In-depth analysis of Windows operating system (fifth edition)-Chapter 1

Source: Internet
Author: User
Document directory
  • Windows API
  • About. net
  • History of Win32 APIs
  • Services, functions, and routines
Chapter 1 concepts and tools

In this chapter, we will introduce concepts and vocabulary about Microsoft Windows operating systems, for example, Windows API, process, thread, virtual memory, kernel mode and user mode, object, handle, security, and registry will run throughout this book. We will also introduce some tools that can help us navigate the Windows Kernel world, such as the kernel debugger, reliability and performance monitor, and key tools obtained from Windows sysinternals (www.microsoft.com/technet/sysinternals. In addition, we will show you how to use Windows Driver kit (wdk) and Windows software development kit (SDK) to make them a resource to help us find more kernel information.

Make sure that you understand what this chapter is about-when writing down the rest of this book, we assume you have done it.

Windows operating system version

This book covers the latest two windows OS versions based on the Windows NT kernel: Windows Vista (32-bit and 64-bit versions) and Windows Server 2008 (32-bit and 64-bit versions ). Unless otherwise stated, the content described in this book applies to all Windows versions. For some background knowledge, Table 1-1 lists the operating system release versions based on the Windows NT kernel, their internal version numbers, and the actual product names.

Basic concepts and vocabulary

In this book, we will reference many data structures and concepts that are unfamiliar to some readers. In this section, we will explain some words throughout the book. You should familiarize yourself with the subsequent chapters.

Windows API

Windows application programming interface (API) is a system programming interface of the Windows operating system family. In the 64-bit Windows XP and Windows Server 2003 versions, we will introduce the programming interfaces of the 32-bit Windows operating system. To distinguish it from the traditional 16-bit windows programming interface, it is called Win32 API. In this book, the word Windows API contains both 32-bit and 64-bit Windows Vista and Windows Server 2008 operating system programming interfaces.

 

Note: Windows API is described in detail in the Windows software development kit (SDK) documentation. (See the "Windows software development kit" section later in this chapter .) This document can be viewed online at www.msdn.microsoft.com for free. It can also be obtained by subscribing to msdn. Msdn is a support platform for Microsoft developers. You can get more information from www.msdn.microsoft.com. A great book on how to program using basic Windows APIS is Jeffrey Richter and caffe nasarre's fifth edition of windows via C/C ++ (Microsoft Press, 2007 ).

 

Windows APIs include thousands of functions that can be called. They can be divided into the following categories:

    • Basic services
    • Component Service
    • User Interface Service
    • Graphics and multimedia services
    • Messages and communications
    • Network
    • Site service

This book will focus on key basic services such as processes and threads, memory management, I/O and security.

About. net

The. NET Framework contains a framework class library (FCL) and a universal language runtime (CLR ). CLR is a code runtime environment with features such as real-time compilation, type check, decommission space collection, and code access permissions. By providing these features, CLR provides a development environment that can improve developers' development efficiency and reduce common programming errors. You can read the second version of CLR via C # by Jeffrey Richter (Microsoft Press, 2006) to get a detailed description of the. NET Framework and its core architecture.

The implementation of CLR is like a traditional COM Service. Its code is stored in the DLL (Dynamic Link Library) of the standard user layer. In fact, all the components of the. NET Framework are implemented in the standard user-layer DLL, on the Windows API of the user layer. (No. NET Framework is running in the kernel state ). Table 1-1 illustrates the relationships between these components:

History of Win32 APIs

Interestingly, Win32 is not the earliest programming interface of Microsoft Windows NT. The Windows NT project started to replace the OS/2 v2 operating system. Therefore, the main programming interface is the 32-bit OS/2 Representation of the management API (Presentation manager API ). However, one year after the project progressed, Microsoft's Windows 3.0 hit the market and became popular, so Microsoft changed its direction and used Windows NT as a substitute for Windows family products rather than OS/2. This is a critical moment for the rise of Windows APIs-before that, Windows APIs only exist as 16-bit programming interfaces. After Windows API introduced many functions that never appeared in Windows 3.1, Microsoft decided to make the new functions compatible with 16-bit Windows API functions in terms of name, syntax, and data type, in this way, the existing 16-bit windows application can be easily transplanted to Windows NT at any time. Therefore, the first contact with Windows APIs may wonder why many function names do not match interfaces, one of the reasons for this inconsistency is to ensure that Windows APIs are compatible with the old 16-bit windows APIs.

Services, functions, and routines

The term "service" has different meanings in Windows users and programming documents, and is also different in different contexts. For example, a service can be a routine that can be called in the operating system, a device driver, or a service process. The following list describes the meanings of some words in this book:

 

  • Windows APIFunction

Documented child routines in Windows APIs that can be called, such as CreateProcess, createfile, and getmessage.

  • Local System Service (or executor)) System Service)

Non-documented operating system-level services that can be called by the user layer. For example, ntcreateprocessex is called by the CreateProcess function to create a new process (for how to map windowsapi functions to local functions, see Chapter 3 "Operating System Service Distribution).

  •  Functions supported by the kernel

Only Windows operating system subroutines that can be called from the kernel state (described later in this section ). For example, exallocatepoolwithtag is a routine for allocating memory from the Windows operating system heap (known as the memory pool) that can be called by the device driver.

  • WindowsService

The process started by Windows Service Control Manager (although the registry defines a Windows Device Driver as a service, we do not think so in this book ). For example, the task calling service runs on a user-layer process to support at commands (similar to Unix at or cron commands ).

  • DLLs(Dynamic Link Library)

A set of binary files connected by callable child routines can be dynamically loaded by applications using these codes. For example, msvcrt. dll (C Runtime Library) and kernel32.dll (one of the Windows API subsystem libraries ). Windows user-mode components and applications use DLL in large quantities, and Windows ensures that even if a DLL is referenced by multiple applications, the DLL Code also has only one copy in the memory.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.