In
If no priority class is specified for the new process, the priority class defaults to Normal unless the priority class of the process that created it is Idle or Below Normal, in which case the priority class of the new process will have the same priority as the creating class.
If a Real-time priority class is specified for the new process and the process’ caller doesn’t have the Increase Scheduling Priority privilege, the High priority class is used instead. In other words,
All windows are associated with desktops, the graphical representation of a workspace. If no desktop is specified in
If the process is part of a job object, but the creation flags requested a separate virtual DOS machine (VDM), the flag is ignored.
If the caller is sending a handle to a monitor as an output handle instead of a console handle, standard handle flags are ignored.
If the creation flags specify that the process will be debugged, Kernel32 initiates a connection to the native debugging code in Ntdll.dll by calling
Kernel32.dll sets the default hard error mode if the creation flags specified one.
The user-specified attribute list is converted from Windows subsystem format to native format and internal attributes are added to it. The possible attributes that can be added to the attribute list are listed in Table 5-1, including their documented Windows API counterparts, if any.
Note
The attribute list passed on a
Native Attribute
Equivalent Windows Attribute
Type
Description
PS_CP_PARENT_PROCESS
PROC_THREAD_ATTRIBUTE_PARENT_PROCESS. Also used when elevating
Input
Handle to the parent process.
PS_CP_DEBUG_OBJECT
N/A – used when using DEBUG_PROCESS as a flag
Input
Debug object if process is being started debugged.
PS_CP_PRIMARY_TOKEN
N/A – used when using
Input
Process token if
PS_CP_CLIENT_ID
N/A – returned by Win32 API as a parameter
Output
Returns the TID and PID of the initial thread and the process.
PS_CP_TEB_ADDRESS
N/A – internally used and not exposed
Output
Returns the address of the TEB for the initial thread.
PS_CP_FILENAME
N/A – used as a parameter in
Input
Name of the process that should be created.
PS_CP_IMAGE_INFO
N/A – internally used and not exposed
Output
Returns SECTION_IMAGE_INFORMATION, which contains information on the version, flags, and subsystem of the executable, as well as the stack size and entry point.
PS_CP_MEM_RESERVE
N/A – internally used by SMSS and CSRSS.
Input
Array of virtual memory reservations that should be made during initial process address space creation, allowing guaranteed availability because no other allocations have taken place yet.
PS_CP_PRIORITY_CLASS
N/A – passed in as a parameter to the
Input
Priority class that the process should be given.
PS_CP_ERROR_MODE
N/A – passed in through CREATE_DEFAULT_ERROR_MODE flag
Input
Hard error-processing mode for the process.
PS_CP_STD_HANDLE_INFO
Input
Specifies if standard handles should be duplicated, or if new handles should be created.
PS_CP_HANDLE_LIST
PROC_THREAD_ATTRIBUTE_HANDLE_LIST
Input
List of handles belonging to the parent process that should be inherited by the new process.
PS_CP_GROUP_AFFINITY
PROC_THREAD_ATTRIBUTE_GROUP_AFFINITY
Input
Processor group(s) the thread should be allowed to run on.
PS_CP_PREFERRED_NODE
PROC_THREAD_ATTRIBUTES_PRFERRED_NODE
Input
Preferred (ideal) node that should be associated with the process. It affects the node on which the initial process heap and thread stack will be created.
PS_CP_IDEAL_PROCESSOR
PROC_THREAD_ATTTRIBUTE_IDEAL_PROCESSOR
Input
Preferred (ideal) processor that the thread should be scheduled on.
PS_CP_UMS_THREAD
PROC_THREAD_ATTRIBUTE_UMS_THREAD
Input
Contains the UMS attributes, completion list, and context.
