![Page 1: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/1.jpg)
计算机系•信息处理实验室
Lecture 4 System Mechanisms (2)
xlanchen@03/18/2005
![Page 2: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/2.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
2计算机系信息处理实验室
Contents
Trap dispatching
The executive object manager
Synchronization
System worker threads
Local procedure calls (LPCs)
![Page 3: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/3.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
3计算机系信息处理实验室
Object manager
EXPERIMENT
Exploring the Object Manager
![Page 4: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/4.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
4计算机系信息处理实验室
Uniform approach towards:
Object protection (C2 security)
Charging
Object naming
Object retention and garbage collection
Object access (via handles)
Standard object attributes
Standard object methods
![Page 5: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/5.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
5计算机系信息处理实验室
Executive Objects Process
Memory Section
Event
Timer
Object directory
Queues
Thread
File
Semaphore
Symbolic link
Port
(registry) key
![Page 6: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/6.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
6计算机系信息处理实验室
Executive objects that contain kernel objects
![Page 7: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/7.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
7计算机系信息处理实验室
Object Structure
![Page 8: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/8.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
8计算机系信息处理实验室
Object properties
OM deletes object when:
#open handles drops to zero
#knl refs drops to zero
Obj names
Support identification, finding, sharing
Hierarchic (per machine) name space
Symbolic links, e.g. “C:”
![Page 9: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/9.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
9计算机系信息处理实验室
Type Objects
Process objects and the process type object
![Page 10: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/10.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
10计算机系信息处理实验室
EXPERIMENT
Viewing the Type Objects
![Page 11: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/11.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
11计算机系信息处理实验室
Type Object Attributes
Type name
Pool type
Default quota
Access types
Generic access rights mapping
Synchronization
Methods
![Page 12: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/12.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
12计算机系信息处理实验室
Object Methods
Open--When an object handle is opened
Close--When an object handle is closed
Delete--Before the object manager deletes an object
Query--name When a thread requests the name of an object, such as a file, that exists in a secondary object domain
Parse--When the object manager is searching for an object name that exists in a secondary object domain
Security--When a process reads or changes the protection of an object, such as a file, that exists in a secondary object domain
![Page 13: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/13.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
13计算机系信息处理实验室
Object Handles & Process Handle Table
![Page 14: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/14.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
14计算机系信息处理实验室
EXPERIMENT
Viewing Open Handles with Nthandle
![Page 15: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/15.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
15计算机系信息处理实验室
Structure of a handle table entry
![Page 16: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/16.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
16计算机系信息处理实验室
EXPERIMENT Viewing the Handle Table with the Kernel Debugger
![Page 17: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/17.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
17计算机系信息处理实验室
Handles and reference counts
![Page 18: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/18.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
18计算机系信息处理实验室
Synchronization
Mutual exclusion
one, and only one, thread can access a particular resource at a time
Critical sections
![Page 19: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/19.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
19计算机系信息处理实验室
Kernel Synchronization
Kernel critical sections
For single-processor
Simple operating systems: disable all interrupts
2K: raising the processor's IRQL
For a multiprocessor
spinlock
![Page 20: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/20.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
20计算机系信息处理实验室
Using a spinlock
![Page 21: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/21.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
21计算机系信息处理实验室
Executive Synchronization
Dispatcher objects
WaitForSingleObject
WaitForMultipleObjects
A thread in a Win32 application can synchronize with a Win32 process, thread, event, semaphore, mutex, waitable timer, I/O completion port, or file object
Executive resources
available only to kernel-mode code
aren't accessible from the Win32 API
![Page 22: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/22.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
22计算机系信息处理实验室
Waiting on a dispatcher object
A thread can synchronize with a dispatcher object by waiting on the object's handle
![Page 23: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/23.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
23计算机系信息处理实验室
Selected kernel dispatcher objects
![Page 24: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/24.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
24计算机系信息处理实验室
![Page 25: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/25.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
25计算机系信息处理实验室
Wait data structures
![Page 26: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/26.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
26计算机系信息处理实验室
EXPERIMENT
Looking at Wait Queues
![Page 27: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/27.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
27计算机系信息处理实验室
System worker threads
Three types
Delayed worker threads
Critical worker threads
hypercritical worker threads
![Page 28: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/28.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
28计算机系信息处理实验室
EXPERIMENT Listing System Worker Threads
![Page 29: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/29.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
29计算机系信息处理实验室
Windows 2000 Global Flags
NtGlobalFlag
Initialize
Gflags.exe
allows you to view and change the system global flags
![Page 30: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/30.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
30计算机系信息处理实验室
Local procedure calls (LPCs)
An interprocess communication facility
For high-speed message passing
An internal mechanism available only to Windows 2000 operating system components
![Page 31: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/31.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
31计算机系信息处理实验室
EXPERIMENT
Viewing LPC Port Objects
![Page 32: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/32.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
32计算机系信息处理实验室
![Page 33: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/33.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
33计算机系信息处理实验室
![Page 34: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/34.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
34计算机系信息处理实验室
“ Internal” IPC between address spaces, e.g.
Transport for local RPC
Calls to Win32 subsystem
Variants:
n <= 256 bytes done inband
n > 256 bytes via shmem section
n > shmem section – addr-to-addr copy
Typically client-server
Client connects to servers well-known LPC port
Server opens new port and tells client its address
![Page 35: 计算机系 信息处理实验室 Lecture 4 System Mechanisms (2) xlanchen@03/18/2005](https://reader034.vdocuments.pub/reader034/viewer/2022050702/56649ecf5503460f94bdc40c/html5/thumbnails/35.jpg)
xlanchen@03/18/2005 Understanding the Inside of Windows2000
35计算机系信息处理实验室
LPC端口的使用