Jobs for the Windows kernel

Jobs for the Windows kernel

1 Definition:

A job is a kernel object, which is the equivalent of a container, which can join many processes, and by configuring the job, the process within the job can have the same configuration, such as the maximum execution time of the process, CPU chip time, and so on.

2 Creating related functions for jobs

HANDLE Createjobobject (Lpsecurity_attributeslpjobattributes,lpctstr lpname); HANDLE openjobobject (DWORD dwdesiredaccessbool binherithandles,lpctstr lpname);

3 restrictions on the process in the job

BOOL setinformationobject (handlehjob,jobobjectinfoclass jobobjectinfoclass lpvoid lpjobinfo DWORD Cbjobobjectinfolength );

By setting restrictions on the job, you can achieve a unified limit on the processes in the job. There are four limitations of the process in the job, as follows:

3.1 jobobject_basic_limit_information

typedef struct _JOBOBJECT_BASIC_LIMIT_INFORMATION {   large_integer         perprocessusertimelimit;   Large_integer         Perjobusertimelimit;    DWORD                 limitflags;    size_t                minimumworkingsetsize;    size_t                maximumworkingsetsize;    DWORD                 Activeprocesslimit;    Ulong_ptr             Affinity;    DWORD                 PriorityClass;    DWORD                 Schedulingclass;} Jobobject_basic_limit_information,*pjobobject_basic_limit_information;

<1> set the maximum time limit for user mode per process
<2> set how many user-mode times can be used in a job
<3> Specify which restriction tags are valid
<4> set the minimum working set size for all processes in the job
<5> set the maximum working set size for all processes in the job
<6> set the maximum number of processes that can be run in a job
<7> set a subset of CPUs that can run processes
<8> set priorities for all processes
<9> sets the relative time difference assigned to the job, which is used to handle abnormal process conditions.

3.2 Jobobject_extended_limit_informatio

typedef struct _JOBOBJECT_EXTENDED_LIMIT_INFORMATION {    jobobject_basic_limit_information basiclimitinformation ;    Io_counters Ioinfo;    size_t Processmemorylimit;    size_t Jobmemorylimit;    size_t peakprocessmemoryused;    size_t peakjobmemoryused;} Jobobject_extended_limit_information, *pjobobject_extended_limit_information;

<1> contains basic restriction information
<2> reserved
<3> set the memory limit for each memory
<4> set the memory limit for each job
<5> indicates the largest amount of memory that has been used in all processes
<6> indicates the maximum amount of memory that is already used by all processes
3.3 Jobobject_basic_ui_restrictions

typedef struct _JOBOBJECT_BASIC_UI_RESTRICTIONS {    DWORD uirestrictionsclass;} Jobobject_basic_ui_restrictions, *pjobobject_basic_ui_restrictions;

This struct has only one parameter, which is designed to create a restricted category for the UI. The main is a write prohibit copy sticky, etc. UI restrictions
3.4 jobobject_security_limit_information

typedef struct _JOBOBJECT_SECURITY_LIMIT_INFORMATION {    DWORD securitylimitflags;    HANDLE Jobtoken;    Ptoken_groups sidstodisable;    Ptoken_privilegesprivilegestodelete;    Ptoken_groups Restrictedsids;} Jobobject_security_limit_information, *pjobobject_security_limit_information;

<1> Indicates whether administrator access is not allowed, unrestricted tag access is not allowed, specific access tokens are enforced, or some security identifiers and priorities are deactivated
<2> a handle to the primary token representing the user
<3> indicates which SIDs are deactivated for access checks
<4> indicates which priority to remove from the access tag
<5> indicates that a set of deny (Deny only) SIDS should be added to the access token


4 Query restriction conditions

BOOL queryinformationjobobject (  HANDLE hjob,        //HANDLE to Job  jobobjectinfoclass Jobobjectinfoclass,// Information class  LPVOID lpjobobjectinfo,//limit information  DWORD cbjobobjectinfolength,//limit Information size  Lpdword lpreturnlength   //data written);

This function allows you to query the constraints of the job.


5 putting a process into a job

BOOL assignprocesstojobobject (  HANDLE hjob,     //HANDLE to Job  HANDLE hprocess  //HANDLE to process);

When a process produces a new process, the child process automatically becomes part of the parent process job
6 terminating the operation of all processes in the job

BOOL terminatejobobject (  HANDLE hjob,   //HANDLE to Job  UINT Uexitcode  //exit code);

This function allows all processes in the job to stop running.