/// <summary>
/// Create a new thread in a process.
/// </summary>
/// <param name="process">Process to create the thread in.</param>
/// <param name="start_routine">Address of the start routine.</param>
/// <param name="argument">Argument to pass to the thread.</param>
/// <param name="create_flags">Creation flags.</param>
/// <param name="stack_size">Size of the committed stack.</param>
/// <returns>The created thread object.</returns>
/// <remarks>This creates a native thread, not a Win32 thread. This might cause unexpected things to fail as they're not initialized.</remarks>
public static NtThread Create(
NtProcess process,
long start_routine,
long argument,
ThreadCreateFlags create_flags,
long stack_size)
{
return(Create(process, start_routine, argument, create_flags, stack_size, true).Result);
}
/// <summary>
/// Create a new thread in a process.
/// </summary>
/// <param name="process">Process to create the thread in.</param>
/// <param name="start_routine">Address of the start routine.</param>
/// <param name="argument">Argument to pass to the thread.</param>
/// <param name="create_flags">Creation flags.</param>
/// <param name="stack_size">Size of the committed stack.</param>
/// <param name="throw_on_error">True to throw on error</param>
/// <returns>The created thread object.</returns>
/// <remarks>This creates a native thread, not a Win32 thread. This might cause unexpected things to fail as they're not initialized.</remarks>
public static NtResult <NtThread> Create(
NtProcess process,
long start_routine,
long argument,
ThreadCreateFlags create_flags,
long stack_size,
bool throw_on_error)
{
return(Create(null, ThreadAccessRights.MaximumAllowed, process, start_routine, argument, create_flags, 0, stack_size, 0, null, throw_on_error));
}
public static extern NtStatus NtCreateUserProcess(
out SafeKernelObjectHandle ProcessHandle,
out SafeKernelObjectHandle ThreadHandle,
ProcessAccessRights ProcessDesiredAccess,
ThreadAccessRights ThreadDesiredAccess,
ObjectAttributes ProcessObjectAttributes,
ObjectAttributes ThreadObjectAttributes,
ProcessCreateFlags ProcessFlags,
ThreadCreateFlags ThreadFlags,
IntPtr ProcessParameters,
[In, Out] ProcessCreateInfo CreateInfo,
[In, Out] ProcessAttributeList AttributeList
);
public static extern NtStatus NtCreateThreadEx(
out SafeKernelObjectHandle ThreadHandle,
ThreadAccessRights DesiredAccess,
[In] ObjectAttributes ObjectAttributes,
SafeKernelObjectHandle ProcessHandle,
IntPtr StartRoutine,
IntPtr Argument,
ThreadCreateFlags CreateFlags,
IntPtr ZeroBits,
IntPtr StackSize,
IntPtr MaximumStackSize,
ProcessAttributeList AttributeList
);
/// <summary>
/// Create a new thread in a process.
/// </summary>
/// <param name="object_attributes">The object attributes for the thread object.</param>
/// <param name="desired_acccess">Desired access for the handle.</param>
/// <param name="process">Process to create the thread in.</param>
/// <param name="start_routine">Address of the start routine.</param>
/// <param name="argument">Argument to pass to the thread.</param>
/// <param name="create_flags">Creation flags.</param>
/// <param name="zero_bits">Zero bits for the stack address.</param>
/// <param name="stack_size">Size of the committed stack.</param>
/// <param name="maximum_stack_size">Maximum reserved stack size.</param>
/// <param name="attribute_list">Optional attribute list.</param>
/// <returns>The created thread object.</returns>
/// <remarks>This creates a native thread, not a Win32 thread. This might cause unexpected things to fail as they're not initialized.</remarks>
public static NtThread Create(
ObjectAttributes object_attributes,
ThreadAccessRights desired_acccess,
NtProcess process,
long start_routine,
long argument,
ThreadCreateFlags create_flags,
long zero_bits,
long stack_size,
long maximum_stack_size,
IEnumerable <ProcessAttribute> attribute_list)
{
return(Create(object_attributes, desired_acccess, process, start_routine, argument, create_flags,
zero_bits, stack_size, maximum_stack_size, attribute_list, true).Result);
}
/// <summary>
/// Create a new thread in a process.
/// </summary>
/// <param name="object_attributes">The object attributes for the thread object.</param>
/// <param name="desired_acccess">Desired access for the handle.</param>
/// <param name="process">Process to create the thread in.</param>
/// <param name="start_routine">Address of the start routine.</param>
/// <param name="argument">Argument to pass to the thread.</param>
/// <param name="create_flags">Creation flags.</param>
/// <param name="zero_bits">Zero bits for the stack address.</param>
/// <param name="stack_size">Size of the committed stack.</param>
/// <param name="maximum_stack_size">Maximum reserved stack size.</param>
/// <param name="attribute_list">Optional attribute list.</param>
/// <param name="throw_on_error">True to throw on error</param>
/// <returns>The created thread object.</returns>
/// <remarks>This creates a native thread, not a Win32 thread. This might cause unexpected things to fail as they're not initialized.</remarks>
public static NtResult <NtThread> Create(
ObjectAttributes object_attributes,
ThreadAccessRights desired_acccess,
NtProcess process,
long start_routine,
long argument,
ThreadCreateFlags create_flags,
long zero_bits,
long stack_size,
long maximum_stack_size,
IEnumerable <ProcessAttribute> attribute_list,
bool throw_on_error)
{
using (ProcessAttributeList attr_list = ProcessAttributeList.Create(attribute_list))
{
return(NtSystemCalls.NtCreateThreadEx(out SafeKernelObjectHandle handle, desired_acccess, object_attributes, process.Handle, new IntPtr(start_routine), new IntPtr(argument),
create_flags, new IntPtr(zero_bits), new IntPtr(stack_size), new IntPtr(maximum_stack_size), attr_list).CreateResult(throw_on_error, () => new NtThread(handle)));
}
}
/// <summary>
/// For the current process
/// </summary>
/// <param name="process_create_flags">Process create flags.</param>
/// <param name="thread_create_flags">Thread create flags.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The new forked process result</returns>
public static NtResult <CreateUserProcessResult> Fork(ProcessCreateFlags process_create_flags,
ThreadCreateFlags thread_create_flags, bool throw_on_error)
{
using (var attrs = new DisposableList <ProcessAttribute>()) {
ProcessCreateInfo create_info = new ProcessCreateInfo();
SafeStructureInOutBuffer <ClientId> client_id = new SafeStructureInOutBuffer <ClientId>();
attrs.Add(ProcessAttribute.ClientId(client_id));
ProcessAttributeList attr_list = new ProcessAttributeList(attrs);
return(NtSystemCalls.NtCreateUserProcess(
out SafeKernelObjectHandle process_handle, out SafeKernelObjectHandle thread_handle,
ProcessAccessRights.MaximumAllowed, ThreadAccessRights.MaximumAllowed,
null, null, process_create_flags | ProcessCreateFlags.InheritFromParent,
thread_create_flags, IntPtr.Zero, create_info, attr_list).CreateResult(throw_on_error,
() => new CreateUserProcessResult(process_handle, thread_handle,
create_info.Data, new SectionImageInformation(), client_id.Result, false)));
}
}
/// <summary>
/// For the current process
/// </summary>
/// <param name="process_create_flags">Process create flags.</param>
/// <param name="thread_create_flags">Thread create flags.</param>
/// <returns>The new forked process result</returns>
public static CreateUserProcessResult Fork(ProcessCreateFlags process_create_flags,
ThreadCreateFlags thread_create_flags)
{
return(Fork(process_create_flags, thread_create_flags, true).Result);
}
