PsCreateSystemThread

NTSTATUS
PsCreateSystemThread(

OUT PHANDLE ThreadHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes,/* optional */
IN HANDLE ProcessHandle,/* optional */
OUT PCLIENT_ID ClientId,/* optional */
IN PKSTART_ROUTINE StartRoutine,
IN PVOID StartContext
);

PsCreateSystemThread creates a system thread that executes in kernel mode and returns a handle for the thread.

Parameters

ThreadHandle

Points to a variable that will receive the handle.

DesiredAccess

Specifies the requested types of access to the created thread. This value can be THREAD_ALL_ACCESS or (ACCESS_MASK) 0L for a driver-created thread.

ObjectAttributes

Points to a structure that specifies the object’s attributes. OBJ_PERMANENT, OBJ_EXCLUSIVE, OBJ_OPEN_IF, and OBJ_OPEN_LINK are not valid attributes for a thread object. This value should be NULL for a driver-created thread.

ProcessHandle

Specifies an open handle for the process in whose address space the thread is to be run. The caller’s thread must have PROCESS_CREATE_THREAD access to this process. If this parameter is not supplied, the thread will be created in the initial system process. This value should be NULL for a driver-created thread.

ClientId

Points to a structure that receives the client identifier of the new thread. This value should be NULL for a driver-created thread.

StartRoutine

Is the entry point for a driver thread.

StartContext

Supplies a single argument passed to the thread when it begins execution.

Return Value

PsCreateSystemThread returns STATUS_SUCCESS if the thread was created.

Comments

Drivers that create device-dedicated threads call this routine, either when they initialize or when I/O requests begin to come in to such a driver’s Dispatch routines. For example, a driver might create such a thread when it receives an asynchronous device control request.

PsCreateSystemThread creates a kernel-mode thread that begins a separate thread of execution within the system. Such a system thread has no TEB or user-mode context and runs only in kernel mode.

If the input ProcessHandle is NULL, the created thread is associated with the system process. Such a thread continues running until either the system is shut down or the thread terminates itself by calling PsTerminateSystemThread.

Callers of this routine must be running at IRQL PASSIVE_LEVEL.

See Also

KeSetBasePriorityThread, KeSetPriorityThread, PsTerminateSystemThread, ZwSetInformationThread