Process Hacker
exttools.h
Go to the documentation of this file.
1 #ifndef EXTTOOLS_H
2 #define EXTTOOLS_H
3 
4 #define PHNT_VERSION PHNT_VISTA
5 #include <phdk.h>
6 
7 extern PPH_PLUGIN PluginInstance;
8 extern LIST_ENTRY EtProcessBlockListHead;
9 extern LIST_ENTRY EtNetworkBlockListHead;
10 extern HWND ProcessTreeNewHandle;
11 extern HWND NetworkTreeNewHandle;
12 
13 #define PLUGIN_NAME L"ProcessHacker.ExtendedTools"
14 #define SETTING_NAME_DISK_TREE_LIST_COLUMNS (PLUGIN_NAME L".DiskTreeListColumns")
15 #define SETTING_NAME_DISK_TREE_LIST_SORT (PLUGIN_NAME L".DiskTreeListSort")
16 #define SETTING_NAME_ENABLE_ETW_MONITOR (PLUGIN_NAME L".EnableEtwMonitor")
17 #define SETTING_NAME_ENABLE_GPU_MONITOR (PLUGIN_NAME L".EnableGpuMonitor")
18 #define SETTING_NAME_GPU_NODE_BITMAP (PLUGIN_NAME L".GpuNodeBitmap")
19 #define SETTING_NAME_GPU_LAST_NODE_COUNT (PLUGIN_NAME L".GpuLastNodeCount")
20 
21 // Process icon
22 
23 typedef struct _ET_PROCESS_ICON
24 {
25  LONG RefCount;
26  HICON Icon;
27 } ET_PROCESS_ICON, *PET_PROCESS_ICON;
28 
29 // Disk item
30 
31 #define HISTORY_SIZE 60
32 
33 typedef struct _ET_DISK_ITEM
34 {
35  LIST_ENTRY AgeListEntry;
36  ULONG AddTime;
37  ULONG FreshTime;
38 
39  HANDLE ProcessId;
40  PPH_STRING FileName;
41  PPH_STRING FileNameWin32;
42 
43  PPH_STRING ProcessName;
44  PET_PROCESS_ICON ProcessIcon;
45  PPH_PROCESS_RECORD ProcessRecord;
46 
47  ULONG IoPriority;
48  ULONG ResponseTimeCount;
49  FLOAT ResponseTimeTotal; // in milliseconds
50  FLOAT ResponseTimeAverage;
51 
52  ULONG64 ReadTotal;
53  ULONG64 WriteTotal;
54  ULONG64 ReadDelta;
55  ULONG64 WriteDelta;
56  ULONG64 ReadAverage;
57  ULONG64 WriteAverage;
58 
59  ULONG64 ReadHistory[HISTORY_SIZE];
60  ULONG64 WriteHistory[HISTORY_SIZE];
61  ULONG HistoryCount;
62  ULONG HistoryPosition;
63 } ET_DISK_ITEM, *PET_DISK_ITEM;
64 
65 // Disk node
66 
67 #define ETDSTNC_NAME 0
68 #define ETDSTNC_FILE 1
69 #define ETDSTNC_READRATEAVERAGE 2
70 #define ETDSTNC_WRITERATEAVERAGE 3
71 #define ETDSTNC_TOTALRATEAVERAGE 4
72 #define ETDSTNC_IOPRIORITY 5
73 #define ETDSTNC_RESPONSETIME 6
74 #define ETDSTNC_MAXIMUM 7
75 
76 typedef struct _ET_DISK_NODE
77 {
78  PH_TREENEW_NODE Node;
79 
80  PET_DISK_ITEM DiskItem;
81 
82  PH_STRINGREF TextCache[ETDSTNC_MAXIMUM];
83 
84  PPH_STRING ProcessNameText;
85  PPH_STRING ReadRateAverageText;
86  PPH_STRING WriteRateAverageText;
87  PPH_STRING TotalRateAverageText;
88  PPH_STRING ResponseTimeText;
89 
90  PPH_STRING TooltipText;
91 } ET_DISK_NODE, *PET_DISK_NODE;
92 
93 // Process tree columns
94 
95 #define ETPRTNC_DISKREADS 1
96 #define ETPRTNC_DISKWRITES 2
97 #define ETPRTNC_DISKREADBYTES 3
98 #define ETPRTNC_DISKWRITEBYTES 4
99 #define ETPRTNC_DISKTOTALBYTES 5
100 #define ETPRTNC_DISKREADSDELTA 6
101 #define ETPRTNC_DISKWRITESDELTA 7
102 #define ETPRTNC_DISKREADBYTESDELTA 8
103 #define ETPRTNC_DISKWRITEBYTESDELTA 9
104 #define ETPRTNC_DISKTOTALBYTESDELTA 10
105 #define ETPRTNC_NETWORKRECEIVES 11
106 #define ETPRTNC_NETWORKSENDS 12
107 #define ETPRTNC_NETWORKRECEIVEBYTES 13
108 #define ETPRTNC_NETWORKSENDBYTES 14
109 #define ETPRTNC_NETWORKTOTALBYTES 15
110 #define ETPRTNC_NETWORKRECEIVESDELTA 16
111 #define ETPRTNC_NETWORKSENDSDELTA 17
112 #define ETPRTNC_NETWORKRECEIVEBYTESDELTA 18
113 #define ETPRTNC_NETWORKSENDBYTESDELTA 19
114 #define ETPRTNC_NETWORKTOTALBYTESDELTA 20
115 #define ETPRTNC_HARDFAULTS 21
116 #define ETPRTNC_HARDFAULTSDELTA 22
117 #define ETPRTNC_PEAKTHREADS 23
118 #define ETPRTNC_GPU 24
119 #define ETPRTNC_GPUDEDICATEDBYTES 25
120 #define ETPRTNC_GPUSHAREDBYTES 26
121 #define ETPRTNC_DISKREADRATE 27
122 #define ETPRTNC_DISKWRITERATE 28
123 #define ETPRTNC_DISKTOTALRATE 29
124 #define ETPRTNC_NETWORKRECEIVERATE 30
125 #define ETPRTNC_NETWORKSENDRATE 31
126 #define ETPRTNC_NETWORKTOTALRATE 32
127 #define ETPRTNC_MAXIMUM 32
128 
129 // Network list columns
130 
131 #define ETNETNC_RECEIVES 1
132 #define ETNETNC_SENDS 2
133 #define ETNETNC_RECEIVEBYTES 3
134 #define ETNETNC_SENDBYTES 4
135 #define ETNETNC_TOTALBYTES 5
136 #define ETNETNC_RECEIVESDELTA 6
137 #define ETNETNC_SENDSDELTA 7
138 #define ETNETNC_RECEIVEBYTESDELTA 8
139 #define ETNETNC_SENDBYTESDELTA 9
140 #define ETNETNC_TOTALBYTESDELTA 10
141 #define ETNETNC_FIREWALLSTATUS 11
142 #define ETNETNC_RECEIVERATE 12
143 #define ETNETNC_SENDRATE 13
144 #define ETNETNC_TOTALRATE 14
145 #define ETNETNC_MAXIMUM 14
146 
147 // Firewall status
148 
149 typedef enum _ET_FIREWALL_STATUS
150 {
151  FirewallUnknownStatus,
152  FirewallAllowedNotRestricted,
153  FirewallAllowedRestricted,
154  FirewallNotAllowedNotRestricted,
155  FirewallNotAllowedRestricted,
156  FirewallMaximumStatus
157 } ET_FIREWALL_STATUS;
158 
159 // Object extensions
160 
161 typedef struct _ET_PROCESS_BLOCK
162 {
163  LIST_ENTRY ListEntry;
164  PPH_PROCESS_ITEM ProcessItem;
165 
166  ULONG64 DiskReadCount;
167  ULONG64 DiskWriteCount;
168  ULONG64 NetworkReceiveCount;
169  ULONG64 NetworkSendCount;
170 
171  ULONG64 DiskReadRaw;
172  ULONG64 DiskWriteRaw;
173  ULONG64 NetworkReceiveRaw;
174  ULONG64 NetworkSendRaw;
175 
176  PH_UINT64_DELTA DiskReadDelta;
177  PH_UINT64_DELTA DiskReadRawDelta;
178  PH_UINT64_DELTA DiskWriteDelta;
179  PH_UINT64_DELTA DiskWriteRawDelta;
180  PH_UINT64_DELTA NetworkReceiveDelta;
181  PH_UINT64_DELTA NetworkReceiveRawDelta;
182  PH_UINT64_DELTA NetworkSendDelta;
183  PH_UINT64_DELTA NetworkSendRawDelta;
184 
185  PH_UINT64_DELTA GpuRunningTimeDelta;
186  FLOAT GpuNodeUsage;
187  ULONG64 GpuDedicatedUsage;
188  ULONG64 GpuSharedUsage;
189 
190  PH_UINT32_DELTA HardFaultsDelta;
191 
192  PH_QUEUED_LOCK TextCacheLock;
193  PPH_STRING TextCache[ETPRTNC_MAXIMUM + 1];
194  BOOLEAN TextCacheValid[ETPRTNC_MAXIMUM + 1];
195 
196  PET_PROCESS_ICON SmallProcessIcon;
197 } ET_PROCESS_BLOCK, *PET_PROCESS_BLOCK;
198 
199 typedef struct _ET_NETWORK_BLOCK
200 {
201  LIST_ENTRY ListEntry;
202  PPH_NETWORK_ITEM NetworkItem;
203 
204  ULONG64 ReceiveCount;
205  ULONG64 SendCount;
206  ULONG64 ReceiveRaw;
207  ULONG64 SendRaw;
208 
209  union
210  {
211  struct
212  {
213  PH_UINT64_DELTA ReceiveDelta;
214  PH_UINT64_DELTA ReceiveRawDelta;
215  PH_UINT64_DELTA SendDelta;
216  PH_UINT64_DELTA SendRawDelta;
217  };
218  PH_UINT64_DELTA Deltas[4];
219  };
220 
221  ET_FIREWALL_STATUS FirewallStatus;
222  BOOLEAN FirewallStatusValid;
223 
224  PH_QUEUED_LOCK TextCacheLock;
225  PPH_STRING TextCache[ETNETNC_MAXIMUM + 1];
226  BOOLEAN TextCacheValid[ETNETNC_MAXIMUM + 1];
227 } ET_NETWORK_BLOCK, *PET_NETWORK_BLOCK;
228 
229 // main
230 
231 PET_PROCESS_BLOCK EtGetProcessBlock(
232  _In_ PPH_PROCESS_ITEM ProcessItem
233  );
234 
235 PET_NETWORK_BLOCK EtGetNetworkBlock(
236  _In_ PPH_NETWORK_ITEM NetworkItem
237  );
238 
239 // utils
240 
241 VOID EtFormatRate(
242  _In_ ULONG64 ValuePerPeriod,
243  _Inout_ PPH_STRING *Buffer,
244  _Out_opt_ PPH_STRINGREF String
245  );
246 
247 // etwmon
248 
249 extern BOOLEAN EtEtwEnabled;
250 
251 // etwstat
252 
253 extern ULONG EtDiskReadCount;
254 extern ULONG EtDiskWriteCount;
255 extern ULONG EtNetworkReceiveCount;
256 extern ULONG EtNetworkSendCount;
257 
258 extern PH_UINT32_DELTA EtDiskReadDelta;
259 extern PH_UINT32_DELTA EtDiskWriteDelta;
260 extern PH_UINT32_DELTA EtNetworkReceiveDelta;
261 extern PH_UINT32_DELTA EtNetworkSendDelta;
262 
263 extern PH_UINT32_DELTA EtDiskReadCountDelta;
264 extern PH_UINT32_DELTA EtDiskWriteCountDelta;
265 extern PH_UINT32_DELTA EtNetworkReceiveCountDelta;
266 extern PH_UINT32_DELTA EtNetworkSendCountDelta;
267 
268 extern PH_CIRCULAR_BUFFER_ULONG EtDiskReadHistory;
269 extern PH_CIRCULAR_BUFFER_ULONG EtDiskWriteHistory;
270 extern PH_CIRCULAR_BUFFER_ULONG EtNetworkReceiveHistory;
271 extern PH_CIRCULAR_BUFFER_ULONG EtNetworkSendHistory;
272 extern PH_CIRCULAR_BUFFER_ULONG EtMaxDiskHistory;
273 extern PH_CIRCULAR_BUFFER_ULONG EtMaxNetworkHistory;
274 
275 VOID EtEtwStatisticsInitialization(
276  VOID
277  );
278 
279 VOID EtEtwStatisticsUninitialization(
280  VOID
281  );
282 
283 // etwdisk
284 
285 extern BOOLEAN EtDiskEnabled;
286 
287 extern PPH_OBJECT_TYPE EtDiskItemType;
288 extern PH_CALLBACK EtDiskItemAddedEvent;
289 extern PH_CALLBACK EtDiskItemModifiedEvent;
290 extern PH_CALLBACK EtDiskItemRemovedEvent;
291 extern PH_CALLBACK EtDiskItemsUpdatedEvent;
292 
293 VOID EtInitializeDiskInformation(
294  VOID
295  );
296 
297 PET_DISK_ITEM EtCreateDiskItem(
298  VOID
299  );
300 
301 PET_DISK_ITEM EtReferenceDiskItem(
302  _In_ HANDLE ProcessId,
303  _In_ PPH_STRING FileName
304  );
305 
306 PPH_STRING EtFileObjectToFileName(
307  _In_ PVOID FileObject
308  );
309 
310 // procicon
311 
312 PET_PROCESS_ICON EtProcIconCreateProcessIcon(
313  _In_ HICON Icon
314  );
315 
316 VOID EtProcIconReferenceProcessIcon(
317  _Inout_ PET_PROCESS_ICON ProcessIcon
318  );
319 
320 VOID EtProcIconDereferenceProcessIcon(
321  _Inout_ PET_PROCESS_ICON ProcessIcon
322  );
323 
324 PET_PROCESS_ICON EtProcIconReferenceSmallProcessIcon(
325  _Inout_ PET_PROCESS_BLOCK Block
326  );
327 
328 VOID EtProcIconNotifyProcessDelete(
329  _Inout_ PET_PROCESS_BLOCK Block
330  );
331 
332 // etwprprp
333 
334 VOID EtProcessEtwPropertiesInitializing(
335  _In_ PVOID Parameter
336  );
337 
338 // disktab
339 
340 VOID EtInitializeDiskTab(
341  VOID
342  );
343 
344 VOID EtLoadSettingsDiskTreeList(
345  VOID
346  );
347 
348 VOID EtSaveSettingsDiskTreeList(
349  VOID
350  );
351 
352 // gpumon
353 
354 extern BOOLEAN EtGpuEnabled;
355 
356 extern ULONG EtGpuTotalNodeCount;
357 extern ULONG EtGpuTotalSegmentCount;
358 extern ULONG64 EtGpuDedicatedLimit;
359 extern ULONG64 EtGpuSharedLimit;
360 extern RTL_BITMAP EtGpuNodeBitMap;
361 
362 extern PH_UINT64_DELTA EtClockTotalRunningTimeDelta;
363 extern LARGE_INTEGER EtClockTotalRunningTimeFrequency;
364 extern PH_UINT64_DELTA EtGpuTotalRunningTimeDelta;
365 extern PH_UINT64_DELTA EtGpuSystemRunningTimeDelta;
366 extern FLOAT EtGpuNodeUsage;
367 extern PH_CIRCULAR_BUFFER_FLOAT EtGpuNodeHistory;
368 extern PH_CIRCULAR_BUFFER_ULONG EtMaxGpuNodeHistory; // ID of max. GPU usage process
369 extern PH_CIRCULAR_BUFFER_FLOAT EtMaxGpuNodeUsageHistory;
370 
371 extern PPH_UINT64_DELTA EtGpuNodesTotalRunningTimeDelta;
372 extern PPH_CIRCULAR_BUFFER_FLOAT EtGpuNodesHistory;
373 
374 extern ULONG64 EtGpuDedicatedUsage;
375 extern ULONG64 EtGpuSharedUsage;
376 extern PH_CIRCULAR_BUFFER_ULONG EtGpuDedicatedHistory;
377 extern PH_CIRCULAR_BUFFER_ULONG EtGpuSharedHistory;
378 
379 VOID EtGpuMonitorInitialization(
380  VOID
381  );
382 
383 typedef struct _ET_PROCESS_GPU_STATISTICS
384 {
385  ULONG SegmentCount;
386  ULONG NodeCount;
387 
388  ULONG64 DedicatedCommitted;
389  ULONG64 SharedCommitted;
390 
391  ULONG64 BytesAllocated;
392  ULONG64 BytesReserved;
393  ULONG64 WriteCombinedBytesAllocated;
394  ULONG64 WriteCombinedBytesReserved;
395  ULONG64 CachedBytesAllocated;
396  ULONG64 CachedBytesReserved;
397  ULONG64 SectionBytesAllocated;
398  ULONG64 SectionBytesReserved;
399 
400  ULONG64 RunningTime;
401  ULONG64 ContextSwitches;
402 } ET_PROCESS_GPU_STATISTICS, *PET_PROCESS_GPU_STATISTICS;
403 
404 VOID EtSaveGpuMonitorSettings(
405  VOID
406  );
407 
408 ULONG EtGetGpuAdapterCount(
409  VOID
410  );
411 
412 ULONG EtGetGpuAdapterIndexFromNodeIndex(
413  _In_ ULONG NodeIndex
414  );
415 
416 PPH_STRING EtGetGpuAdapterDescription(
417  _In_ ULONG Index
418  );
419 
420 VOID EtAllocateGpuNodeBitMap(
421  _Out_ PRTL_BITMAP BitMap
422  );
423 
424 VOID EtUpdateGpuNodeBitMap(
425  _In_ PRTL_BITMAP NewBitMap
426  );
427 
428 VOID EtQueryProcessGpuStatistics(
429  _In_ HANDLE ProcessHandle,
430  _Out_ PET_PROCESS_GPU_STATISTICS Statistics
431  );
432 
433 // gpuprprp
434 
435 VOID EtProcessGpuPropertiesInitializing(
436  _In_ PVOID Parameter
437  );
438 
439 // treeext
440 
441 VOID EtProcessTreeNewInitializing(
442  _In_ PVOID Parameter
443  );
444 
445 VOID EtProcessTreeNewMessage(
446  _In_ PVOID Parameter
447  );
448 
449 VOID EtNetworkTreeNewInitializing(
450  _In_ PVOID Parameter
451  );
452 
453 VOID EtNetworkTreeNewMessage(
454  _In_ PVOID Parameter
455  );
456 
457 ET_FIREWALL_STATUS EtQueryFirewallStatus(
458  _In_ PPH_NETWORK_ITEM NetworkItem
459  );
460 
461 // etwsys
462 
463 VOID EtEtwSystemInformationInitializing(
464  _In_ PPH_PLUGIN_SYSINFO_POINTERS Pointers
465  );
466 
467 // etwmini
468 
469 VOID EtEtwMiniInformationInitializing(
470  _In_ PPH_PLUGIN_MINIINFO_POINTERS Pointers
471  );
472 
473 // gpunodes
474 
475 VOID EtShowGpuNodesDialog(
476  _In_ HWND ParentWindowHandle,
477  _In_ PPH_SYSINFO_PARAMETERS Parameters
478  );
479 
480 // gpusys
481 
482 VOID EtGpuSystemInformationInitializing(
483  _In_ PPH_PLUGIN_SYSINFO_POINTERS Pointers
484  );
485 
486 // gpumini
487 
488 VOID EtGpuMiniInformationInitializing(
489  _In_ PPH_PLUGIN_MINIINFO_POINTERS Pointers
490  );
491 
492 // iconext
493 
494 VOID EtRegisterNotifyIcons(
495  VOID
496  );
497 
498 // modsrv
499 
500 VOID EtShowModuleServicesDialog(
501  _In_ HWND ParentWindowHandle,
502  _In_ HANDLE ProcessId,
503  _In_ PWSTR ModuleName
504  );
505 
506 // objprp
507 
508 VOID EtHandlePropertiesInitializing(
509  _In_ PVOID Parameter
510  );
511 
512 // options
513 
514 VOID EtShowOptionsDialog(
515  _In_ HWND ParentWindowHandle
516  );
517 
518 // thrdact
519 
520 BOOLEAN EtUiCancelIoThread(
521  _In_ HWND hWnd,
522  _In_ PPH_THREAD_ITEM Thread
523  );
524 
525 // unldll
526 
527 VOID EtShowUnloadedDllsDialog(
528  _In_ HWND ParentWindowHandle,
529  _In_ PPH_PROCESS_ITEM ProcessItem
530  );
531 
532 // wswatch
533 
534 VOID EtShowWsWatchDialog(
535  _In_ HWND ParentWindowHandle,
536  _In_ PPH_PROCESS_ITEM ProcessItem
537  );
538 
539 #endif