Processes endpoint
This endpoint is intended for managing processes.
Information about methods of the endpoint is provided in the table below.
Methods of the task.Task endpoint (kl.core.Task interface)
Method | Method purpose and parameters | Potential danger of the method |
---|---|---|
| Purpose Creates a process. Parameters
| Allows the following:
|
| Purpose Loads a program image segment into process memory from the MDL buffer. Parameters
| Allows code to be loaded into process memory for subsequent execution of that code. |
| Purpose Defines a process entry point. Parameters
| Creates conditions for executing code loaded into process memory. |
| Purpose Loads the character table and string table from MDL buffers into process memory. MDL buffers contain a character table and string table from non-loadable segments of the ELF file. These tables are necessary for receiving stack backtrace data (information about call stacks). Parameters
| N/A |
| Purpose Loads the parameters of a process into its memory. Parameters
| Allows the kernel memory to be used up by creating a multitude of objects within it. |
| Purpose Frees the memory of the current process occupied by parameters that were loaded by the Parameters
| N/A |
| Purpose Starts a process. Parameters
| Allows the following:
|
| Purpose Terminates the current process. Parameters
| N/A |
| Purpose Terminates a process. Parameters
| Allows another process to be terminated if its handle is available. (The handle permissions mask must allow termination of the process.) |
| Purpose Lets you get information about a terminated process. Parameters
| N/A |
| Purpose Lets you receive the context of a thread that is part of a process that has been frozen due to an unhandled exception. When a process is frozen, execution of the process stops but its resources are not freed. Therefore, data on this process can be collected. Parameters
| Lets you disrupt isolation of a process that has been frozen due to an unhandled exception. For example, the received thread context can contain the values of variables. |
| Purpose Lets you get information about the virtual memory region belonging to a process that has been frozen due to an unhandled exception. When a process is frozen, execution of the process stops but its resources are not freed. Therefore, data on this process can be collected. Parameters
| Lets you disrupt isolation of a process that has been frozen due to an unhandled exception. Process isolation is disrupted due to the opened access to the process memory region. |
| Purpose Terminates a process that has been frozen due to an unhandled exception. When a process is frozen, execution of the process stops but its resources are not freed. Therefore, data on this process can be collected. A frozen process cannot be restarted. It can only be terminated. Parameters
| Allows termination of a process that has been frozen due to an unhandled exception. This will not allow collection of data about this process for diagnostic purposes. |
| Purpose Lets you get the name of the current process. Parameters
| N/A |
| Purpose Lets you get the name of the executable file that was used to start the current process. Parameters
| N/A |
| Purpose Lets you get the priority of the initial thread of a process. Parameters
| N/A |
| Purpose Defines the priority of the initial thread of a process. Parameters
| Allows the priority of the initial thread of a process to be elevated to reduce the CPU time available to all other threads, including from other processes. It is recommended to monitor the priority of an initial thread. |
| Purpose Lets you get information about existing processes. Parameters
| Allows the kernel memory to be used up by creating a multitude of objects within it. |
| Purpose Defines the scheduler class and priority of the initial thread of a process. Parameters
| Allows the following:
|
| Purpose Defines the initial vector in the random number generator for ASLR support. Affects the results from calling the Parameters
| N/A |