
|
|
|
|
|
|
|
|
|
/* Get the current process and cookie */
|
|
|
|
|
Process = PsGetCurrentProcess();
|
|
|
|
|
Cookie = Process->Cookie;
|
2006-07-27 18:28:26 +00:00
|
|
|
if (!Cookie)
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
LARGE_INTEGER SystemTime;
|
|
|
|
|
ULONG NewCookie;
|
|
|
|
|
PKPRCB Prcb;
|
|
|
|
|
|
|
|
|
|
/* Generate a new cookie */
|
|
|
|
|
KeQuerySystemTime(&SystemTime);
|
|
|
|
|
Prcb = KeGetCurrentPrcb();
|
|
|
|
|
NewCookie = Prcb->KeSystemCalls ^ Prcb->InterruptTime ^
|
|
|
|
|
SystemTime.u.LowPart ^ SystemTime.u.HighPart;
|
|
|
|
|
|
|
|
|
|
/* Set the new cookie or return the current one */
|
|
|
|
|
Cookie = InterlockedCompareExchange((LONG*)&Process->Cookie,
|
|
|
|
|
NewCookie,
|
|
|
|
|
Cookie);
|
2006-07-27 18:28:26 +00:00
|
|
|
if (!Cookie) Cookie = NewCookie;
|
2006-07-20 00:13:09 +00:00
|
|
|
|
|
|
|
|
/* Set return length */
|
|
|
|
|
Length = sizeof(ULONG);
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Enter SEH to protect write */
|
|
|
|
|
_SEH_TRY
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Write back the cookie */
|
|
|
|
|
*(PULONG)ProcessInformation = Cookie;
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-20 00:13:09 +00:00
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
break;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Not yet implemented, or unknown */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessBasePriority:
|
|
|
|
|
case ProcessRaisePriority:
|
|
|
|
|
case ProcessExceptionPort:
|
|
|
|
|
case ProcessAccessToken:
|
|
|
|
|
case ProcessLdtSize:
|
|
|
|
|
case ProcessIoPortHandlers:
|
|
|
|
|
case ProcessUserModeIOPL:
|
|
|
|
|
case ProcessEnableAlignmentFaultFixup:
|
|
|
|
|
case ProcessAffinityMask:
|
|
|
|
|
case ProcessForegroundInformation:
|
|
|
|
|
default:
|
|
|
|
|
Status = STATUS_INVALID_INFO_CLASS;
|
|
|
|
|
}
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-20 00:13:09 +00:00
|
|
|
/* Protect write with SEH */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Check if caller wanted return length */
|
|
|
|
|
if (ReturnLength) *ReturnLength = Length;
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
|
|
|
|
|
/* If we referenced the process, dereference it */
|
2006-07-19 23:21:19 +00:00
|
|
|
if(ProcessInformationClass != ProcessCookie) ObDereferenceObject(Process);
|
|
|
|
|
return Status;
|
|
|
|
|
}
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-19 23:21:19 +00:00
|
|
|
/*
|
2006-07-20 03:05:46 +00:00
|
|
|
* @implemented
|
2006-07-19 23:21:19 +00:00
|
|
|
*/
|
|
|
|
|
NTSTATUS
|
|
|
|
|
NTAPI
|
|
|
|
|
NtSetInformationProcess(IN HANDLE ProcessHandle,
|
|
|
|
|
IN PROCESSINFOCLASS ProcessInformationClass,
|
|
|
|
|
IN PVOID ProcessInformation,
|
|
|
|
|
IN ULONG ProcessInformationLength)
|
|
|
|
|
{
|
|
|
|
|
PEPROCESS Process;
|
|
|
|
|
KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
|
|
|
|
|
ACCESS_MASK Access;
|
2007-04-02 15:08:54 +00:00
|
|
|
NTSTATUS Status;
|
2006-07-20 03:05:46 +00:00
|
|
|
HANDLE PortHandle = NULL;
|
|
|
|
|
HANDLE TokenHandle = NULL;
|
2006-07-23 19:14:19 +00:00
|
|
|
PROCESS_SESSION_INFORMATION SessionInfo = {0};
|
2006-10-30 14:17:37 +00:00
|
|
|
PVOID ExceptionPort;
|
2006-07-19 23:21:19 +00:00
|
|
|
PAGED_CODE();
|
|
|
|
|
|
|
|
|
|
/* Verify Information Class validity */
|
2007-01-25 22:39:32 +00:00
|
|
|
#if 0
|
2006-07-19 23:21:19 +00:00
|
|
|
Status = DefaultSetInfoBufferCheck(ProcessInformationClass,
|
|
|
|
|
PsProcessInfoClass,
|
|
|
|
|
RTL_NUMBER_OF(PsProcessInfoClass),
|
|
|
|
|
ProcessInformation,
|
|
|
|
|
ProcessInformationLength,
|
|
|
|
|
PreviousMode);
|
2006-07-20 03:05:46 +00:00
|
|
|
if (!NT_SUCCESS(Status)) return Status;
|
2007-01-25 22:39:32 +00:00
|
|
|
#endif
|
2006-07-20 03:05:46 +00:00
|
|
|
|
|
|
|
|
/* Check what class this is */
|
|
|
|
|
Access = PROCESS_SET_INFORMATION;
|
|
|
|
|
if (ProcessInformationClass == ProcessSessionInformation)
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Setting the Session ID needs a special mask */
|
|
|
|
|
Access |= PROCESS_SET_SESSIONID;
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-20 03:05:46 +00:00
|
|
|
else if (ProcessInformationClass == ProcessExceptionPort)
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Setting the exception port needs a special mask */
|
|
|
|
|
Access |= PROCESS_SUSPEND_RESUME;
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Reference the process */
|
2006-07-19 23:21:19 +00:00
|
|
|
Status = ObReferenceObjectByHandle(ProcessHandle,
|
|
|
|
|
Access,
|
|
|
|
|
PsProcessType,
|
|
|
|
|
PreviousMode,
|
|
|
|
|
(PVOID*)&Process,
|
|
|
|
|
NULL);
|
2006-07-20 03:05:46 +00:00
|
|
|
if (!NT_SUCCESS(Status)) return Status;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Check what kind of information class this is */
|
2006-07-19 23:21:19 +00:00
|
|
|
switch (ProcessInformationClass)
|
|
|
|
|
{
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Quotas and priorities: not implemented */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessQuotaLimits:
|
|
|
|
|
case ProcessBasePriority:
|
|
|
|
|
case ProcessRaisePriority:
|
|
|
|
|
Status = STATUS_NOT_IMPLEMENTED;
|
|
|
|
|
break;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Error/Exception Port */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessExceptionPort:
|
|
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Use SEH for capture */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Capture the handle */
|
|
|
|
|
PortHandle = *(PHANDLE)ProcessInformation;
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
if (!NT_SUCCESS(Status)) break;
|
|
|
|
|
|
|
|
|
|
/* Get the LPC Port */
|
|
|
|
|
Status = ObReferenceObjectByHandle(PortHandle,
|
|
|
|
|
0,
|
|
|
|
|
LpcPortObjectType,
|
|
|
|
|
PreviousMode,
|
|
|
|
|
(PVOID)&ExceptionPort,
|
|
|
|
|
NULL);
|
|
|
|
|
if (!NT_SUCCESS(Status)) break;
|
|
|
|
|
|
2006-07-20 17:44:30 +00:00
|
|
|
/* Change the pointer */
|
|
|
|
|
if (InterlockedCompareExchangePointer(&Process->ExceptionPort,
|
|
|
|
|
ExceptionPort,
|
|
|
|
|
NULL))
|
2006-07-20 03:05:46 +00:00
|
|
|
{
|
2006-07-20 17:44:30 +00:00
|
|
|
/* We already had one, fail */
|
2006-07-20 03:05:46 +00:00
|
|
|
ObDereferenceObject(ExceptionPort);
|
2006-07-20 17:44:30 +00:00
|
|
|
Status = STATUS_PORT_ALREADY_SET;
|
2006-07-20 03:05:46 +00:00
|
|
|
}
|
|
|
|
|
break;
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Security Token */
|
|
|
|
|
case ProcessAccessToken:
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Use SEH for capture */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Save the token handle */
|
|
|
|
|
TokenHandle = ((PPROCESS_ACCESS_TOKEN)ProcessInformation)->
|
|
|
|
|
Token;
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-20 03:05:46 +00:00
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
if (!NT_SUCCESS(Status)) break;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Assign the actual token */
|
2006-07-22 16:03:12 +00:00
|
|
|
Status = PspSetPrimaryToken(Process, TokenHandle, NULL);
|
2006-07-20 03:05:46 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
/* Hard error processing */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessDefaultHardErrorMode:
|
2006-07-20 03:05:46 +00:00
|
|
|
|
|
|
|
|
/* Enter SEH for direct buffer read */
|
|
|
|
|
_SEH_TRY
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Update the current mode abd return the previous one */
|
|
|
|
|
InterlockedExchange((LONG*)&Process->DefaultHardErrorProcessing,
|
|
|
|
|
*(PLONG)ProcessInformation);
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-20 03:05:46 +00:00
|
|
|
_SEH_HANDLE
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Get exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
break;
|
2005-05-09 01:38:29 +00:00
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Session ID */
|
|
|
|
|
case ProcessSessionInformation:
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Enter SEH for capture */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Capture the caller's buffer */
|
|
|
|
|
SessionInfo = *(PPROCESS_SESSION_INFORMATION)ProcessInformation;
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
if (!NT_SUCCESS(Status)) break;
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Setting the session id requires the SeTcbPrivilege */
|
|
|
|
|
if (!SeSinglePrivilegeCheck(SeTcbPrivilege, PreviousMode))
|
|
|
|
|
{
|
|
|
|
|
/* Can't set the session ID, bail out. */
|
|
|
|
|
Status = STATUS_PRIVILEGE_NOT_HELD;
|
2006-07-19 23:21:19 +00:00
|
|
|
break;
|
|
|
|
|
}
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* FIXME - update the session id for the process token */
|
2006-07-20 17:44:30 +00:00
|
|
|
//Status = PsLockProcess(Process, FALSE);
|
2006-07-20 03:05:46 +00:00
|
|
|
if (!NT_SUCCESS(Status)) break;
|
|
|
|
|
|
|
|
|
|
/* Write the session ID in the EPROCESS */
|
|
|
|
|
Process->Session = SessionInfo.SessionId;
|
|
|
|
|
|
|
|
|
|
/* Check if the process also has a PEB */
|
|
|
|
|
if (Process->Peb)
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-20 03:05:46 +00:00
|
|
|
/*
|
|
|
|
|
* Attach to the process to make sure we're in the right
|
|
|
|
|
* context to access the PEB structure
|
|
|
|
|
*/
|
|
|
|
|
KeAttachProcess(&Process->Pcb);
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Enter SEH for write to user-mode PEB */
|
2006-07-19 23:21:19 +00:00
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Write the session ID */
|
|
|
|
|
Process->Peb->SessionId = SessionInfo.SessionId;
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Get exception code */
|
2006-07-19 23:21:19 +00:00
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Detach from the process */
|
|
|
|
|
KeDetachProcess();
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Unlock the process */
|
2006-07-20 17:44:30 +00:00
|
|
|
//PsUnlockProcess(Process);
|
2006-07-20 03:05:46 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
/* Priority class: HACK! */
|
|
|
|
|
case ProcessPriorityClass:
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
/* We currently don't implement any of these */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessLdtInformation:
|
|
|
|
|
case ProcessLdtSize:
|
|
|
|
|
case ProcessIoPortHandlers:
|
|
|
|
|
case ProcessWorkingSetWatch:
|
|
|
|
|
case ProcessUserModeIOPL:
|
|
|
|
|
case ProcessEnableAlignmentFaultFixup:
|
|
|
|
|
case ProcessAffinityMask:
|
|
|
|
|
Status = STATUS_NOT_IMPLEMENTED;
|
|
|
|
|
break;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
|
2006-07-20 03:05:46 +00:00
|
|
|
/* Supposedly these are invalid...!? verify! */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ProcessBasicInformation:
|
|
|
|
|
case ProcessIoCounters:
|
|
|
|
|
case ProcessTimes:
|
|
|
|
|
case ProcessPooledUsageAndLimits:
|
|
|
|
|
case ProcessWx86Information:
|
|
|
|
|
case ProcessHandleCount:
|
|
|
|
|
case ProcessWow64Information:
|
|
|
|
|
case ProcessDebugPort:
|
|
|
|
|
default:
|
|
|
|
|
Status = STATUS_INVALID_INFO_CLASS;
|
|
|
|
|
}
|
2006-07-20 03:05:46 +00:00
|
|
|
|
|
|
|
|
/* Dereference and return status */
|
2006-07-19 23:21:19 +00:00
|
|
|
ObDereferenceObject(Process);
|
2006-07-20 03:05:46 +00:00
|
|
|
return Status;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
2006-07-27 16:43:03 +00:00
|
|
|
* @implemented
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
*/
|
2006-07-19 23:21:19 +00:00
|
|
|
NTSTATUS
|
|
|
|
|
NTAPI
|
|
|
|
|
NtSetInformationThread(IN HANDLE ThreadHandle,
|
|
|
|
|
IN THREADINFOCLASS ThreadInformationClass,
|
|
|
|
|
IN PVOID ThreadInformation,
|
|
|
|
|
IN ULONG ThreadInformationLength)
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
{
|
2006-07-19 23:21:19 +00:00
|
|
|
PETHREAD Thread;
|
2006-07-27 16:43:03 +00:00
|
|
|
ULONG Access;
|
2006-07-19 23:21:19 +00:00
|
|
|
KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
|
2007-04-02 15:08:54 +00:00
|
|
|
NTSTATUS Status;
|
2006-07-27 16:43:03 +00:00
|
|
|
HANDLE TokenHandle = NULL;
|
|
|
|
|
KPRIORITY Priority = 0;
|
2007-01-25 22:39:32 +00:00
|
|
|
KAFFINITY Affinity = 0, CombinedAffinity;
|
2006-07-27 16:43:03 +00:00
|
|
|
PVOID Address = NULL;
|
|
|
|
|
PEPROCESS Process;
|
2007-01-25 22:39:32 +00:00
|
|
|
ULONG DisableBoost = 0;
|
|
|
|
|
ULONG IdealProcessor = 0;
|
|
|
|
|
PTEB Teb;
|
|
|
|
|
ULONG TlsIndex = 0;
|
|
|
|
|
PVOID *ExpansionSlots;
|
2007-02-01 19:25:04 +00:00
|
|
|
PETHREAD ProcThread;
|
2006-07-19 23:21:19 +00:00
|
|
|
PAGED_CODE();
|
|
|
|
|
|
2006-07-27 16:43:03 +00:00
|
|
|
/* Verify Information Class validity */
|
2007-01-25 22:39:32 +00:00
|
|
|
#if 0
|
2006-07-27 16:43:03 +00:00
|
|
|
Status = DefaultSetInfoBufferCheck(ThreadInformationClass,
|
|
|
|
|
PsThreadInfoClass,
|
|
|
|
|
RTL_NUMBER_OF(PsThreadInfoClass),
|
|
|
|
|
ThreadInformation,
|
|
|
|
|
ThreadInformationLength,
|
|
|
|
|
PreviousMode);
|
|
|
|
|
if (!NT_SUCCESS(Status)) return Status;
|
2007-01-25 22:39:32 +00:00
|
|
|
#endif
|
2006-07-27 16:43:03 +00:00
|
|
|
|
|
|
|
|
/* Check what class this is */
|
|
|
|
|
Access = THREAD_SET_INFORMATION;
|
|
|
|
|
if (ThreadInformationClass == ThreadImpersonationToken)
|
|
|
|
|
{
|
|
|
|
|
/* Setting the impersonation token needs a special mask */
|
|
|
|
|
Access = THREAD_SET_THREAD_TOKEN;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Reference the process */
|
2006-07-19 23:21:19 +00:00
|
|
|
Status = ObReferenceObjectByHandle(ThreadHandle,
|
2006-07-27 16:43:03 +00:00
|
|
|
Access,
|
2006-07-19 23:21:19 +00:00
|
|
|
PsThreadType,
|
|
|
|
|
PreviousMode,
|
|
|
|
|
(PVOID*)&Thread,
|
|
|
|
|
NULL);
|
2006-07-27 16:43:03 +00:00
|
|
|
if (!NT_SUCCESS(Status)) return Status;
|
|
|
|
|
|
|
|
|
|
/* Check what kind of information class this is */
|
|
|
|
|
switch (ThreadInformationClass)
|
2005-07-22 20:52:31 +00:00
|
|
|
{
|
2006-07-27 16:43:03 +00:00
|
|
|
/* Thread priority */
|
|
|
|
|
case ThreadPriority:
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2006-07-27 16:43:03 +00:00
|
|
|
/* Use SEH for capture */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Get the priority */
|
|
|
|
|
Priority = *(PLONG)ThreadInformation;
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
if (!NT_SUCCESS(Status)) break;
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2007-01-25 22:39:32 +00:00
|
|
|
/* Validate it */
|
|
|
|
|
if ((Priority > HIGH_PRIORITY) ||
|
|
|
|
|
(Priority <= LOW_PRIORITY))
|
|
|
|
|
{
|
|
|
|
|
/* Fail */
|
|
|
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-27 16:43:03 +00:00
|
|
|
/* Set the priority */
|
|
|
|
|
KeSetPriorityThread(&Thread->Tcb, Priority);
|
|
|
|
|
break;
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2006-07-27 16:43:03 +00:00
|
|
|
case ThreadBasePriority:
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2006-07-27 16:43:03 +00:00
|
|
|
/* Use SEH for capture */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Get the priority */
|
|
|
|
|
Priority = *(PLONG)ThreadInformation;
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
if (!NT_SUCCESS(Status)) break;
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2007-01-25 22:39:32 +00:00
|
|
|
/* Validate it */
|
|
|
|
|
if ((Priority > THREAD_BASE_PRIORITY_MAX) ||
|
|
|
|
|
(Priority < THREAD_BASE_PRIORITY_MIN))
|
|
|
|
|
{
|
|
|
|
|
/* These ones are OK */
|
2007-08-04 08:49:47 +00:00
|
|
|
if ((Priority != THREAD_BASE_PRIORITY_LOWRT + 1) &&
|
2007-01-25 22:39:32 +00:00
|
|
|
(Priority != THREAD_BASE_PRIORITY_IDLE - 1))
|
|
|
|
|
{
|
|
|
|
|
/* Check if the process is real time */
|
|
|
|
|
if (PsGetCurrentProcess()->PriorityClass !=
|
|
|
|
|
PROCESS_PRIORITY_CLASS_REALTIME)
|
|
|
|
|
{
|
|
|
|
|
/* It isn't, fail */
|
|
|
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-27 16:43:03 +00:00
|
|
|
/* Set the base priority */
|
|
|
|
|
KeSetBasePriorityThread(&Thread->Tcb, Priority);
|
|
|
|
|
break;
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2006-07-27 16:43:03 +00:00
|
|
|
case ThreadAffinityMask:
|
|
|
|
|
|
|
|
|
|
/* Use SEH for capture */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Get the priority */
|
|
|
|
|
Affinity = *(PULONG_PTR)ThreadInformation;
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
if (!NT_SUCCESS(Status)) break;
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2007-01-25 22:39:32 +00:00
|
|
|
/* Validate it */
|
|
|
|
|
if (!Affinity)
|
|
|
|
|
{
|
|
|
|
|
/* Fail */
|
|
|
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-27 16:43:03 +00:00
|
|
|
/* Get the process */
|
|
|
|
|
Process = Thread->ThreadsProcess;
|
|
|
|
|
|
2007-01-25 22:39:32 +00:00
|
|
|
/* Try to acquire rundown */
|
|
|
|
|
if (ExAcquireRundownProtection(&Process->RundownProtect))
|
|
|
|
|
{
|
|
|
|
|
/* Lock it */
|
|
|
|
|
KeEnterCriticalRegion();
|
|
|
|
|
ExAcquirePushLockShared(&Process->ProcessLock);
|
|
|
|
|
|
|
|
|
|
/* Combine masks */
|
|
|
|
|
CombinedAffinity = Affinity & Process->Pcb.Affinity;
|
|
|
|
|
if (CombinedAffinity != Affinity)
|
|
|
|
|
{
|
|
|
|
|
/* Fail */
|
|
|
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* Set the affinity */
|
|
|
|
|
KeSetAffinityThread(&Thread->Tcb, CombinedAffinity);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Release the lock and rundown */
|
|
|
|
|
ExReleasePushLockShared(&Process->ProcessLock);
|
|
|
|
|
KeLeaveCriticalRegion();
|
2007-09-20 14:54:43 +00:00
|
|
|
ExReleaseRundownProtection(&Process->RundownProtect);
|
2007-01-25 22:39:32 +00:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* Too late */
|
|
|
|
|
Status = STATUS_PROCESS_IS_TERMINATING;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Return status */
|
2006-07-27 16:43:03 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case ThreadImpersonationToken:
|
|
|
|
|
|
|
|
|
|
/* Use SEH for capture */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Save the token handle */
|
|
|
|
|
TokenHandle = *(PHANDLE)ThreadInformation;
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
if (!NT_SUCCESS(Status)) break;
|
|
|
|
|
|
|
|
|
|
/* Assign the actual token */
|
|
|
|
|
Status = PsAssignImpersonationToken(Thread, TokenHandle);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case ThreadQuerySetWin32StartAddress:
|
|
|
|
|
|
|
|
|
|
/* Use SEH for capture */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Get the priority */
|
|
|
|
|
Address = *(PVOID*)ThreadInformation;
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
if (!NT_SUCCESS(Status)) break;
|
|
|
|
|
|
|
|
|
|
/* Set the address */
|
|
|
|
|
Thread->Win32StartAddress = Address;
|
|
|
|
|
break;
|
|
|
|
|
|
2007-01-25 22:39:32 +00:00
|
|
|
case ThreadIdealProcessor:
|
|
|
|
|
|
|
|
|
|
/* Use SEH for capture */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Get the priority */
|
|
|
|
|
IdealProcessor = *(PULONG_PTR)ThreadInformation;
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
if (!NT_SUCCESS(Status)) break;
|
|
|
|
|
|
|
|
|
|
/* Validate it */
|
|
|
|
|
if (IdealProcessor > MAXIMUM_PROCESSORS)
|
|
|
|
|
{
|
|
|
|
|
/* Fail */
|
|
|
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Set the ideal */
|
|
|
|
|
Status = KeSetIdealProcessorThread(&Thread->Tcb,
|
|
|
|
|
(CCHAR)IdealProcessor);
|
|
|
|
|
|
|
|
|
|
/* Get the TEB and protect the thread */
|
|
|
|
|
Teb = Thread->Tcb.Teb;
|
|
|
|
|
if ((Teb) && (ExAcquireRundownProtection(&Thread->RundownProtect)))
|
|
|
|
|
{
|
|
|
|
|
/* Save the ideal processor */
|
|
|
|
|
Teb->IdealProcessor = Thread->Tcb.IdealProcessor;
|
|
|
|
|
|
|
|
|
|
/* Release rundown protection */
|
|
|
|
|
ExReleaseRundownProtection(&Thread->RundownProtect);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case ThreadPriorityBoost:
|
|
|
|
|
|
|
|
|
|
/* Use SEH for capture */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Get the priority */
|
|
|
|
|
DisableBoost = *(PULONG_PTR)ThreadInformation;
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
if (!NT_SUCCESS(Status)) break;
|
|
|
|
|
|
|
|
|
|
/* Call the kernel */
|
|
|
|
|
KeSetDisableBoostThread(&Thread->Tcb, (BOOLEAN)DisableBoost);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case ThreadZeroTlsCell:
|
|
|
|
|
|
|
|
|
|
/* Use SEH for capture */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Get the priority */
|
|
|
|
|
TlsIndex = *(PULONG_PTR)ThreadInformation;
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get the exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
if (!NT_SUCCESS(Status)) break;
|
|
|
|
|
|
|
|
|
|
/* This is only valid for the current thread */
|
|
|
|
|
if (Thread != PsGetCurrentThread())
|
|
|
|
|
{
|
|
|
|
|
/* Fail */
|
|
|
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Get the process */
|
|
|
|
|
Process = Thread->ThreadsProcess;
|
|
|
|
|
|
|
|
|
|
/* Loop the threads */
|
2007-02-01 19:25:04 +00:00
|
|
|
ProcThread = PsGetNextProcessThread(Process, NULL);
|
|
|
|
|
while (ProcThread)
|
2007-01-25 22:39:32 +00:00
|
|
|
{
|
|
|
|
|
/* Acquire rundown */
|
2007-02-01 19:25:04 +00:00
|
|
|
if (ExAcquireRundownProtection(&ProcThread->RundownProtect))
|
2007-01-25 22:39:32 +00:00
|
|
|
{
|
|
|
|
|
/* Get the TEB */
|
2007-02-01 19:25:04 +00:00
|
|
|
Teb = ProcThread->Tcb.Teb;
|
2007-01-25 22:39:32 +00:00
|
|
|
if (Teb)
|
|
|
|
|
{
|
|
|
|
|
/* Check if we're in the expansion range */
|
|
|
|
|
if (TlsIndex > TLS_MINIMUM_AVAILABLE - 1)
|
|
|
|
|
{
|
|
|
|
|
if (TlsIndex < (TLS_MINIMUM_AVAILABLE +
|
|
|
|
|
TLS_EXPANSION_SLOTS) - 1)
|
|
|
|
|
{
|
|
|
|
|
/* Check if we have expansion slots */
|
|
|
|
|
ExpansionSlots = Teb->TlsExpansionSlots;
|
|
|
|
|
if (ExpansionSlots)
|
|
|
|
|
{
|
|
|
|
|
/* Clear the index */
|
|
|
|
|
ExpansionSlots[TlsIndex - TLS_MINIMUM_AVAILABLE] = 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* Clear the index */
|
|
|
|
|
Teb->TlsSlots[TlsIndex] = NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Release rundown */
|
2007-02-01 19:25:04 +00:00
|
|
|
ExReleaseRundownProtection(&ProcThread->RundownProtect);
|
2007-01-25 22:39:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Go to the next thread */
|
2007-02-01 19:25:04 +00:00
|
|
|
ProcThread = PsGetNextProcessThread(Process, ProcThread);
|
2007-01-25 22:39:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* All done */
|
|
|
|
|
break;
|
|
|
|
|
|
2006-07-27 16:43:03 +00:00
|
|
|
default:
|
|
|
|
|
/* We don't implement it yet */
|
|
|
|
|
DPRINT1("Not implemented: %lx\n", ThreadInformationClass);
|
|
|
|
|
Status = STATUS_NOT_IMPLEMENTED;
|
2005-07-22 20:52:31 +00:00
|
|
|
}
|
|
|
|
|
|
2006-07-27 16:43:03 +00:00
|
|
|
/* Dereference and return status */
|
|
|
|
|
ObDereferenceObject(Thread);
|
2006-07-19 23:21:19 +00:00
|
|
|
return Status;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2006-07-19 23:21:19 +00:00
|
|
|
NTSTATUS
|
|
|
|
|
NTAPI
|
|
|
|
|
NtQueryInformationThread(IN HANDLE ThreadHandle,
|
|
|
|
|
IN THREADINFOCLASS ThreadInformationClass,
|
|
|
|
|
OUT PVOID ThreadInformation,
|
|
|
|
|
IN ULONG ThreadInformationLength,
|
|
|
|
|
OUT PULONG ReturnLength OPTIONAL)
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
{
|
2006-07-19 23:21:19 +00:00
|
|
|
PETHREAD Thread;
|
|
|
|
|
KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
|
|
|
|
|
NTSTATUS Status = STATUS_SUCCESS;
|
2006-07-27 17:09:42 +00:00
|
|
|
ULONG Access;
|
|
|
|
|
ULONG Length = 0;
|
|
|
|
|
PTHREAD_BASIC_INFORMATION ThreadBasicInfo =
|
|
|
|
|
(PTHREAD_BASIC_INFORMATION)ThreadInformation;
|
|
|
|
|
PKERNEL_USER_TIMES ThreadTime = (PKERNEL_USER_TIMES)ThreadInformation;
|
|
|
|
|
KIRQL OldIrql;
|
2006-07-19 23:21:19 +00:00
|
|
|
PAGED_CODE();
|
|
|
|
|
|
2006-07-27 17:09:42 +00:00
|
|
|
/* Verify Information Class validity */
|
2007-01-25 22:39:32 +00:00
|
|
|
#if 0
|
2006-08-09 12:15:18 +00:00
|
|
|
Status = DefaultQueryInfoBufferCheck(ThreadInformationClass,
|
|
|
|
|
PsThreadInfoClass,
|
|
|
|
|
RTL_NUMBER_OF(PsThreadInfoClass),
|
|
|
|
|
ThreadInformation,
|
|
|
|
|
ThreadInformationLength,
|
|
|
|
|
ReturnLength,
|
|
|
|
|
PreviousMode);
|
2006-07-27 17:09:42 +00:00
|
|
|
if (!NT_SUCCESS(Status)) return Status;
|
2007-01-25 22:39:32 +00:00
|
|
|
#endif
|
2006-07-27 17:09:42 +00:00
|
|
|
|
|
|
|
|
/* Check what class this is */
|
|
|
|
|
Access = THREAD_QUERY_INFORMATION;
|
|
|
|
|
|
|
|
|
|
/* Reference the process */
|
2006-07-19 23:21:19 +00:00
|
|
|
Status = ObReferenceObjectByHandle(ThreadHandle,
|
2006-07-27 17:09:42 +00:00
|
|
|
Access,
|
2006-07-19 23:21:19 +00:00
|
|
|
PsThreadType,
|
|
|
|
|
PreviousMode,
|
|
|
|
|
(PVOID*)&Thread,
|
|
|
|
|
NULL);
|
|
|
|
|
if (!NT_SUCCESS(Status)) return Status;
|
|
|
|
|
|
2006-07-27 17:09:42 +00:00
|
|
|
/* Check what kind of information class this is */
|
2006-07-19 23:21:19 +00:00
|
|
|
switch (ThreadInformationClass)
|
|
|
|
|
{
|
2006-07-27 17:09:42 +00:00
|
|
|
/* Basic thread information */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ThreadBasicInformation:
|
2006-07-27 17:09:42 +00:00
|
|
|
|
|
|
|
|
/* Protect writes with SEH */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Write all the information from the ETHREAD/KTHREAD */
|
2006-08-09 12:46:41 +00:00
|
|
|
ThreadBasicInfo->ExitStatus = Thread->ExitStatus;
|
2006-07-27 17:09:42 +00:00
|
|
|
ThreadBasicInfo->TebBaseAddress = (PVOID)Thread->Tcb.Teb;
|
|
|
|
|
ThreadBasicInfo->ClientId = Thread->Cid;
|
|
|
|
|
ThreadBasicInfo->AffinityMask = Thread->Tcb.Affinity;
|
|
|
|
|
ThreadBasicInfo->Priority = Thread->Tcb.Priority;
|
|
|
|
|
ThreadBasicInfo->BasePriority = KeQueryBasePriorityThread(&Thread->Tcb);
|
|
|
|
|
|
|
|
|
|
/* Set return length */
|
|
|
|
|
Length = sizeof(THREAD_BASIC_INFORMATION);
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
2006-07-19 23:21:19 +00:00
|
|
|
break;
|
|
|
|
|
|
2006-07-27 17:09:42 +00:00
|
|
|
/* Thread time information */
|
2006-07-19 23:21:19 +00:00
|
|
|
case ThreadTimes:
|
2006-07-27 17:09:42 +00:00
|
|
|
|
|
|
|
|
/* Protect writes with SEH */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Copy time information from ETHREAD/KTHREAD */
|
|
|
|
|
ThreadTime->KernelTime.QuadPart = Thread->Tcb.KernelTime *
|
|
|
|
|
100000LL;
|
|
|
|
|
ThreadTime->UserTime.QuadPart = Thread->Tcb.UserTime *
|
|
|
|
|
100000LL;
|
|
|
|
|
ThreadTime->CreateTime = Thread->CreateTime;
|
|
|
|
|
ThreadTime->ExitTime = Thread->ExitTime;
|
|
|
|
|
|
|
|
|
|
/* Set the return length */
|
|
|
|
|
Length = sizeof(KERNEL_USER_TIMES);
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
2006-07-19 23:21:19 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case ThreadQuerySetWin32StartAddress:
|
2006-07-27 17:09:42 +00:00
|
|
|
|
|
|
|
|
/* Protect write with SEH */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Return the Win32 Start Address */
|
|
|
|
|
*(PVOID*)ThreadInformation = Thread->Win32StartAddress;
|
|
|
|
|
|
|
|
|
|
/* Set the return length*/
|
|
|
|
|
Length = sizeof(PVOID);
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
2006-07-19 23:21:19 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case ThreadPerformanceCount:
|
2006-07-27 17:09:42 +00:00
|
|
|
|
|
|
|
|
/* Protect write with SEH */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* FIXME */
|
|
|
|
|
(*(PLARGE_INTEGER)ThreadInformation).QuadPart = 0;
|
|
|
|
|
|
|
|
|
|
/* Set the return length*/
|
|
|
|
|
Length = sizeof(LARGE_INTEGER);
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
2006-07-19 23:21:19 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case ThreadAmILastThread:
|
2006-07-27 17:09:42 +00:00
|
|
|
|
|
|
|
|
/* Protect write with SEH */
|
|
|
|
|
_SEH_TRY
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-27 17:09:42 +00:00
|
|
|
/* Return whether or not we are the last thread */
|
|
|
|
|
*(PULONG)ThreadInformation = ((Thread->ThreadsProcess->
|
|
|
|
|
ThreadListHead.Flink->Flink ==
|
|
|
|
|
&Thread->ThreadsProcess->
|
|
|
|
|
ThreadListHead) ?
|
|
|
|
|
TRUE : FALSE);
|
|
|
|
|
|
|
|
|
|
/* Set the return length*/
|
|
|
|
|
Length = sizeof(ULONG);
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-27 17:09:42 +00:00
|
|
|
_SEH_HANDLE
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-27 17:09:42 +00:00
|
|
|
/* Get exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-27 17:09:42 +00:00
|
|
|
_SEH_END;
|
2006-07-19 23:21:19 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case ThreadIsIoPending:
|
2006-07-27 17:09:42 +00:00
|
|
|
|
|
|
|
|
/* Raise the IRQL to protect the IRP list */
|
|
|
|
|
KeRaiseIrql(APC_LEVEL, &OldIrql);
|
|
|
|
|
|
|
|
|
|
/* Protect write with SEH */
|
|
|
|
|
_SEH_TRY
|
2006-07-19 23:21:19 +00:00
|
|
|
{
|
2006-07-27 17:09:42 +00:00
|
|
|
/* Check if the IRP list is empty or not */
|
|
|
|
|
*(PULONG)ThreadInformation = !IsListEmpty(&Thread->IrpList);
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2006-07-27 17:09:42 +00:00
|
|
|
/* Set the return length*/
|
|
|
|
|
Length = sizeof(ULONG);
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-27 17:09:42 +00:00
|
|
|
_SEH_END;
|
|
|
|
|
|
|
|
|
|
/* Lower IRQL back */
|
|
|
|
|
KeLowerIrql(OldIrql);
|
|
|
|
|
break;
|
2006-07-19 23:21:19 +00:00
|
|
|
|
2006-07-27 17:09:42 +00:00
|
|
|
/* Anything else */
|
2006-07-19 23:21:19 +00:00
|
|
|
default:
|
2006-07-27 17:09:42 +00:00
|
|
|
|
|
|
|
|
/* Not yet implemented */
|
|
|
|
|
DPRINT1("Not implemented: %lx\n", ThreadInformationClass);
|
|
|
|
|
Status = STATUS_NOT_IMPLEMENTED;
|
2006-07-19 23:21:19 +00:00
|
|
|
}
|
2006-07-27 17:09:42 +00:00
|
|
|
|
|
|
|
|
/* Protect write with SEH */
|
|
|
|
|
_SEH_TRY
|
|
|
|
|
{
|
|
|
|
|
/* Check if caller wanted return length */
|
|
|
|
|
if (ReturnLength) *ReturnLength = Length;
|
|
|
|
|
}
|
|
|
|
|
_SEH_HANDLE
|
|
|
|
|
{
|
|
|
|
|
/* Get exception code */
|
|
|
|
|
Status = _SEH_GetExceptionCode();
|
|
|
|
|
}
|
|
|
|
|
_SEH_END;
|
|
|
|
|
|
|
|
|
|
/* Dereference the thread, and return */
|
2006-07-19 23:21:19 +00:00
|
|
|
ObDereferenceObject(Thread);
|
2006-07-27 17:09:42 +00:00
|
|
|
return Status;
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
}
|
2006-07-20 03:05:46 +00:00
|
|
|
|
Thread/Process Termination/Repeaing Rewrite + Fixes
---------------------------------------------------
- ps/cid.c:
* Moved CID Lookup functions here
- ps/security.c:
* Moved all security related functions here. Makes other files neater and security functions
easier to locate.
- ps/thread.c:
* Moved most of the Thread Scheduling/Dispatching code that belongs in the Kernel to /ke and
renamed functions from Ps to Ki.
* Implemented PsIsSystemThread.
* Removed Reaper Thread Init (now obsolete).
* Renamed PiDeleteThread to PspDeleteThread.
* Moved Thread State functions from tinfo.c to here.
- ps/process.c:
* Removed Query/Set Process functions and moved to ps/query.c
* Renamed PiDeletePRocess to PspDeleteProcess
* Removed obsoleted Process Termination functions, moved persistent one to kill.c
- ps/create.c:
* Moved the security APIs to security.c
* Correctly implemented PsCreateSystemThread to actually create system threads.
- ps/suspend.c
* Rewrote Nt Executive functions to use Kernel functions.
* Moved Ps* Routines into ke/kthread.c and fixed them. The implementation was wrong in
some aspects, especially the issue of the APC looping around the KeWaitXxx call and the
fact that the routines excluded/ignored the FreezeCount.
- ps/debug.c
* Fixed completely broken implementation of Get/SetThreadContext. The old version crashed
when called and did not work at all. Suspend Regression test now works.
* Moved Context<->TrapFrame functions to ke/i386/
* Combined Set/GetThreadContext APCs into a single one, and used special context structure.
- ps/query.c:
* Moved Thread/Process Query/Set Routines here.
- ps/tinfo.c:
* Removed.
- ps/kill.c
* Removed complicated Process Termination semantics and useless Attach/Detach in favor for
a much more lightweight function which performs the same tasks as before and actually works.
TaskManager can now terminate foreign processes.
* Rewrote Thread Reaping to use the HyperCritical Work Queue instead of manually controlled
thread. This results in much less code as well as an increase in speed and less micro
management. The reaper is PspReapRoutine. Closing CMD.EXE now works properly without
requiring masks that were added as hacks to allow it.
* Renamed PiTerminateProcessThreads to PspTerminateProcessThreads. Fixed it to work with new
termination code.
* Added PspDeleteProcess to handle Process Object deletion. Kills the CID Handle here as done
by Hartmut.
* Added PspDeletethread here.
* Renamed and rewrote PsTerminateCurrentThread to PspExitThread. Used NT Implementation out-
lined in Windows Internals, Chapter 13. Uses less locks, a more concise order of actions,
actually parses the Termination Ports, handles Dbgk notification. Timers are now rundown,
and Mutex rundown is in a dedicated Kernel function. Final termination handled by KeTerminate
Thread as documented.
* Renamed PsTerminateOtherThread to PspTerminateThreadByPointer and modified implementation to
be compatible with the changes above.
* Renamed and regrouped Process Termination into PspExitProcess. Also implemented as described
above, and moved each subsystem specific termination helper into its own subsytem.
* Improved NtTerminateProcess and added more debugging messages.
* Improved NtTerminateThread and added check against System Thread and made it compatible with
new implementation.
* Corrected PsTerminateSystemThread now that we support System Threads.
* Corrected NtRegisterThreadTerminatePort to use same structure name as on windows for the
port, and added tag to pool allocation (documented in pooltag.txt)
include/internal/*.h:
* Defined Scheduler Functions and misc new functions or renamed functions.
ke/apc.c:
* Fixed critical bug where APCs were not delivered at all if the thread wastion and cancels any timers that are associated
to a thread, as well as their APCs and DPCs.
REGRESSIONS FOUND: NONE
BUGS/REGRESSIOSN FIXED:
* Thread/Get Set Context now works.
* Suspend Regression test now works.
* Task manager can now kill foreign processes, even hung ones (like it should).
* ExitProcess/closing cmd.exe with the 'x' button now works correctly without hacks.
KNOWN ISSUES: I left a bit of a mess in the headers and some stuff still needs to be moved into the right
places. I just wanted to have this first part ready first, so that it won't get too big.
svn path=/trunk/; revision=14174
2005-03-18 05:53:04 +00:00
|
|
|
/* EOF */
|