漫談兼容內(nèi)核之四

1、four:漫談兼容內(nèi)核之四：Talk compatible with the kernel of theKernel-win32 的進(jìn)程管理 Kernel-win32process management毛德操 Maud operation 由于進(jìn)程管理與對(duì)象管理不可分割，我在談?wù)?Kernel-win32 的對(duì)象管理時(shí) 也談到了一些有關(guān)進(jìn)程管理的內(nèi)容，例如對(duì) task_struct 數(shù)據(jù)結(jié)構(gòu)的擴(kuò)充，以 及對(duì) Linux 內(nèi)核有關(guān)代碼所打的補(bǔ)丁。 Process management and object management as an integral, Im talking about K

2、ernel-win32 the Object Management also mentioned something about when the process of managing content, such as the expansion of the task_struct data structure, as well as the relevant code of Linux kernel patch to play. 但是這還不夠，還需 要進(jìn)一步討論。 But that was not enough, you also need further discussion.對(duì)于任何

3、現(xiàn)代操作系統(tǒng)而言， 進(jìn)程 ( 線程 ) 管理都是一個(gè)十分重要的環(huán)節(jié)。 For any modern operating system, the process (thread) managementi s a very important part. Windows 與 Linux 在這方面恰恰有著相當(dāng)大的差異，有的是 概念上的，有的是實(shí)現(xiàn)細(xì)節(jié)上的： Windows and Linux is precisely in this area has considerable differences, some conceptual, some implementation details on:1

4、 1.在 Linux 內(nèi)核中，線程和進(jìn)程都是由 task_struct 數(shù)據(jù)結(jié)構(gòu)作為代表的。 In the Linux kernel, threads and processes are represented by a task_struct data structure in.一個(gè) task_struct 數(shù)據(jù)結(jié)構(gòu)所代表的實(shí)體，只要是與其父進(jìn)程共享同一用戶空間的就是線程； 否則，如果已經(jīng)“另 立門戶”、擁有自己的用戶空間，那就是進(jìn)程。 Represented by a task_struct data structure of the entities, as long as its pa

5、rent process share the same user space is the thread; Otherwise, if you have separate portal, has its own user space, that is the process.或者，如果換一種觀點(diǎn)，那就是進(jìn)程及其“第一個(gè)線程”是合一的，是同一回 事。 Or, if you change the view that process and the first thread is one, is the same thing.在 Linux 內(nèi)核中， task_struct 數(shù)據(jù)結(jié)構(gòu)就是進(jìn)程調(diào)度的單

6、位。 In the Linux kernel, task_struct data structure is the process of scheduling unit. 而在 Windows 中，則進(jìn)程與線程有不同 的數(shù)據(jù)結(jié)構(gòu)，只有代表著線程的數(shù)據(jù)結(jié)構(gòu)才是調(diào)度的單位，而代表著進(jìn)程的 數(shù)據(jù)結(jié)構(gòu)是被架空的， 沒(méi)有受調(diào)度運(yùn)行的權(quán)利。 In Windows,the process and thread has a different data structure, only the data structure representing the thread is the scheduling un

7、it, which represents aprocess data structure is sidelined, and not being scheduled to run right. 因此，所謂創(chuàng)建一個(gè) Windows 進(jìn)程，總是意味著創(chuàng)建一個(gè)進(jìn)程及其 “第一個(gè)線程”，以兩個(gè)不同數(shù)據(jù)結(jié)構(gòu)的組合作為代表。 Therefore, the so-called process of creating a Windows always meansc reating a process and the first thread to a combination of two different

8、data structures as the representative.進(jìn)程與線程是一對(duì)多的關(guān)系，這在Linux 中和 Windows 中都一樣，但是在 Linux 中這體現(xiàn)為一組 task_struct 數(shù)據(jù)結(jié)構(gòu)的“家屬樹(shù)”，邏輯上是層次結(jié)構(gòu)，實(shí)現(xiàn)上則是網(wǎng)狀 結(jié)構(gòu) ( 屬于同一進(jìn)程的同層線程之間也有鏈接 ) 。 Processes and threads is one to many relationship, which in Linux, and Windows, are the same, but in Linux, as reflected in a task_struct da

9、ta structure of the family tree, logic is the hierarchical structure, the realization is the mesh structure (the same process in the same layer is also the link between threads). 而在 Windows 中則體現(xiàn)為一個(gè)進(jìn)程結(jié)構(gòu)和多個(gè)線 程結(jié)構(gòu)，最自然的當(dāng)然是讓所有的線程排成一個(gè)隊(duì)列，并且都有指針指向其 所屬進(jìn)程的數(shù)據(jù)結(jié)構(gòu)。 In Windows,a process is reflected in the structur

10、e and the structure of multiple threads, the most natural course is to get all the threads arranged in a queue, and they have their own pointer to the process data structure.2 2.拋開(kāi)在結(jié)構(gòu)形態(tài)上的不同， Linux 的 task_struct 結(jié)構(gòu)也并不是簡(jiǎn)單地把 Windows 的進(jìn)程結(jié)構(gòu)和線程結(jié)構(gòu)加在一起。 Put aside the differences in morphology, Linuxs task_s

11、truct structure is not simply the process of the structure and the Windowst hread structure together. 有些成分在 Windows 的數(shù)據(jù)結(jié)構(gòu)中有，而在 task_struct 結(jié)構(gòu)中沒(méi)有，有 些則反過(guò)來(lái)。 Some components in the data structure in Windows, but not in the task_struct structure, while others in turn.3 3.兩個(gè)系統(tǒng)用于創(chuàng)建進(jìn)程 / 線程的系統(tǒng)調(diào)用在語(yǔ)義上有很大的區(qū)別。Th

12、e two systems used to create process / thread system call semantics are very different. 在 Linux 中，這首先是父進(jìn)程的“細(xì)胞分裂”，即分 裂成兩個(gè)線程， 然后如果子進(jìn)程另立門戶就又變成兩個(gè)進(jìn)程。 In Linux,this is primarily the parent process of cell division, that is split into two threads, and if the child process has become two separate processes

13、on the portal. 就是說(shuō)，創(chuàng)建線程是創(chuàng)建進(jìn)程的必經(jīng)之途。 That is, create a thread is created the way to go through the process.而在 Windows中，則創(chuàng)建進(jìn)程和創(chuàng)建線程是兩碼事，創(chuàng)建進(jìn)程的系統(tǒng)調(diào)用并不蘊(yùn)含著同時(shí) 創(chuàng)建其第一個(gè)線程。 In Windows,you create the process and create a thread are two different things, create the process contains the same system call does not cre

14、ate its first thread.4 4.進(jìn)程在兩個(gè)系統(tǒng)中的地位與權(quán)利有很大區(qū)別。 Process in the twosystems is very different status and rights.在 Linux 中每個(gè)進(jìn)程都有相當(dāng)?shù)莫?dú)立性， 有自己的“隱私”和“私有財(cái)產(chǎn)”， 而在 Windows 中一個(gè) 進(jìn)程甚至可以替另一個(gè)進(jìn)程創(chuàng)建一個(gè)線程。 In Linux, each process has considerable independence, have their own privacy and private property, a process in Windo

15、ws, you can even create a thread for another process.5 5.兩個(gè)系統(tǒng)在資源和權(quán)限的遺傳 / 繼承方面有很重要的區(qū)別。 Twosystems of genetic resources and authority / succession there are important differences.6 6. 兩個(gè)系統(tǒng)在調(diào)度策略和優(yōu)先級(jí)的設(shè)置方面也有區(qū)別。 The two systems in scheduling policy and priority setting are also different. 在 Linux 中，由于 tas

16、k_struct 是調(diào)度單位， 每個(gè)線程都可以有自己的調(diào)度策略和優(yōu) 先級(jí)。 In Linux, the task_struct is a scheduling unit, each thread can have its own scheduling policy and priority.而在 Windows 中，則首先是進(jìn)程一級(jí)的優(yōu)先級(jí)，然后是線程在同一進(jìn)程中的相對(duì)優(yōu)先級(jí)。 In Windows, the first priority of the process level, and then thread in the same process is the relative prio

17、rity.前者是一種水平的結(jié)構(gòu)，后者是一種層次的結(jié)構(gòu)。 The former is a horizontal structure, which is a hierarchical structure.7 7. 兩個(gè)系統(tǒng)在進(jìn)程間通信方面也有區(qū)別， 有的是名稱和實(shí)現(xiàn)細(xì)節(jié)的不同， 有的確有實(shí)質(zhì)的區(qū)別， 例如 Windows 的跨進(jìn)程復(fù)制 Handle ，就在 Linux 中 沒(méi)有對(duì)應(yīng)的機(jī)制。 Communication between the two systems are also in the process are different, somed ifferent namesa nd imp

18、lementation details, there is indeed a substantial difference between, for example, inter-process copy the Windows Handle, in Linux there is no corresponding mechanism.顯然，要在 Linux 內(nèi)核上運(yùn)行 Windows 軟件，就必須讓 Windows 線程借用 Linux 的 task_struct 數(shù)據(jù)結(jié)構(gòu)，否則就不能被調(diào)度運(yùn)行 ( 要不然就得大改 Linux 內(nèi)核中的 schedule() 了，這當(dāng)然是應(yīng)該避免的 ) 。 O

19、bviously, to run Windows software on the Linux kernel, it must borrow to Linux-Windows thread task_struct data structure, or can not be scheduled to run (or else have major changes in the Linux kernel in the schedule (), which of course should be avoided a). 這樣， 內(nèi)核中的 Windows 線程就成為 Linux 進(jìn)程 / 線 程的一個(gè)子

20、集，或者說(shuō)特殊的 Linux 進(jìn)程 / 線程。 In this way, the kernel Linux Windows threads to be process / thread in a subset, or a special Linux process / thread. 為此，為了在內(nèi)核中彌補(bǔ)上述的種種不同，首先當(dāng)然 要在 task_struct 結(jié)構(gòu)中增加一個(gè)指針 (Kernel-win32 使用 task_ornament 隊(duì)列 ) ，使其指向補(bǔ)充性的附加數(shù)據(jù)結(jié)構(gòu)。 To this end, in order to make up the core of the variou

21、s different, first of all, in the task_struct structure to add a pointer (Kernel-win32 using task_ornament queue), to point to the additional supplementary data structure. 同時(shí)，由于要在 Linux 內(nèi)核上運(yùn)行 Windows 線程，就有個(gè)如何確定一個(gè) Linux 進(jìn)程是否 Windows 線程的問(wèn)題。 Meanwhile, the Linux kernel to run on Windows thread, there i

22、s a how to determine whether the process of a Linux problem ofWindowst hreads. 當(dāng)然， 只要 task_struct 結(jié)構(gòu)中的附加數(shù)據(jù)結(jié)構(gòu)指針?lè)?0 、 或隊(duì)列非空，就說(shuō)明是個(gè) Windows 線程。 Of course, as long as the additional structure task_struct data structure pointer is not 0, or the queue is not empty, it shows a Windows thread.可是，什么時(shí)候?yàn)槠浞峙涓郊訑?shù)據(jù)

23、結(jié)構(gòu)并設(shè)置這個(gè)指針或隊(duì)列呢？ However, when additional data structures to assign and set the pointer or queue it? 顯然這里需要有個(gè)依據(jù)、有個(gè)手段。 It should be clear that there is a basis, there is a means.我們先看Kernel-win32 所采用的辦法。 We look at the Kernel-win32 methods used.Kernel-win32 要求所有 Windows 線程在初始化時(shí)都執(zhí)行一個(gè)系統(tǒng)調(diào)用 Win32Init() ，讓內(nèi)核

24、知道當(dāng)前線程是個(gè) Windows 線程。 Kernel-win32 requires that all Windows threads are executed in the initialization of a system call Win32Init (), let the kernel know that the current thread is a Windows thread. 這個(gè)系統(tǒng)調(diào)用是 Kernel-win32 加出來(lái)的， Windows 并 沒(méi)有這么一個(gè)系統(tǒng)調(diào)用。 This system call is the Kernel-win32 plus out, Windo

25、ws is not such a system call.我們先看這個(gè) Kernel-win32 系統(tǒng)調(diào)用的實(shí)現(xiàn)： We look at the Kernel-win32 system calls to achieve:int InitialiseWin32 ( struct WineThread *thread, struct WiocInitialiseWin32 * args )int InitialiseWin32 (struct WineThread *thread, struct WiocInitialiseWin32 * args) struct WineThreadConsDa

26、ta wtcd ; struct WineThreadConsData wtcd;/* allocate a Wine process object */ / * Allocate a Wine process object * /probj = AllocObject (& process_objclass,NULL,NULL ); probj = AllocObject (& process_objclass, NULL, NULL);/* allocate a Wine thread object */ / * Allocate a Wine thread object * /wtcd.

27、wtcd_task = current ; wtcd.wtcd_task = current;wtcd.wtcd_process = probj ; wtcd.wtcd_process = probj; throbj = AllocObject (& thread_objclass,NULL,&wtcd );throbj = AllocObject (& thread_objclass, NULL, & wtcd);return 0; return 0; /* end InitialiseWin32() */ / * End InitialiseWin32 () * /不妨假定這是個(gè)新創(chuàng)建的

28、Windows 進(jìn)程，從而當(dāng)前線程是這個(gè)進(jìn)程中的第一Windows process, so the 先為之分配和創(chuàng)建一。 Whom the first個(gè)線程。 May assume that this is a newly created current thread is the first thread in the process. 個(gè)進(jìn)程對(duì)象 ( 及其配套的 WineProcess 數(shù)據(jù)結(jié)構(gòu) ) distribution and create a process object (and its supporting WineProcess data structure). 代碼中的數(shù)據(jù)

29、結(jié)構(gòu) wtcd 只是個(gè)臨時(shí)用來(lái)傳遞信息的載體， 注意其成分 wtcd_task 設(shè)置成 current ，這就是指向當(dāng)前 task_struct 數(shù)據(jù) 結(jié)構(gòu)的指針。 Code the data structure used to pass wtcd just a temporary information carrier, pay attention to the ingredients wtcd_task set current, this is the point to the current task_struct data structure pointer. 顯然，對(duì)于新創(chuàng)建的 Wi

30、ndows 進(jìn)程，這個(gè)結(jié)構(gòu)中的 task_ornament 隊(duì) 列是空的，所以此刻的當(dāng)前進(jìn)程 ( 線程 ) 還是個(gè) Linux 進(jìn)程 ( 線程 ) 。Obviously, for the newly created Windows process, the structure task_ornament queue is empty, so at the moment of the current process (thread) or a Linux process (thread). 接著再分配和創(chuàng)建一個(gè)線程對(duì)象 ( 及 其配套的 WineThread 數(shù)據(jù)結(jié)構(gòu) ) 。 Redistrib

31、ution and then create a thread object (and its supporting WineThread data structure). 我們知道， 在創(chuàng)建對(duì)象的過(guò)程中要調(diào)用該類對(duì)象的構(gòu)建函數(shù)，對(duì)于線程對(duì)象就是 ThreadConstructor () ，我們?cè)僦販匾幌拢?We know that in the process of creating an object the object to call the class constructor, the thread object is ThreadConstructor (), let us remi

32、nd ourselves:static int ThreadConstructor (Object * obj , void *data) staticintThreadConstructor (Object * obj, void * data)struct WineThreadConsData * wtcd = data; struct WineThreadConsData * wtcd = data;thread- wt_task = wtcd - wtcd_task ; thread- wt_task = wtcd - wtcd_task;add_task_ornament (thre

33、ad- wt_task,&thread - wt_ornament ); add_task_ornament (thread- wt_task, & thread -wt_ornament);void add_task_ornament ( struct task_struct * tsk , struct task_ornament * orn ) void add_task_ornament (struct task_struct * tsk, struct task_ornament * orn) ornget ( orn ); ornget (orn);write_lock (& ts

34、k - alloc_lock ); write_lock (& tsk - alloc_lock);list_add_tail(& orn - to_list,&tsk-ornaments );list_add_tail (& orn - to_list, & tsk - ornaments);write_unlock (& tsk - alloc_lock ); write_unlock (& tsk- alloc_lock); /* end add_task_ornament () */ / * End add_task_ornament () * /顯然，正是 ThreadConstru

35、ctor () 把新進(jìn)程的第一個(gè)線程掛入了當(dāng)前 task_struct 結(jié)構(gòu)中的 task_ornament 隊(duì)列，使其變成非空， 從而使 Linux 進(jìn) 程 ( 線程 ) 變成了 Windows 線程。 Obviously, it is ThreadConstructor () the new process, the first thread linked into the current task_struct structure task_ornament queue, so that it becomes non-empty, so that the Linux process (t

36、hread) into a Windows thread.至于前面創(chuàng)建的進(jìn)程對(duì)象，那是通過(guò)另一個(gè)隊(duì)列跟其所有的線程串在一起的，與 task_struct 結(jié)構(gòu)并沒(méi)有 直接的連系， 這以前已經(jīng)講過(guò)了。 As for the process object created earlier, it is through another queue string with all its threads together, and task_struct structure and there is no direct link, which has previously been talked abo

37、ut. 而且，由于每個(gè)線程都有自己的 task_struct 數(shù)據(jù)結(jié)構(gòu)， 實(shí)際上每個(gè) Windows 線程都得在初始化時(shí)調(diào)用 Win32Init() 。 And, because each thread has its own task_struct data structure, virtually every Windows thread had to call in the initialization Win32Init (). Kernel-win32 似乎并沒(méi)有考慮“龍生龍，鳳生風(fēng)”式的遺傳。 Kernel-win32 does not seem to consider born

38、dragon, chicken born wind type of inheritance.以前講過(guò)，其實(shí) task_struct 數(shù)據(jù)結(jié)構(gòu)的 task_ornament 隊(duì)列中只有一個(gè) 線程，只不過(guò)屬于同一個(gè) Windows 進(jìn)程的所有線程都通過(guò)另一個(gè)隊(duì)列串在一起。Previously mentioned, in fact, the task_ornament task_struct data structure is only one thread in the queue, but belong to the same Windows process all threads are st

39、rung together via another queue.第一個(gè)線程與后續(xù)線程的區(qū)別只是：創(chuàng)建第一個(gè)線程時(shí)要?jiǎng)?chuàng)建新的進(jìn)程對(duì)象 ( 及其線程隊(duì) 列 ) ，同一進(jìn)程中后來(lái)創(chuàng)建的線程則不創(chuàng)建進(jìn)程對(duì)象，而只是找到其所屬的已 有進(jìn)程對(duì)象。 The first thread is the difference between the thread and follow-up: Create the first thread to create a new process object (and the thread queue), the same process to create the thr

40、ead was not to create process object, but only to find their own existing processes object.既然新進(jìn)程 ( 線程 ) 在創(chuàng)建之初時(shí)是 Linux 進(jìn)程，可想而知新進(jìn)程 ( 線 程 ) 的創(chuàng)建可以通過(guò) Linux 系統(tǒng)調(diào)用實(shí)現(xiàn)。 Since the new process (thread) when you create the beginning of the Linux process, imagine the new process (thread) creation can be achieved

41、through the Linux system calls.事實(shí)正是如此， Kernel-win32 并沒(méi)有實(shí)現(xiàn)創(chuàng)建進(jìn)程或線程的 Windows 系統(tǒng)調(diào)用， 而仍沿用 fork() 、 execve () 等等作為創(chuàng)建進(jìn)程或線程的手段。 Is exactly the fact, Kernel-win32 does not create a process or thread to achieve the Windows system calls, while still using fork (), execve (), etc. as a means to create process o

42、r thread. Kernel-win32代碼中的一些測(cè)試程序清楚地表明了這一點(diǎn)， 下面是測(cè)試程序 fivemutex.c 中的一些代碼。 Kernel-win32 code, some of the test program clearly demonstrated that, following the test program fivemutex.c some of the main () int main () int loop; int loop;for (loop=0; loop5; loop+) for (loop = 0; loop 0) while (wa

43、it (& loop) 0) return 0; return 0; int child ( int pid ) int child (int pid) HANDLE left, right, first, second; HANDLE left, right,first, second;const char * lname , * rname ; const char * lname, * rname;int count = 0; int count = 0;int wt; int wt;Win32Init (); Win32Init (); 這里，測(cè)試進(jìn)程的第一個(gè)線程通過(guò) Linux 系統(tǒng)

44、調(diào)用 fork() 創(chuàng)建出 5 個(gè)線 程，每個(gè)線程都執(zhí)行 child() 。 Here, the testing process, the first thread through the Linux system call fork () to create 5 threads, each thread execute child ().而所創(chuàng)建的每個(gè)線程，則都調(diào)用 Win32Init() ，使其自身變成 Windows 線程。 And each thread created, then all calls Win32Init (), it has turned itself into Wi

45、ndows threads. 有趣的是這里的第一個(gè)線程 main() 并沒(méi)有調(diào)用 Win32Init() ，這是因?yàn)樗傻谋M是 Linux 的事，所以并 不在乎。 It is interesting here is the first thread main () does not call Win32Init (), it is because it is Linux doing the things to do, so do not care. 在這種情況下， fork() 出來(lái)的第一個(gè)線程就成為“ Windows 進(jìn)程”的 第一個(gè)線程，即負(fù)有創(chuàng)建進(jìn)程對(duì)象的責(zé)任。 In this case

46、, fork () out of the first thread to be Windows process, the first thread, which bears the responsibility to create the process object.現(xiàn)在可以討論了。 Can now be discussed.首先是把對(duì)于 Win32Init() 的調(diào)用放在哪里。 The first is to the Win32Init () call on where it is.當(dāng)然不能放在 Windows 應(yīng)用軟件中，因?yàn)槟嵌际恰澳疽殉芍邸钡亩M(jìn)制可執(zhí)行映像。 Certainly n

47、ot on the Windows application software, because it is a done deal, the binary executable image. 比較可行的是放在某個(gè) DLL 中，最大的可能是放在 ntdll.dll 中。 Is more feasible on a DLL, the most likely place in ntdll.dll.然后是什么時(shí)候調(diào)用 Win32Init()。 What then is the time to callWin32Init (). 讀者可能會(huì)想，當(dāng)應(yīng)用軟件向下調(diào)用創(chuàng)建 Windows 進(jìn)程或線程 的時(shí)候，

48、在 ntdll.dll 中可以先調(diào)用 fork() ，再調(diào)用 Win32Init()。 Readersmay think that when calling down to create a Windows application software process or thread when the first call in ntdll.dll can fork (), then call Win32Init (). 然而這是錯(cuò)的，因?yàn)檎{(diào)用 fork() 的是父進(jìn)程 ( 線程 ) ，而需 要調(diào)用 Win32Init() 的是新創(chuàng)建出來(lái)的線程，這是兩碼事。 But this is wrong

49、 because the call to fork () is the parent process (thread), but need to call Win32Init () is a new creation out of the thread, this is two different things. 顯然，這里需要某種機(jī)制，雖然并非不能實(shí)現(xiàn)，卻也不是很簡(jiǎn)單。 Obviously, the need for some mechanism, although not impossible to achieve, but it is not very simple.事實(shí)上我們?cè)?ker

50、nel-win32 的代碼中尚未見(jiàn)到相應(yīng)的實(shí)現(xiàn)。 In fact we have the code in the kernel-win32 not yet seen the corresponding implementation.更重要的是，用 fork() 加 Win32Init() 是否能忠實(shí)地實(shí)現(xiàn) Windows 中那些創(chuàng)建進(jìn)程 / 線程系統(tǒng)調(diào)用的語(yǔ)義？ More importantly, with the fork () plus Win32Init () is to faithfully implement those created Windows process / threa

51、d semantics of system calls?為此，我們看一下兩個(gè) Windows 系統(tǒng)調(diào)用的函數(shù)定義。 To this end, we look at two Windows system calls the function definition.先看進(jìn)程的創(chuàng)建。 Look at the process of creation.CreateProcessA ( CreateProcessA (IN LPCSTR INLPCSTRlpApplicationName , lpApplicationName,IN LPSTR INLPSTRlpCommandLine , lpComma

52、ndLine,IN LPSECURITY_ATTRIBUTES IN LPSECURITY_ATTRIBUTES lpProcessAttributes , lpProcessAttributes,IN LPSECURITY_ATTRIBUTES INLPSECURITY_ATTRIBUTES lpThreadAttributes , lpThreadAttributes,IN BOOL INBOOLbInheritHandles , bInheritHandles,IN DWORD INDWORDdwCreationFlags , dwCreationFlags,IN LPVOID INLP

53、VOIDlpEnvironment , lpEnvironment,IN LPCSTR INLPCSTRlpCurrentDirectory , lpCurrentDirectory,IN LPSTARTUPINFOA INLPSTARTUPINFOA lpStartupInf o , lpStartupInfo,OUT LPPROCESS_INFORMATION OUT LPPROCESS_INFORMATIO N l p ProcessInformation lpProcessInformation); );這是 Win32 API 界面上的函數(shù)定義，所以是個(gè) DLL 函數(shù)，還不 是系統(tǒng)調(diào)

54、用。 This is the Win32 API function interface definition, it is a DLL function, not a system call. Windows系統(tǒng)調(diào)用的界面是不公開(kāi)的。Windows system call interface is not public.不過(guò)好在我們已經(jīng)有了ReactOS ，從 ReactOS 的代碼中可以看到這個(gè)系統(tǒng)調(diào)用的函數(shù)定義是： Luckily, we already have ReactOS, ReactOS code from the system can see the definition of

55、 the function call is:NtCreateProcess ( NtCreateProcess (OUT PHANDLE OUT PHANDLE ProcessHandle , ProcessHandle,IN ACCESS_MASK IN ACCESS_MASKDesiredAccess ,DesiredAccess,IN POBJECT_ATTRIBUTES IN POBJECT_ATTRIBUTES ObjectAttributes ObjectAttributesOPTIONAL, OPTIONAL,HANDLE ntProcess , ParentProcess,IN

56、 HANDLE INPareBOOLEANIN BOOLEAN INInheritObjectTable , InheritObjectTable,IN HANDLE INHANDLEionHandle SectionHandleOPTIONAL, OPTIONAL,SectIN HANDLE INHANDLEDebugPort DebugPort OPTIONAL, OPTIONAL,IN HANDLE INHANDLEptionPort ExceptionPortOPTIONAL OPTIONALExce) )詳細(xì)說(shuō)明這些參數(shù)的作用是件頗費(fèi)篇幅的事， 讀者可以自己閱讀 “ Windows

57、NT/2000 Native API Reference ”第六章中關(guān)于 ZwCreateProcess () 的說(shuō)明 ( ZwCreateProcess () 和 NtCreateProcess () 是同一個(gè)函數(shù)的兩 個(gè)名字，有的文獻(xiàn)說(shuō)在用戶空間叫 ZwCreateProcess () 、在內(nèi)核中叫 NtCreateProcess () 。 Detailed description of the role of these parameters is a space-consuming thing, readers can read it for himself Windows NT/2000 Native API Reference Chapter VI on ZwCreateProcess () Note (ZwCreateProcess () and NtCreateProcess () is a function of the same two names, and some literature that is called in user space ZwCreateProcess (), called in the