|
|
|
The IoGetCurrentProcess routine returns a pointer to the current process.
PEPROCESS
IoGetCurrentProcess(
);
None
IoGetCurrentProcess returns a pointer to the current process.
Declared in wdm.h and ntddk.h. Include wdm.h or ntddk.h.
In general, highest-level drivers, particularly file systems, are most likely to call this routine. An intermediate or underlying device driver seldom is called in the context of a thread that originates the current I/O request that the driver is processing, so it cannot get access to such a thread’s process space.
Callers of IoGetCurrentProcess must be running at IRQL = PASSIVE_LEVEL.