Kernel Functions

This section details the core Kernel APIs, providing access to fundamental operating system services and objects.

Process and Thread Management

CreateProcess

BOOL CreateProcess( LPCSTR lpApplicationName, LPSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCSTR lpCurrentDirectory, LPSTARTUPINFO lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation );

Creates a new process and its primary thread. The new process runs in the same address space of the calling process.

Parameters:

  • lpApplicationName: The name of the module to be executed.
  • lpCommandLine: The command line for the process to be executed.
  • lpProcessAttributes: Security attributes for the process.
  • lpThreadAttributes: Security attributes for the primary thread.
  • bInheritHandles: Indicates whether the new process inherits handles.
  • dwCreationFlags: Flags that control the priority class and behavior of the new process.
  • lpEnvironment: Pointer to the environment block for the new process.
  • lpCurrentDirectory: Pointer to the full path of the current directory for the process.
  • lpStartupInfo: Pointer to a STARTUPINFO structure used for customizing.
  • lpProcessInformation: Pointer to a PROCESS_INFORMATION structure that receives.

Return Value:

  • TRUE if the function succeeds.
  • FALSE if the function fails.

Remarks:

  • Use VirtualAlloc to allocate memory for the command line if it's not already allocated.
  • Consider using CreateProcessAsUser for processes that need to run under a different user account.

ExitProcess

VOID ExitProcess( UINT uExitCode );

Terminates the calling process and all of its threads.

Parameters:

  • uExitCode: The exit code for the process.

Remarks:

  • This function provides a clean exit by calling thread termination routines before terminating the process.

GetCurrentProcess

HANDLE GetCurrentProcess( VOID );

Returns a pseudo handle for the current process. A pseudo handle is a special constant that is equivalent to the actual handle of the process in all circumstances.

Return Value:

  • The return value is the process handle.

GetCurrentThreadId

DWORD GetCurrentThreadId( VOID );

Retrieves the thread identifier of the calling thread.

Return Value:

  • The return value is the thread identifier of the calling thread.

Memory Management

VirtualAlloc

LPVOID VirtualAlloc( LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect );

Reserves, commits, or changes the state of a region of pages in the virtual address space of the calling process.

Parameters:

  • lpAddress: The starting address of the region to allocate.
  • dwSize: The size, in bytes, of the region of memory to allocate.
  • flAllocationType: The type of memory allocation operation.
  • flProtect: The memory protection for the region of pages to be allocated.

Return Value:

  • If the function succeeds, the return value is the base address of the allocated region of pages.
  • If the function fails, the return value is NULL.

Synchronization Objects

CreateMutex

HANDLE CreateMutex( LPSECURITY_ATTRIBUTES lpMutexAttributes, BOOL bInitialOwner, LPCSTR lpName );

Creates or opens a mutex object.

Parameters:

  • lpMutexAttributes: Security attributes for the mutex object.
  • bInitialOwner: If TRUE, the calling thread is granted initial ownership of the mutex object.
  • lpName: The name of the mutex object.

Return Value:

  • If the function succeeds, the return value is a handle to the newly created mutex object.
  • If the function fails, the return value is NULL.
Previous: Memory Management Next: I/O APIs