《主要数据结构.doc》由会员分享,可在线阅读,更多相关《主要数据结构.doc(14页珍藏版)》请在金锄头文库上搜索。
1、struct PROCESStypedef struct _EPROCESS KPROCESS Pcb; EX_PUSH_LOCK ProcessLock; LARGE_INTEGER CreateTime; LARGE_INTEGER ExitTime; EX_RUNDOWN_REF RundownProtect; PVOID UniqueProcessId; LIST_ENTRY ActiveProcessLinks; ULONG QuotaUsage3; ULONG QuotaPeak3; ULONG CommitCharge; ULONG PeakVirtualSize; ULONG
2、VirtualSize; LIST_ENTRY SessionProcessLinks; PVOID DebugPort; union PVOID ExceptionPortData; ULONG ExceptionPortValue; ULONG ExceptionPortState: 3; ; PHANDLE_TABLE ObjectTable; EX_FAST_REF Token; ULONG WorkingSetPage; EX_PUSH_LOCK AddressCreationLock; PETHREAD RotateInProgress; PETHREAD ForkInProgre
3、ss; ULONG HardwareTrigger; PMM_AVL_TABLE PhysicalVadRoot; PVOID CloneRoot; ULONG NumberOfPrivatePages; ULONG NumberOfLockedPages; PVOID Win32Process; PEJOB Job; PVOID SectionObject; PVOID SectionBaseAddress; _EPROCESS_QUOTA_BLOCK * QuotaBlock; _PAGEFAULT_HISTORY * WorkingSetWatch; PVOID Win32WindowS
4、tation; PVOID InheritedFromUniqueProcessId; PVOID LdtInformation; PVOID VadFreeHint; PVOID VdmObjects; PVOID DeviceMap; PVOID EtwDataSource; PVOID FreeTebHint; union HARDWARE_PTE PageDirectoryPte; UINT64 Filler; ; PVOID Session; UCHAR ImageFileName16; LIST_ENTRY JobLinks; PVOID LockedPagesList; LIST
5、_ENTRY ThreadListHead; PVOID SecurityPort; PVOID PaeTop; ULONG ActiveThreads; ULONG ImagePathHash; ULONG DefaultHardErrorProcessing; LONG LastThreadExitStatus; PPEB Peb; EX_FAST_REF PrefetchTrace; LARGE_INTEGER ReadOperationCount; LARGE_INTEGER WriteOperationCount; LARGE_INTEGER OtherOperationCount;
6、 LARGE_INTEGER ReadTransferCount; LARGE_INTEGER WriteTransferCount; LARGE_INTEGER OtherTransferCount; ULONG CommitChargeLimit; ULONG CommitChargePeak; PVOID AweInfo; SE_AUDIT_PROCESS_CREATION_INFO SeAuditProcessCreationInfo; MMSUPPORT Vm; LIST_ENTRY MmProcessLinks; ULONG ModifiedPageCount; ULONG Fla
7、gs2; ULONG JobNotReallyActive: 1; ULONG AccountingFolded: 1; ULONG NewProcessReported: 1; ULONG ExitProcessReported: 1; ULONG ReportCommitChanges: 1; ULONG LastReportMemory: 1; ULONG ReportPhysicalPageChanges: 1; ULONG HandleTableRundown: 1; ULONG NeedsHandleRundown: 1; ULONG RefTraceEnabled: 1; ULO
8、NG NumaAware: 1; ULONG ProtectedProcess: 1; ULONG DefaultPagePriority: 3; ULONG PrimaryTokenFrozen: 1; ULONG ProcessVerifierTarget: 1; ULONG StackRandomizationDisabled: 1; ULONG Flags; ULONG CreateReported: 1; ULONG NoDebugInherit: 1; ULONG ProcessExiting: 1; ULONG ProcessDelete: 1; ULONG Wow64Split
9、Pages: 1; ULONG VmDeleted: 1; ULONG OutswapEnabled: 1; ULONG Outswapped: 1; ULONG ForkFailed: 1; ULONG Wow64VaSpace4Gb: 1; ULONG AddressSpaceInitialized: 2; ULONG SetTimerResolution: 1; ULONG BreakOnTermination: 1; ULONG DeprioritizeViews: 1; ULONG WriteWatch: 1; ULONG ProcessInSession: 1; ULONG Ove
10、rrideAddressSpace: 1; ULONG HasAddressSpace: 1; ULONG LaunchPrefetched: 1; ULONG InjectInpageErrors: 1; ULONG VmTopDown: 1; ULONG ImageNotifyDone: 1; ULONG PdeUpdateNeeded: 1; ULONG VdmAllowed: 1; ULONG SmapAllowed: 1; ULONG ProcessInserted: 1; ULONG DefaultIoPriority: 3; ULONG SparePsFlags1: 2; LON
11、G ExitStatus; WORD Spare7; union struct UCHAR SubSystemMinorVersion; UCHAR SubSystemMajorVersion; ; WORD SubSystemVersion; ; UCHAR PriorityClass; MM_AVL_TABLE VadRoot; ULONG Cookie; ALPC_PROCESS_CONTEXT AlpcContext; EPROCESS, *PEPROCESS;struct KPROCESStypedef struct _KPROCESS DISPATCHER_HEADER Heade
12、r; LIST_ENTRY ProfileListHead; ULONG DirectoryTableBase; ULONG Unused0; KGDTENTRY LdtDescriptor; KIDTENTRY Int21Descriptor; WORD IopmOffset; UCHAR Iopl; UCHAR Unused; ULONG ActiveProcessors; ULONG KernelTime; ULONG UserTime; LIST_ENTRY ReadyListHead; SINGLE_LIST_ENTRY SwapListEntry; PVOID VdmTrapcHandler; LIST_ENTRY ThreadListHead; ULONG ProcessLock; ULONG Affinity; union ULONG AutoAlignment: 1; ULONG DisableBoost: 1; ULONG DisableQuantum: 1; ULONG ReservedFlags: 29; LONG ProcessFlags; ; CHAR BasePriority; CHAR QuantumReset; UCHAR State; UCHAR ThreadSeed;
