I call PsGetCurrentProcess to get an PEPROCESS structure, how I can read PE header of the my process in kernel mode, something like this code which do that in user mode?
My goal is to get version info from the PE header.
I recommend to obtain this information when the process is created. You can use PsSetCreateProcessNotifyRoutine(Ex) to be notified when a new process is created. PsSetLoadImageNotifyRoutine informs you when a PE file (including process' main executable) is mapped to the virtual address space.
It is a bad idea to read the version information from process' memory when the process is fully initialized and running. The process has full control over its PE file mapping, so it can fake the version info. What's more, you can access usermode memory only at low IRQL (PASSIVE_LEVEL). Minifilter callbacks may be called at APC_LEVEL/DISPATCH_LEVEL too.