14:00 on June 25, 2004
Recently, I have seen a book of Windows core programming. I have seen it very much (of course, I will not hit the wall, come back, huh, huh). In order to understand the content faster, I close this study note for your reference.
Note: This article can be reproduced, indicating that you can
When studying C , the teacher will speak, the object, the three major characteristics, what is my head is big, but you recall, that is, it's a problem, a problem. This doesn't have a kernel object, you are not annoying, huh, huh, slowly come to you.
1. What is a kernel object we used in the VC, windows, fonts, refreshes, etc. These objects belong to the user object or GDI object kernel object is just a memory block allocated by the kernel, and can only be accessed by the kernel. The memory block is a data structure that is responsible for maintaining various information of the object.
Q: Since we can only access these kernel objects, how can our applications operate these kernel objects? A: Windows provides a set of functions to operate the data structure of these objects with a well-defined way to operate For example, when the function is called to create a kernel object, the function returns a handle that identifies the object. This value can be used any thread in our process. Pass this handler to the various functions of Windows, so that the system knows which kernel objects that want to operate.
I want to call :: If our process calls a function of creating a kernel object, then our process is terminated, the kernel object is not necessarily revoked. Because the kernel object is owned by the kernel, not a certain process.
Since we call the object, we will think of member functions, member variables, and kernel objects are no exception, and it also has a large number of members, but most data members belong to a specific object type. Some data members (such as security descriptors, use, etc.) are the same in all object types
2. The function of the security of kernel objects Creating a kernel object has a pointer to the security_attributes structure as a parameter. For example
Handle CreateFilemapping (Handle Hfile,
Psecurity_attributes PSA,
DWORD FLPROTECT,
DWORD DWMAXMUMSIGH,
DWORD DWMAXIMUMSIZELOW,
PCTSTR PSZNAME) Psecurity_attributes PSA This parameter is that if this parameter is null, then the kernel object of the default security is created.
The default security kernel object: Note Any member of the object's management team and the creator of the object have all access to the object, while all others have no right to access the object.
If you want to limit people's access to the kernel objects we create, you must initialize the security_attributes structure, passing some of the addresses to PSA, for example: security_attributes sa; sa.nlength = sizeof (sa); sa.lpsecurityDescriptor = null; Sa.binherithandle = false; handel hfilemapping = CreateFileMapping (Invalid_Handle_Value, & Sa, Page_Readwrite, 0, 1024, "MyFileMapping");
If you want to access the corresponding kernel object, you must set what kind of operation, for example, want to access an existing file mapping kernel object, call the openfilemapping function handle hfilemapping = OpenFileMApping (file_map_read, false, "MyFileMapping ");
Q: • How to determine if an object belongs to the kernel object A: See the function used to create the object, all functions for creating kernel objects have a parameter (paecurity_attributes) used to set security properties; 3. Counting the kernel object One internal check contains a usage count. When an object is just created, its usage count is set to 1. When another process accesses an existing kernel object, the count is incremented by using the count 1. When the process is terminated, The kernel automatically determines the usage count of all kernel objects that this process is still open. If the count is 0, the kernel undesired the object to ensure that any kernel objects are not retained without the process when the process references this object.
Today, I said so much. This is the first piece of work I am in 9CBS. It is said that it is incorrect, please give an assessment (to be continued)
