PsCreateSystemThread routine "創建系統執行緒"例程
The PsCreateSystemThread routine creates a system thread that executes in kernel mode and returns a handle for the thread.
此PsCreateSystemThread 例程創建一個執行在核心模式的系統執行緒並返回此執行緒的句柄。
基本介紹
- 中文名:創建系統執行緒
- 外文名:PsCreateSystemThread
Syntax 語法,Parameters,Return value 返回值,Remarks 備註,Requirements 要求,See also 請參閱,
Syntax 語法
NTSTATUS PsCreateSystemThread(
_Out_PHANDLE ThreadHandle,
_In_ULONG DesiredAccess, //所需訪問許可權
_In_opt_POBJECT_ATTRIBUTES ObjectAttributes,
_In_opt_HANDLE ProcessHandle,
_Out_opt_PCLIENT_ID ClientId,
_In_PKSTART_ROUTINE StartRoutine,//執行緒中要執行的函式
_In_opt_PVOID StartContext//傳遞給上述要執行的函式的參數
);
Parameters
- ThreadHandle[out]執行緒句柄[輸出參數]
Points to a variable that will receive the handle. The driver must close the handle withZwCloseonce the handle is no longer in use. This handle is a kernel handle for WindowsVista and later versions of Windows. In earlier versions of Windows, the handle might not be a kernel handle.
指向一個用於接收此句柄的變數。一旦此句柄 不再使用,驅動必須用ZwClose關閉此句柄。此句柄在WindowsVista 及以後版本的Windows系統中是核心句柄。在較早版本的Windows 里,此句柄不可以是核心句柄。 - DesiredAccess[in]所需訪問許可權[輸入參數]
Specifies theACCESS_MASKvalue that represents the requested types of access to the created thread.
指定ACCESS_MASK值用於指明對所創建執行緒的存取許可權要求。 - ObjectAttributes[in, optional]對象屬性[輸入參數,可選]
Points to a structure that specifies the object's attributes. OBJ_PERMANENT, OBJ_EXCLUSIVE, and OBJ_OPENIF are not valid attributes for a thread object. On Windows XP and later versions of Windows, if the caller is not running in the system process context, it must set the OBJ_KERNEL_HANDLE attribute forObjectAttributes. Drivers for Microsoft Windows 2000 and Windows 98/Me must only callPsCreateSystemThreadfrom the system process context. For WindowsVista and later versions of Windows, the handle will be a kernel handle.
指向一個結構,它指定對象的屬性。OBJ_PERMANENT,OBJ_EXCLUSIVE,和OBJ_OPENIF不是執行緒對象的有效屬性。在Windows XP和更高版本的Windows,如果對方不在系統進程的上下文中運行,它必須為ObjectAttributes設定OBJ_KERNEL_HANDLE屬性。對微軟的Windows 2000和Windows 98/Me的驅動必須只在系統進程上下文中調用PsCreateSystemThread。對於WindowsVista 及其後版本的WindowsVista,此句柄將是一個核心句柄。 - ProcessHandle[in, optional] 進程句柄[輸入參數,可選]
Specifies an open handle for the process in whose address space the thread is to be run. The caller's thread must have PROCESS_CREATE_THREAD access to this process. If this parameter is not supplied, the thread will be created in the initial system process. This value should beNULLfor a driver-created thread. Use theNtCurrentProcessmacro, defined in Ntddk.h, to specify the current process.
指定“在其地址空間中運行執行緒的那個進程”的一個打開的句柄。調用者的執行緒必須對這個進程有process_create_thread訪問許可權。如果不提供此參數,則將在初始系統進程中創建執行緒。在為一個驅動程式創建的執行緒里,這個值應該是空的。可使用定義在ntddk.H中的NtCurrentProcess宏,來指定當前進程。 - ClientId[out, optional]客戶標識[輸出參數,可選]
Points to a structure that receives the client identifier of the new thread. This value should beNULLfor a driver-created thread.
指向用於“接收新執行緒的客戶端標識符”的結構。在為一個驅動程式創建的執行緒里,這個值應該是空的。 - StartRoutine[in]開始例程[輸入參數]
The entry point for the newly created system thread. This parameter is a function pointer to aThreadStartroutine that receives a single argument, which is theStartContextparameter value supplied by the caller.
新創建的系統執行緒的入口點。這個參數是一個函式指針,指向能接收一個參數的ThreadStart例程,參數值是由調用者提供的startcontext參數。 - StartContext[in, optional]開始語境[輸入參數,可選]
Supplies a single argument that is passed to the thread when it begins execution.
當本函式(PsCreateSystemThread)開始執行時,提供一個單獨的參數傳遞給所創建的執行緒。
Return value 返回值
PsCreateSystemThreadreturns STATUS_SUCCESS if the thread was created.
PsCreateSystemThread如果成功創建執行緒則返回STATUS_SUCCESS.
Remarks 備註
Drivers that create device-dedicated threads call this routine, either when they initialize or when I/O requests begin to come in to such a driver's Dispatch routines. For example, a driver might create such a thread when it receives an asynchronous device control request.
創建設備專用執行緒的驅動程式調用這個例程,或者當它們初始化時或當I/O請求開始出現在諸如一個驅動程式的調度程式中時。例如,當接收到異步設備控制請求時,可能會創建這樣一個執行緒。
PsCreateSystemThreadcreates a kernel-mode thread that begins a separate thread of execution within the system. Such a system thread has no TEB or user-mode context and runs only in kernel mode.
PsCreateSystemThread創建一個核心執行緒,在系統中以單獨執行緒形式進行執行。這樣的一個系統執行緒沒有TEB或用戶模式並且只在核心模式下運行。
If the inputProcessHandleisNULL, the created thread is associated with the system process. Such a thread continues running until either the system is shut down or the thread terminates itself by callingPsTerminateSystemThread.
如果輸入ProcessHandle為NULL,則創建的執行緒與系統進程關聯。這樣的一個執行緒會持續運行,直到系統關閉或執行緒調用PsTerminateSystemThread終止自己。
Starting with Windows XP, driver routines that run in a process context other than that of the system process must set the OBJ_KERNEL_HANDLE attribute for theObjectAttributesparameter ofPsCreateSystemThread. This restricts the use of the handle returned byPsCreateSystemThreadto processes running in kernel mode. Otherwise, the thread handle can be accessed by the process in whose context the driver is running. Drivers can set the OBJ_KERNEL_HANDLE attribute as follows.
從Windows XP起,驅動程式在一個進程的上下文以外的系統過程中必須進行的PsCreateSystemThreadObjectAttributes中參數設定OBJ_KERNEL_HANDLE屬性運行。由PsCreateSystemThread返回的此句柄限制僅使用於核心模式下。否則,執行緒句柄能被驅動運行的上下文環境中的進程所訪問,。驅動程式可以設定OBJ_KERNEL_HANDLE屬性如下。
InitializeObjectAttributes(&ObjectAttributes, NULL, OBJ_KERNEL_HANDLE, NULL, NULL);
Drivers for Windows 2000 and Windows 98/Me must callPsCreateSystemThreadonly from the system process context.
Windows 2000 and Windows 98/Me下的驅動必須只能在系統進程上下文環境中調用PsCreateSystemThread
For more information about theStartContextparameter, seeThreadStart.
關於StartContext參數的更多信息,見ThreadStart.。
The newly created system thread runs at PASSIVE_LEVEL inside a critical region withnormal kernel APCsdisabled.
新創建的系統執行緒以PASSIVE_LEVEL運行在臨界區伴隨著核心APC禁用。
Requirements 要求
Target platform | |
---|---|
Version | Available starting with Windows 2000. |
Header |
|
Library |
|
DLL |
|
IRQL | PASSIVE_LEVEL |
DDI compliance rules | IrqlPsPassive,HwStorPortProhibitedDDIs |
See also 請參閱
- InitializeObjectAttributes
- KeSetBasePriorityThread
- KeSetPriorityThread
- PsTerminateSystemThread
- ThreadStart
- ZwSetInformationThread