Module: WinFFI::Kernel32
- Extended by:
- LibBase
- Defined in:
- lib/win-ffi/functions/kernel32/process.rb,
lib/win-ffi.rb,
lib/win-ffi/functions/kernel32.rb,
lib/win-ffi/enums/kernel32/handle.rb,
lib/win-ffi/enums/kernel32/memory.rb,
lib/win-ffi/enums/kernel32/volume.rb,
lib/win-ffi/functions/kernel32/dll.rb,
lib/win-ffi/functions/kernel32/time.rb,
lib/win-ffi/structs/kernel32/actctx.rb,
lib/win-ffi/functions/kernel32/error.rb,
lib/win-ffi/functions/kernel32/sound.rb,
lib/win-ffi/enums/kernel32/heap_flags.rb,
lib/win-ffi/functions/kernel32/handle.rb,
lib/win-ffi/functions/kernel32/memory.rb,
lib/win-ffi/functions/kernel32/string.rb,
lib/win-ffi/functions/kernel32/volume.rb,
lib/win-ffi/enums/kernel32/local_flags.rb,
lib/win-ffi/enums/kernel32/sound_flags.rb,
lib/win-ffi/enums/kernel32/memory_flags.rb,
lib/win-ffi/functions/kernel32/resource.rb,
lib/win-ffi/functions/kernel32/activation.rb,
lib/win-ffi/functions/kernel32/filesystem.rb,
lib/win-ffi/functions/kernel32/system_info.rb,
lib/win-ffi/enums/kernel32/activation_context.rb,
lib/win-ffi/enums/kernel32/global_alloc_flags.rb,
lib/win-ffi/enums/kernel32/format_message_flags.rb,
lib/win-ffi/enums/kernel32/get_module_handle_ex_flag.rb,
lib/win-ffi/enums/kernel32/memory_protection_constants.rb
Overview
The Process module includes process related functions and constants, including some tool help functions that relate to processes.
Defined Under Namespace
Constant Summary collapse
- INVALID_HANDLE_VALUE =
0xFFFFFFFF
- HANDLE_FLAG_INHERIT =
0x00000001- HANDLE_FLAG_PROTECT_FROM_CLOSE =
0x00000002- SEC_FILE =
0x800000- SEC_IMAGE =
0x1000000- SEC_VLM =
0x2000000- SEC_RESERVE =
0x4000000- SEC_COMMIT =
0x8000000- SEC_NOCACHE =
0x10000000- DRIVE_UNKNOWN =
0- DRIVE_NO_ROOT_DIR =
1- DRIVE_REMOVABLE =
2- DRIVE_FIXED =
3- DRIVE_REMOTE =
4- DRIVE_CDROM =
5- DRIVE_RAMDISK =
6- HeapFlags =
enum :heap_flags, [ :NO_SERIALIZE, 0x00000001, :GENERATE_EXCEPTIONS, 0x00000004, :ZERO_MEMORY, 0x00000008, :REALLOC_IN_PLACE_ONLY, 0x00000010, :CREATE_ENABLE_EXECUTE, 0x00040000 ]
- LocalFlags =
enum :local_flags, [ :FIXED, 0x0000, :MOVEABLE, 0x0002, :NOCOMPACT, 0x0010, :NODISCARD, 0x0020, :ZEROINIT, 0x0040, :MODIFY, 0x0080, :DISCARDABLE, 0x0F00, :VALID_FLAGS, 0x0F72, :INVALID_HANDLE, 0x8000, :DISCARDED, 0x4000, :LOCKCOUNT, 0x00FF ]
- SoundFlags =
enum :sound_flags, [ :SYNC, 0x0000, # play synchronously (default) :ASYNC, 0x0001, # play asynchronously :NODEFAULT, 0x0002, # silence (!default) if sound not found :MEMORY, 0x0004, # pszSound points to a memory file :LOOP, 0x0008, # loop the sound until next sndPlaySound :NOSTOP, 0x0010, # don:t stop any currently playing sound :NOWAIT, 8192, # don:t wait if the driver is busy :ALIAS, 65536, # name is a registry alias :ALIAS_ID, 1114112,# alias is a predefined ID :FILENAME, 131072, # name is file name :RESOURCE, 262148, # name is resource name or atom :PURGE, 0x0040, # purge non-static events for task :APPLICATION, 0x0080, # look for application specific association ]
- PROCESS_ALL_ACCESS =
Process access rights
0x1F0FFF
- PROCESS_CREATE_PROCESS =
0x0080- PROCESS_CREATE_THREAD =
0x0002- PROCESS_DUP_HANDLE =
0x0040- PROCESS_QUERY_INFORMATION =
0x0400- PROCESS_QUERY_LIMITED_INFORMATION =
0x1000- PROCESS_SET_QUOTA =
0x0100- PROCESS_SET_INFORMATION =
0x0200- PROCESS_SUSPEND_RESUME =
0x0800- PROCESS_TERMINATE =
0x0001- PROCESS_VM_OPERATION =
0x0008- PROCESS_VM_READ =
0x0010- PROCESS_VM_WRITE =
0x0020- SYNCHRONIZE =
1048576- STILL_ACTIVE =
259- ABOVE_NORMAL_PRIORITY_CLASS =
Process priority flags
0x00008000- BELOW_NORMAL_PRIORITY_CLASS =
0x00004000- HIGH_PRIORITY_CLASS =
0x00000080- IDLE_PRIORITY_CLASS =
0x00000040- NORMAL_PRIORITY_CLASS =
0x00000020- REALTIME_PRIORITY_CLASS =
0x00000100- CREATE_BREAKAWAY_FROM_JOB =
Process creation flags
0x01000000- CREATE_DEFAULT_ERROR_MODE =
0x04000000- CREATE_NEW_CONSOLE =
0x00000010- CREATE_NEW_PROCESS_GROUP =
0x00000200- CREATE_NO_WINDOW =
0x08000000- CREATE_PRESERVE_CODE_AUTHZ_LEVEL =
0x02000000- CREATE_SEPARATE_WOW_VDM =
0x00000800- CREATE_SHARED_WOW_VDM =
0x00001000- CREATE_SUSPENDED =
0x00000004- CREATE_UNICODE_ENVIRONMENT =
0x00000400- DEBUG_ONLY_THIS_PROCESS =
0x00000002- DEBUG_PROCESS =
0x00000001- DETACHED_PROCESS =
0x00000008- STARTF_USESHOWWINDOW =
0x00000001- STARTF_USESIZE =
0x00000002- STARTF_USEPOSITION =
0x00000004- STARTF_USECOUNTCHARS =
0x00000008- STARTF_USEFILLATTRIBUTE =
0x00000010- STARTF_RUNFULLSCREEN =
0x00000020- STARTF_FORCEONFEEDBACK =
0x00000040- STARTF_FORCEOFFFEEDBACK =
0x00000080- STARTF_USESTDHANDLES =
0x00000100- STARTF_USEHOTKEY =
0x00000200- LOGON_WITH_PROFILE =
0x00000001- LOGON_NETCREDENTIALS_ONLY =
0x00000002- SHUTDOWN_NORETRY =
0x00000001- JobObjectBasicLimitInformation =
Job Object Classes
2- JobObjectBasicUIRestrictions =
4- JobObjectSecurityLimitInformation =
5- JobObjectEndOfJobTimeInformation =
6- JobObjectAssociateCompletionPortInformation =
7- JobObjectExtendedLimitInformation =
9- JobObjectGroupInformation =
11- JOB_OBJECT_LIMIT_WORKINGSET =
Job Limit Flags
0x00000001- JOB_OBJECT_LIMIT_PROCESS_TIME =
0x00000002- JOB_OBJECT_LIMIT_JOB_TIME =
0x00000004- JOB_OBJECT_LIMIT_ACTIVE_PROCESS =
0x00000008- JOB_OBJECT_LIMIT_AFFINITY =
0x00000010- JOB_OBJECT_LIMIT_PRIORITY_CLASS =
0x00000020- JOB_OBJECT_LIMIT_PRESERVE_JOB_TIME =
0x00000040- JOB_OBJECT_LIMIT_SCHEDULING_CLASS =
0x00000080- JOB_OBJECT_LIMIT_PROCESS_MEMORY =
0x00000100- JOB_OBJECT_LIMIT_JOB_MEMORY =
0x00000200- JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION =
0x00000400- JOB_OBJECT_LIMIT_BREAKAWAY_OK =
0x00000800- JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK =
0x00001000- JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE =
0x00002000- JOB_OBJECT_ASSIGN_PROCESS =
Job Access Rights
0x0001- JOB_OBJECT_SET_ATTRIBUTES =
0x0002- JOB_OBJECT_QUERY =
0x0004- JOB_OBJECT_TERMINATE =
0x0008- JOB_OBJECT_SET_SECURITY_ATTRIBUTES =
0x0010- JOB_OBJECT_ALL_ACCESS =
0x1F001F
- MemoryFlags =
enum :memory_flags, [ :COMMIT, 0x1000, :RESERVE, 0x2000, :DECOMMIT, 0x4000, :RELEASE, 0x8000, :FREE, 0x10000, :PRIVATE, 0x20000, :MAPPED, 0x40000, :RESET, 0x80000, :TOP_DOWN, 0x100000, :WRITE_WATCH, 0x200000, :PHYSICAL, 0x400000, :LARGE_PAGES, 0x20000000, :N4MB_PAGES, 0x80000000200000 ]
- ActivationContext =
enum :activation_context, [ :PROCESSOR_ARCHITECTURE_VALID, 0x001, :LANGID_VALID, 0x002, :ASSEMBLY_DIRECTORY_VALID, 0x004, :RESOURCE_NAME_VALID, 0x008, :SET_PROCESS_DEFAULT, 0x010, :APPLICATION_NAME_VALID, 0x020, :HMODULE_VALID, 0x080 ]
- GlobalAllocFlags =
enum :global_alloc_flags, [ :GHND, 0x0042, :GMEM_FIXED, 0x0000, :GMEM_MOVABLE, 0002, :GMEM_ZEROINIT, 0x0040, :GPTR, 0x0040 ]
- FormatMessageFlags =
enum :format_message_flags, [ :ALLOCATE_BUFFER, 0x00000100, :IGNORE_INSERTS, 0x00000200, :FROM_STRING, 0x00000400, :FROM_HMODULE, 0x00000800, :FROM_SYSTEM, 0x00001000, :ARGUMENT_ARRAY, 0x00002000, :MAX_WIDTH_MASK, 0x000000FF ]
- GetModuleHandleExFlag =
enum :get_module_handle_ex_flag, [:none, :pin, :unchanged_refcount, :from_address]
- MemoryProtectionConstants =
enum :memory_protection_constants, [ :NOACCESS, 0x01, :READONLY, 0x02, :READWRITE, 0x04, :WRITECOPY, 0x08, :EXECUTE, 0x10, :EXECUTE_READ, 0x20, :EXECUTE_READWRITE, 0x40, :EXECUTE_WRITECOPY, 0x80, :GUARD, 0x100, :NOCACHE, 0x200, :WRITECOMBINE, 0x400 ]
Instance Method Summary collapse
-
#windows_64? ⇒ Boolean
Helper method to determine if you’re on a 64 bit version of Windows.
Methods included from LibBase
Instance Method Details
#windows_64? ⇒ Boolean
Helper method to determine if you’re on a 64 bit version of Windows
339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 |
# File 'lib/win-ffi/functions/kernel32/process.rb', line 339 def windows_64? bool = false if respond_to?(:IsWow64Process, true) pbool = FFI::MemoryPointer.new(:int) # The IsWow64Process function will return false for a 64 bit process, # so we check using both the address size and IsWow64Process. if FFI::Platform::ADDRESS_SIZE == 64 bool = true else if IsWow64Process(GetCurrentProcess(), pbool) bool = true if pbool.read_int == 1 end end end bool end |