PROCESS_INFORMATION

2OO1, 6 March

PROCESS_INFORMATION_CLASS

typedef enum _PROCESS_INFORMATION_CLASS {

ProcessBasicInformation, ProcessQuotaLimits, ProcessIoCounters, ProcessVmCounters, ProcessTimes, ProcessBasePriority, ProcessRaisePriority, ProcessDebugPort, ProcessExceptionPort, ProcessAccessToken, ProcessLdtInformation, ProcessLdtSize, ProcessDefaultHardErrorMode, ProcessIoPortHandlers, ProcessPooledUsageAndLimits, ProcessWorkingSetWatch, ProcessUserModeIOPL, ProcessEnableAlignmentFaultFixup, ProcessPriorityClass, ProcessWx86Information, ProcessHandleCount, ProcessAffinityMask, ProcessPriorityBoost, MaxProcessInfoClass

} PROCESS_INFORMATION_CLASS, *PPROCESS_INFORMATION_CLASS;

Enumeration type PROCESS_INFORMATION_CLASS is used in a calls to NtQueryInformationProcess and NtSetInformationProcess. Structures for sending or receiving data are accessable below, separatelly for target information class.

ProcessBasicInformation

Action	: Query
Buffer size	: 0x018
Structure	: PROCESS_BASIC_INFORMATION

ProcessQuotaLimits

Action	: Query, Set
Buffer size	: 0x020
Structure	: QUOTA_LIMITS

ProcessIoCounters

Action	: Query
Buffer size	: ???
Structure	: IO_COUNTERS

ProcessVmCounters

Action	: Query
Buffer size	: 0x02C
Structure	: VM_COUNTERS

ProcessTimes

Action	: Query
Buffer size	: 0x020
Structure	: KERNEL_USER_TIMES

ProcessBasePriority

Action	: Set
Buffer size	: 0x004
Buffer	: KPRIORITY
Comment	: Sets process' Base Priority.

ProcessRaisePriority

Action	: Set
Buffer size	: 0x004
Buffer	: KPRIORITY
Comment	: Sets process' Raise Priority.

ProcessDebugPort

Action	: Query, Set
Buffer size	: 0x004
Buffer	: HANDLE
Comment	: Queries and sets process' Debug Port. See also NtCreatePort.

ProcessExceptionPort

Action	: Set
Buffer size	: 0x004
Buffer	: HANDLE
Comment	: Sets process' Exception Port. See also NtCreatePort.

ProcessAccessToken

Action	: Set
Buffer size	: 0x008
Structure	: PROCESS_ACCESS_TOKEN

ProcessLdtInformation

Action	: Query
Buffer size	: ???
Structure	: LDT_ENTRY

Action	: Set
Buffer size	: 0x010
Structure	: LDT_ENTRY

ProcessLdtSize

Action	: Set
Buffer size	: 0x004
Buffer	: ULONG
Comment	: Sets process' Local Description Table size. See also NtSetLdtEntries function.

ProcessDefaultHardErrorMode

Action	: Query, Set
Buffer size	: 0x004
Buffer	: ULONG
Comment	: ???

ProcessIoPortHandlers

Action	: Set
Buffer size	: ???
Structure	: ???

ProcessPooledUsageAndLimits

Action	: Query
Buffer size	: 0x024
Structure	: POOLED_USAGE_AND_LIMITS

ProcessWorkingSetWatch

Action	: Query
Buffer size	: ???
Structure	: PROCESS_WS_WATCH_INFORMATION

Action	: Set
Buffer size	: ???
Structure	:

ProcessUserModeIOPL

Action	: Set
Buffer size	: ???
Structure	:

ProcessEnableAlignmentFaultFixup

Action	: Set
Buffer size	: 0x001
Buffer	: BOOLEAN
Comment	: If set, enables automatic fixup of memory dissaligments.

ProcessPriorityClass

Action	: Set
Buffer size	: 0x002
Buffer	: WORD
Comment	: Sets process' Priority Class.

ProcessWx86Information

Action	: Query
Buffer size	: 0x004
Buffer	: ULONG
Comment	: ???

ProcessHandleCount

Action	: Query
Buffer size	: 0x004
Buffer	: ULONG
Comment	: Retrives Handle's count for process.

ProcessAffinityMask

Action	: Set
Buffer size	: 0x0
Buffer	: KAFFINITY
Comment	: Sets process' Affinity Mask.

ProcessPriorityBoost

Action	: Query, Set
Buffer size	: 0x004
Buffer	: KPRIORITY
Comment	: Queries and sets process' Priority Boost.

Documented by:

Tomasz Nowak

Sven B. Schreiber

Requirements:

Library: ntdll.lib

Undocumented functions of NTDLL