Techwiki:Ntoskrnl/KPROCESS

From ReactOS Wiki
Jump to: navigation, search
  /*
   * NAME:           KPROCESS
   * DESCRIPTION:    Internal Kernel Process Structure.
   * PORTABILITY:    Architecture Dependent.
   * KERNEL VERSION: 5.2
   */
   DISPATCHER_HEADER     Header                     /* 000 */
   LIST_ENTRY            ProfileListHead;           /* 010 */
   PHYSICAL_ADDRESS      DirectoryTableBase;        /* 018 */
   KGDTENTRY             LdtDescriptor;             /* 020 */
   KIDTENTRY             Int21Descriptor;           /* 028 */
   USHORT                IopmOffset;                /* 030 */
   UCHAR                 Iopl;                      /* 032 */
   UCHAR                 Unused;                    /* 033 */
   ULONG                 ActiveProcessors;          /* 034 */
   ULONG                 KernelTime;                /* 038 */  
   ULONG                 UserTime;                  /* 03C */
   LIST_ENTRY            ReadyListHead;             /* 040 */
   SINGLE_LIST_ENTRY     SwapListEntry;             /* 048 */
   PVOID                 VdmTrapcHandler            /* 04C */
   LIST_ENTRY            ThreadListHead;            /* 050 */
   KSPIN_LOCK            ProcessLock;               /* 058 */
   KAFFINITY             Affinity;                  /* 05C */
   union {    
       struct {
           ULONG         AutoAlignment:1;           /* 060.0 */
           ULONG         DisableBoost:1;            /* 060.1 */
           ULONG         DisableQuantum:1;          /* 060.2 */
           ULONG         ReservedFlags:29;          /* 060.3 */
       };
       ULONG             ProcessFlags;              /* 060 */
   };
   CHAR                  BasePriority;              /* 064 */
   CHAR                  QuantumReset;              /* 065 */
   UCHAR                 State;                     /* 066 */
   UCHAR                 ThreadSeed;                /* 067 */
   UCHAR                 PowerState;                /* 068 */
   UCHAR                 IdealNode;                 /* 069 */
   UCHAR                 Visited;                   /* 06A */
   KEXECUTE_OPTIONS      Flags;                     /* 06B */
   ULONG                 StackCount;                /* 06C */
   LIST_ENTRY            ProcessListEntry;          /* 070 */


Descriptions

Header

Contains the common header that every Dispatcher Object must have. Allows the Process to be waited on.

ProfileListHead

Contains a list of the currently associated Profile Objects with this Process' Address Space.

DirectoryTableBase

Contains the Physical Address of the Page Table Directory for the Process' Address Space.

LdtDescriptor

Contains the GDT (Global Descriptor Table) Entry for the LDT (Local Descriptor Table) of this process. Used for 16-bit emulation.

Int21Descriptor

Contains the IDT (Interrupt Descriptor Table) Entry for Interrupt 21 emulation, used by 16-bit emulation.

IopmOffset

Contains the offset to the IOPM (Input/Output Privilege Map) used to determine which Interrupts are available for which mode (CPL0, 1, 2 or 3).

Iopl

Contains the current IOPL (Input/Output Privilege Level), basically termining if the Process currently has access to Interrupts. Usually the same as the CPL.

Unused

Contained the VDM Flag in Kernel <= 5.0. Deprecated.

To replace this functionality, check if EPROCESS->VdmObjects == NULL.

ActiveProcessors

Contains a bitmask of the Processors that are currently running this Process.

KernelTime

Time that the Process has spent in CPL 0 (Kernel-Mode).

UserTime

Time that the Process has spent in CPL 3 (User-Mode).

ReadyListHead

Threads which are in the Process's Ready List and have not yet been inserted into the Dispatcher Ready List. Used when In or Out Swapping Processes from Memory.

SwapListEntry

Links the Process with the Kernel In/Out Swap List. Used during In or Out Swapping.

VdmTrapcHandler

Contains a pointer to the function handling the CTRL+C interrupt. Used during 16-bit emulation.

ThreadListHead

Contains the list of current Kernel Threads associated with this Process.

ProcessLock

Contains a Spinlock used when Locking the Process. Very seldomly used by the Kernel.

Affinity

Contains the Affinity Mask for this Process, which is to say on which CPUs is it allowed to run.

AutoAlignment

On non-x86 platforms, determines if Memory I/O inside this Process' Address Space will be automatically aligned to the right boundary for this platform.

DisableBoost

DisableQuantum

Determines if the Threads which are children to this Process will not have Quantums; that is to say, they will never automatically engage in a context switch if they have been running for too long.

ReservedFlags

Reserved space for future flag expansion.

ProcessFlags

Global value to be used when quickly masking certain Process Flags.

BasePriority

Determines the Base Priority which every Thread that is a child to this Process will have.

QuantumReset

Determines to which value the Quantum of a Thread will be Reset when it has expired. This value is set into the corresponding Thread's QuantumReset during KeInitializeThread, and never read again. Known as ThreadsQuantum in Kernel <= 5.1.

State

Determines the current memory state of the Process. Can be InTransition, InMemory or other Swap States.

ThreadSeed

Used by KeSetIdealProcessorThread to calculate the Ideal Processor for a Thread. Incremented by one each time the Ideal Processor is set.

PowerState

IdealNode

In a clustered environment, determines on which Node of the Cluster this Process should ideally run on.

Visited

Flags

Contains the flags for the NX bit setting for this Process' Address Space.

StackCount

The number of Resident Stacks currently associated to this Process. Biased by one if a Thread is attached. The Process is usually outswapped if this reaches zero.

ProcessListEntry

Links this Process into the global Kernel Process List.