RE: Native API

OSR_Community_User · May 3, 2001, 4:45am

Take a look to “Native API Reference” from Gary Nebbet

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Mircea Avram
Sent: Friday, March 30, 2001 6:28 PM
To: NT Developers Interest List
Subject: [ntdev] Native API

Hi guys,

I have some questions regarding Native API for NT4.0.

I have to get a thread handle from a thread id in user-mode and it seems
imposible.
(Even more than that, I have to control that thread, like
suspend/resume/terminate)

I’ve found in KB that yo can’t do such a thing on Win NT4.0 (altough you can
do it in
Win2000 with OpenThread)

So I ran into NtOpenThread:

NTKERNELAPI NTSTATUS NtOpenThread (
OUT PHANDLE ThreadHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes,
IN PCLIENT_ID ClientId OPTIONAL
);
And also I’ve discovered NtResumeThread, NtSuspendThread, NtTerminateThread.

Here are the questions (first it’s a stupid one but I wanna be sure):

Is any way to get in user-mode the handle for a thread from a given
thread id?
Can I pass the thread handle from kernel-mode driver to user-mode client
using an IOCTL?
Where I can find the signatures for those APIs ?
How am I suppose to link to them? If I use ordinal number with a def file
is ok?

Any help is needed cause I’m in a pretty desperate situation.

Thanks in advance,
Mircea Avram (xxxxx@platform.com)

You are currently subscribed to ntdev as: xxxxx@trymedia.com
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

OSR_Community_User · May 3, 2001, 4:55am

sysinternals.com also has an introductory article called “Inside the Native
API”
Have a look at that too…

Taher

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Juan Antonio Ruzafa
Sent: Thursday, May 03, 2001 2:12 PM
To: NT Developers Interest List
Subject: [ntdev] RE: Native API

Take a look to “Native API Reference” from Gary Nebbet

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Mircea Avram
Sent: Friday, March 30, 2001 6:28 PM
To: NT Developers Interest List
Subject: [ntdev] Native API

Hi guys,

I have some questions regarding Native API for NT4.0.

I have to get a thread handle from a thread id in user-mode and it seems
imposible.
(Even more than that, I have to control that thread, like
suspend/resume/terminate)

I’ve found in KB that yo can’t do such a thing on Win NT4.0 (altough you can
do it in
Win2000 with OpenThread)

So I ran into NtOpenThread:

NTKERNELAPI NTSTATUS NtOpenThread (
OUT PHANDLE ThreadHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes,
IN PCLIENT_ID ClientId OPTIONAL
);
And also I’ve discovered NtResumeThread, NtSuspendThread, NtTerminateThread.

Here are the questions (first it’s a stupid one but I wanna be sure):

Is any way to get in user-mode the handle for a thread from a given
thread id?
Can I pass the thread handle from kernel-mode driver to user-mode client
using an IOCTL?
Where I can find the signatures for those APIs ?
How am I suppose to link to them? If I use ordinal number with a def file
is ok?

Any help is needed cause I’m in a pretty desperate situation.

Thanks in advance,
Mircea Avram (xxxxx@platform.com)

You are currently subscribed to ntdev as: xxxxx@trymedia.com
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@veritas.com
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

OSR_Community_User · May 3, 2001, 6:33pm

hello
can somebody tell me about such function
NtW32Call()( can i call any function in system dll from win32 subsystem)
maybe some source code…

mailto:xxxxx@mail.ru

You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

OSR_Community_User · May 3, 2001, 6:57pm

No you cant . It only can call a predefined set of routines. And this API
kinda dissaperead from NT , I cant tell you exactly when.

----- Original Message -----
From: “hello123”
To: “NT Developers Interest List”
Sent: Friday, May 04, 2001 1:29 AM
Subject: [ntdev] native api

> hello
> can somebody tell me about such function
> NtW32Call()( can i call any function in system dll from win32 subsystem)
> maybe some source code…
>
> mailto:xxxxx@mail.ru
>
>
>
> —
> You are currently subscribed to ntdev as: danp@jb.rdsor.ro
> To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>

—
You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com