Windows API Reference: Kernel

The Kernel section of the Windows API provides access to fundamental operating system services. These functions allow you to interact with processes, threads, memory management, synchronization primitives, and other core kernel objects.

Process and Thread Management

CreateProcess BOOL CreateProcess( _In_opt_ LPCTSTR lpApplicationName, _Inout_opt_ LPTSTR lpCommandLine, _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, _In_ BOOL bInheritHandles, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCTSTR lpCurrentDirectory, _In_ LPSTARTUPINFO lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation );

Creates a new process and its primary thread. The new process has two copies of the executable code. One copy is in the address space of the calling process, and the other is in the address space of the new process.

Parameters

  • lpApplicationName: Pointer to a null-terminated string that specifies the module to be executed.
  • lpCommandLine: Pointer to a null-terminated string that specifies the command line constructed from the filename and its arguments.
  • lpProcessAttributes: Pointer to a SECURITY_ATTRIBUTES structure that specifies the security attributes for the process.
  • lpThreadAttributes: Pointer to a SECURITY_ATTRIBUTES structure that specifies the security attributes for the thread.
  • bInheritHandles: If this parameter is TRUE, the new process inherits the handles of the calling process.
  • dwCreationFlags: Flags that control the priority class and behavior of the new process.
  • lpEnvironment: Pointer to a block of memory containing a null-terminated list of null-terminated strings, each terminated by a newline character.
  • lpCurrentDirectory: Pointer to a null-terminated string that specifies the full path for the current directory for the new process.
  • lpStartupInfo: Pointer to a STARTUPINFO structure that specifies the window station, desktop, standard handles, and appearance of the main window for the new process.
  • lpProcessInformation: Pointer to a PROCESS_INFORMATION structure that receives identification information about the new process and its primary thread.

Return Value

If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

GetCurrentProcessId DWORD GetCurrentProcessId(void);

Retrieves the process identifier of the calling process. Process identifiers are unique during the lifetime of a process.

Return Value

The return value is the process identifier of the calling process.

ExitProcess VOID ExitProcess( _In_ UINT uExitCode );

Terminates the calling process and all its threads. The status code from the process is returned to the calling process or operating system.

Parameters

  • uExitCode: The exit code for the process. Use 0 to indicate that the process terminated successfully.

Memory Management

VirtualAlloc LPVOID VirtualAlloc( _In_opt_ LPVOID lpAddress, _In_ SIZE_T dwSize, _In_ DWORD flAllocationType, _In_ DWORD flProtect );

Reserves, commits, or changes the state of a region of pages in the virtual address space of the calling process. It can also commit an already reserved region, or reserve an already committed region.

Parameters

  • lpAddress: The starting address of the region of pages to be allocated.
  • dwSize: The size, in bytes, of the region of pages to allocate.
  • flAllocationType: The type of memory allocation.
  • flProtect: The memory protection for the region of pages to be allocated.

Return Value

If the function succeeds, the return value is the base address of the allocated region of pages. If the function fails, the return value is NULL. To get extended error information, call GetLastError.

VirtualFree BOOL VirtualFree( _In_ LPVOID lpAddress, _In_ SIZE_T dwSize, _In_ DWORD dwFreeType );

Releases, frees, and optionally decommits a region of memory previously reserved or committed by calling the process's virtual memory allocation functions.

Parameters

  • lpAddress: A pointer to the base address of the region of pages to be freed.
  • dwSize: The size, in bytes, of the region of memory to be freed.
  • dwFreeType: The type of memory deallocation.

Return Value

If the function succeeds, the return value is TRUE. If the function fails, the return value is FALSE. To get extended error information, call GetLastError.

Synchronization Objects

CreateMutex HANDLE CreateMutex( _In_opt_ LPSECURITY_ATTRIBUTES lpMutexAttributes, _In_ BOOL bInitialOwner, _In_opt_ LPCTSTR lpName );

Creates or opens a named or unnamed mutex object.

Parameters

  • lpMutexAttributes: A pointer to a SECURITY_ATTRIBUTES structure that specifies the security attributes for the mutex object.
  • bInitialOwner: A boolean value that specifies whether the calling thread will have initial ownership of the mutex.
  • lpName: The name of the mutex object.

Return Value

If the function succeeds, the return value is a handle to the newly created mutex object. If the function fails, the return value is NULL.

WaitForSingleObject DWORD WaitForSingleObject( _In_ HANDLE hHandle, _In_ DWORD dwMilliseconds );

Waits until the specified object is in the signaled state or the time-out interval elapses.

Parameters

  • hHandle: A handle to the object.
  • dwMilliseconds: The time-out interval in milliseconds.

Return Value

If the function succeeds, the return value indicates the event that caused the function to return. If the function fails, the return value is WAIT_FAILED.