LONG NTAPI AvgCpuSortFunction(
__in PVOID Node1,
__in PVOID Node2,
__in ULONG SubId,
__in PVOID Context
)
{
PPH_PROCESS_NODE node1 = Node1;
PPH_PROCESS_NODE node2 = Node2;
PPROCESS_EXTENSION extension1 = PhPluginGetObjectExtension(PluginInstance, node1->ProcessItem, EmProcessItemType);
PPROCESS_EXTENSION extension2 = PhPluginGetObjectExtension(PluginInstance, node2->ProcessItem, EmProcessItemType);
switch (SubId)
{
case COLUMN_ID_AVGCPU10:
return singlecmp(extension1->Avg10CpuUsage, extension2->Avg10CpuUsage);
case COLUMN_ID_AVGCPU60:
return singlecmp(extension1->Avg60CpuUsage, extension2->Avg60CpuUsage);
}
return 0;
}
int __cdecl EtpNetworkListSectionProcessCompareFunction(
_In_ const void *elem1,
_In_ const void *elem2
)
{
int result;
PPH_PROCESS_NODE node1 = *(PPH_PROCESS_NODE *)elem1;
PPH_PROCESS_NODE node2 = *(PPH_PROCESS_NODE *)elem2;
PET_PROCESS_BLOCK block1 = EtGetProcessBlock(node1->ProcessItem);
PET_PROCESS_BLOCK block2 = EtGetProcessBlock(node2->ProcessItem);
ULONG64 total1 = block1->NetworkReceiveRawDelta.Delta + block1->NetworkSendRawDelta.Delta;
ULONG64 total2 = block2->NetworkReceiveRawDelta.Delta + block2->NetworkSendRawDelta.Delta;
result = uint64cmp(total2, total1);
if (result == 0)
result = uint64cmp(block2->NetworkReceiveRaw + block2->NetworkSendRaw, block1->NetworkReceiveRaw + block1->NetworkSendRaw);
if (result == 0)
result = singlecmp(node2->ProcessItem->CpuUsage, node1->ProcessItem->CpuUsage);
return result;
}
