typedef enum _THREADINFOCLASS
{
ThreadBasicInformation, // q: THREAD_BASIC_INFORMATION
ThreadTimes, // q: KERNEL_USER_TIMES
ThreadPriority, // s: KPRIORITY (requires SeIncreaseBasePriorityPrivilege)
ThreadBasePriority, // s: KPRIORITY
ThreadAffinityMask, // s: KAFFINITY
ThreadImpersonationToken, // s: HANDLE
ThreadDescriptorTableEntry, // q: DESCRIPTOR_TABLE_ENTRY (or WOW64_DESCRIPTOR_TABLE_ENTRY)
ThreadEnableAlignmentFaultFixup, // s: BOOLEAN
ThreadEventPair, // Obsolete
ThreadQuerySetWin32StartAddress, // q: ULONG_PTR
ThreadZeroTlsCell, // s: ULONG // TlsIndex // 10
ThreadPerformanceCount, // q: LARGE_INTEGER
ThreadAmILastThread, // q: ULONG
ThreadIdealProcessor, // s: ULONG
ThreadPriorityBoost, // qs: ULONG
ThreadSetTlsArrayAddress, // s: ULONG_PTR // Obsolete
ThreadIsIoPending, // q: ULONG
ThreadHideFromDebugger, // q: BOOLEAN; s: void
ThreadBreakOnTermination, // qs: ULONG
ThreadSwitchLegacyState, // s: void // NtCurrentThread // NPX/FPU
ThreadIsTerminated, // q: ULONG // 20
ThreadLastSystemCall, // q: THREAD_LAST_SYSCALL_INFORMATION
ThreadIoPriority, // qs: IO_PRIORITY_HINT (requires SeIncreaseBasePriorityPrivilege)
ThreadCycleTime, // q: THREAD_CYCLE_TIME_INFORMATION (requires THREAD_QUERY_LIMITED_INFORMATION)
ThreadPagePriority, // qs: PAGE_PRIORITY_INFORMATION
ThreadActualBasePriority, // s: LONG (requires SeIncreaseBasePriorityPrivilege)
ThreadTebInformation, // q: THREAD_TEB_INFORMATION (requires THREAD_GET_CONTEXT + THREAD_SET_CONTEXT)
ThreadCSwitchMon, // Obsolete
ThreadCSwitchPmu, // Obsolete
ThreadWow64Context, // qs: WOW64_CONTEXT, ARM_NT_CONTEXT since 20H1
ThreadGroupInformation, // qs: GROUP_AFFINITY // 30
ThreadUmsInformation, // q: THREAD_UMS_INFORMATION // Obsolete
ThreadCounterProfiling, // q: BOOLEAN; s: THREAD_PROFILING_INFORMATION?
ThreadIdealProcessorEx, // qs: PROCESSOR_NUMBER; s: previous PROCESSOR_NUMBER on return
ThreadCpuAccountingInformation, // q: BOOLEAN; s: HANDLE (NtOpenSession) // NtCurrentThread // since WIN8
ThreadSuspendCount, // q: ULONG // since WINBLUE
ThreadHeterogeneousCpuPolicy, // q: KHETERO_CPU_POLICY // since THRESHOLD
ThreadContainerId, // q: GUID
ThreadNameInformation, // qs: THREAD_NAME_INFORMATION (requires THREAD_SET_LIMITED_INFORMATION)
ThreadSelectedCpuSets,
ThreadSystemThreadInformation, // q: SYSTEM_THREAD_INFORMATION // 40
ThreadActualGroupAffinity, // q: GROUP_AFFINITY // since THRESHOLD2
ThreadDynamicCodePolicyInfo, // q: ULONG; s: ULONG (NtCurrentThread)
ThreadExplicitCaseSensitivity, // qs: ULONG; s: 0 disables, otherwise enables
ThreadWorkOnBehalfTicket, // RTL_WORK_ON_BEHALF_TICKET_EX
ThreadSubsystemInformation, // q: SUBSYSTEM_INFORMATION_TYPE // since REDSTONE2
ThreadDbgkWerReportActive, // s: ULONG; s: 0 disables, otherwise enables
ThreadAttachContainer, // s: HANDLE (job object) // NtCurrentThread
ThreadManageWritesToExecutableMemory, // MANAGE_WRITES_TO_EXECUTABLE_MEMORY // since REDSTONE3
ThreadPowerThrottlingState, // POWER_THROTTLING_THREAD_STATE // since REDSTONE3 (set), WIN11 22H2 (query)
ThreadWorkloadClass, // THREAD_WORKLOAD_CLASS // since REDSTONE5 // 50
ThreadCreateStateChange, // since WIN11
ThreadApplyStateChange,
ThreadStrongerBadHandleChecks, // since 22H1
ThreadEffectiveIoPriority, // q: IO_PRIORITY_HINT
ThreadEffectivePagePriority, // q: ULONG
ThreadUpdateLockOwnership, // since 24H2
ThreadSchedulerSharedDataSlot, // SCHEDULER_SHARED_DATA_SLOT_INFORMATION
ThreadTebInformationAtomic, // THREAD_TEB_INFORMATION
ThreadIndexInformation, // THREAD_INDEX_INFORMATION
MaxThreadInfoClass
} THREADINFOCLASS;
View code on GitHub
This enumeration defines types of information that can be queried or set for threads.
Applicable to
Members
Retrieves basic information about the thread such as its exit status, TEB address, and CLIENT_ID.
See also
ThreadTimes (1)
Retrieves creation and executions times for the thread.
ThreadPriority (2)
Adjusts the priority of the thread.
ThreadBasePriority (3)
Adjusts the base priority of the thread.
ThreadAffinityMask (4)
Limits on which processors the thread is allowed to run.
ThreadImpersonationToken (5)
Sets thread impersonation token.
|
Query |
Set |
| Type |
N/A |
Token HANDLE with TOKEN_IMPERSONATE access or NULL to clear |
| Required access |
N/A |
THREAD_SET_THREAD_TOKEN |
Note that if the the target process does not have SeImpersonatePrivilege enabled, the system might silently downgrade the assigned token (a copy of the provided one) to the identification level of impersonation. Additionally, the system can also duplicate the token before assignment to remove an incompatible process trust level.
Notable return values
STATUS_BAD_TOKEN_TYPE - the caller provided a primary token while the operation requires an impersonation token.
See also
ThreadDescriptorTableEntry (6)
ThreadEnableAlignmentFaultFixup (7)
ThreadEventPair (8)
ThreadQuerySetWin32StartAddress (9)
Retrieves the start address of a Win32 thread.
ThreadZeroTlsCell (10)
Zeros out the specified TLS cell indicated by index.
ThreadAmILastThread (12)
Determines if the thread is the only one in the process.
ThreadIdealProcessor (13)
Adjusts the number of the ideal (preferred) processor for the thread. This info class only supports the current processor group. To set the ideal processor from another group, use ThreadIdealProcessorEx (info class 33).
ThreadPriorityBoost (14)
Queries, enables, or disables priority boosting for the thread.
ThreadSetTlsArrayAddress (15)
ThreadIsIoPending (16)
Determines if the thread has any pending I/O requests.
ThreadHideFromDebugger (17)
Queries or enables suppression of debug events generated on the thread. Threads that do not generate debug events are essentially invisible to debuggers.
See also
ThreadBreakOnTermination (18)
Marks the thread as critical, causing a BSOD if it terminates.
See also
ThreadSwitchLegacyState (19)
ThreadIsTerminated (20)
Determines if the thread has already terminated. The result is similar to a no-timeout wait on the handle via NtWaitForSingleObject but requires a different access mask.
See also
ThreadLastSystemCall (21)
Queries the information about the last syscall performed by the thread.
ThreadIoPriority (22)
Determines or adjusts I/O priority for the thread.
ThreadCycleTime (23)
Determines the number of cycles spent by the thread.
ThreadPagePriority (24)
Determines or adjusts paging priority for the thread.
ThreadActualBasePriority (25)
Adjusts the base priority of the thread.
Allows reading a portion of the thread's TEB.
ThreadCSwitchMon (27)
ThreadCSwitchPmu (28)
ThreadWow64Context (29)
Gets and sets the WoW64 context (set of registers) for 32-bit threads running on 64-bit systems.
See also
Queries or adjusts the processor group for the thread.
ThreadCounterProfiling (32)
ThreadIdealProcessorEx (33)
Queries or the number of the ideal (preferred) processor for the thread.
ThreadSuspendCount (35)
Queries the current suspension counter of the thread. Note that the value is incremented by one for frozen threads. If the value is zero, the thread is allowed to run.
See also
ThreadHeterogeneousCpuPolicy (36)
Determines heterogeneous (big.LITTLE) scheduling policy for the thread.
ThreadContainerId (37)
Queries the job container ID attached to the thread.
Queries or sets the thread description string.
ThreadSelectedCpuSets (39)
Queries various information (exit status, times, priority, etc.) for the thread, returning the same structure as used when enumerating processes/threads via NtQuerySystemInformation.
ThreadActualGroupAffinity (41)
ThreadDynamicCodePolicyInfo (42)
Checks or applies exemptions for dynamic code policy (the Arbitrary Code Guard mitigation).
ThreadExplicitCaseSensitivity (43)
Configures explicit case-sensitivity for the thread.
ThreadWorkOnBehalfTicket (44)
Determines the subsystem of the thread.
ThreadDbgkWerReportActive (46)
Enables or disables Windows Error Reporting on the thread.
ThreadAttachContainer (47)
|
Query |
Set |
| Type |
N/A |
Job HANDLE with JOB_OBJECT_IMPERSONATE access |
| Required access |
N/A |
N/A (NtCurrentThread only) |
| Minimal version |
N/A |
Windows 10 RS2 (1703) |
ThreadManageWritesToExecutableMemory (48)
ThreadPowerThrottlingState (49)
ThreadWorkloadClass (50)
ThreadCreateStateChange (51)
ThreadApplyStateChange (52)
ThreadStrongerBadHandleChecks (53)
ThreadEffectiveIoPriority (54)
ThreadEffectivePagePriority (55)
