From 95cd480a8ab49f82a28c4675ed90bcb5d6521be8 Mon Sep 17 00:00:00 2001
From: midipix <writeonce@midipix.org>
Date: Sun, 21 Aug 2016 13:50:31 -0400
Subject: struct _nt_runtime_data: added parent process daemon identification
 data.

---
 include/ntapi/nt_process.h | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'include')

diff --git a/include/ntapi/nt_process.h b/include/ntapi/nt_process.h
index e03dec0..d594a27 100644
--- a/include/ntapi/nt_process.h
+++ b/include/ntapi/nt_process.h
@@ -466,6 +466,10 @@ typedef struct _nt_runtime_data {
 	int32_t		grp_type;
 	int32_t		grp_subtype;
 	uint32_t	grp_keys[6];
+	nt_guid		ppid_guid;
+	int32_t		ppid_type;
+	int32_t		ppid_subtype;
+	uint32_t	ppid_keys[6];
 	int32_t		stdin_type;
 	int32_t		stdout_type;
 	int32_t		stderr_type;
-- 
cgit v1.2.3