Windows2000 实现了一个对象模型,提供一种对许多内部服务的一致性,安全性的访问.
对象管理的设计是为了下面几个目标:
- Provide a common, uniform mechanism for using system resources
- Isolate object protection to one location in the operating system so that C2 security compliance can be achieved.
- Provide a mechanism to charge processes for their use of objects so that limits can be placed on the usage of system resources.
- Establish an object-naming scheme that can readily incorporate existing objects, such as the devices, files, and directories of a file system, or other independent collections of objects
- Support the requirements of various operating system environments, such as the ability of a process to inherit resources from a parent process (needed by Win32 and POSIX) and the ability to create case-sensitive filenames (needed by POSIX)
- Establish uniform rules for object retention (that is, keeping an object available until all processes have finished using it)
Windows2000有两种对象:可执行对象和内核对象.可执行对象是以许多可执行组件实现的(比如进程管理器,内存管理器,I/O子系统等)而内核对象是一个更原子的对象集合,是windows2000内何实现的.这些对象在用户模式下不可见,只用在可执行对象里面.内核对象提供了更基础的功能,像同步,可执行对象就是在同步基础上创建的.所有许多的可执行对象包含了或封装了一个或多个内核对象.
Figure 1 Executive objects that contain kernel objects
Executive Objects
Win32子系统用可执行对象发布自己的对象集合,大部分是可执行对象.比如,Win32 mutexes,semaphores就是直接在可执行对象上建立的.还有,Win32子系统提供了命名管道,一种资源以file对象(可执行对象)为基础.其他的子系统,像POSIX,不支持内核对象,POSIX用可执行对象和服务为基础,建立了POSIX风格的进程,管道和其他的资源.
Table 1 lists the primary objects the executive provides and briefly describes what they represent.
Table 1 Executive Objects Exposed to Win32
Object Type | Represents |
---|---|
Symbolic link | A mechanism for referring to an object name indirectly. |
Process | The virtual address space and control information necessary for the execution of a set of thread objects. |
Thread | An executable entity within a process. |
Job | A collection of processes manageable as a single entity through the job. |
Section | A region of shared memory (called a file mapping object in Win32). |
File | An instance of an opened file or an I/O device. |
Access token | The security profile (security ID, user rights, and so on) of a process or a thread |
Event | An object with a persistent state (signaled or not signaled) that can be used for synchronization or notification. |
Semaphore | A counter that provides a resource gate by allowing some maximum number of threads to access the resources protected by the semaphore. |
Mutex* | A synchronization mechanism used to serialize access to a resource. |
Timer | A mechanism to notify a thread when a fixed period of time elapses. |
IoCompletion | A method for threads to enqueue and dequeue notifications of the completion of I/O operations (called an I/O completion port in the Win32 API). |
Key | A mechanism to refer to data in the registry. Although keys appear in the object manager namespace, they are managed by the configuration manager, in a way similar to that in which file objects are managed by file system drivers. Zero or more key values are associated with a key object; key values contain data about the key. |
WindowStation | An object that contains a clipboard, a set of global atoms, and a group of desktop objects. |
Desktop | An object contained within a window station. A desktop has a logical display surface and contains windows, menus, and hooks. |
Object Structure
Figure 2 Structure of an object
图2显示了,每个对象都有一个对象头(object header)和一个对象体(object body).对象管理器控制着对象头,拥有对象的可执行组件控制着对象体.每个对象头都指向一个拥有对象的进程的链表,还有一个特殊的对象叫type object包含了对每个实例对象都有的信息.
对象管理器用存储在对象头里面的信息来管理对象,不管对象是什么类型的.
Table 3-4 briefly describes the object header attributes.
Table 3-4 Standard Object Header Attributes
Attribute | Purpose |
---|---|
Object name | Makes an object visible to other processes for sharing |
Object directory | Provides a hierarchical structure in which to store object names |
Security descriptor | Determines who can use the object and what they can do with it |
Quota charges | Lists the resource charges levied against a process when it opens a handle to the object |
Open handle count | Counts the number of times a handle has been opened to the object |
Open handles list | Points to the list of processes that have opened handles to the object |
Object type | Points to a type object that contains attributes common to objects of this type |
Reference count | Counts the number of times a kernel-mode component has referenced the address of the object |
每个对象还有了对象体(object body),它因不同对象类型而拥有不同的格式和内容.所有同类型对象共享同一个对象体格式.
Table 3 Generic Object Services
Service | Purpose |
---|---|
Close | Closes a handle to an object |
Duplicate | Shares an object by duplicating a handle and giving it to another process |
Query object | Gets information about an object's standard attributes |
Query security | Gets an object's security descriptor |
Set security | Changes the protection on an object |
Wait for a single object | Synchronizes a thread's execution with one object |
Wait for multiple objects | Synchronizes a thread's execution with multiple objects |
类型对象不能在用户模式下操作,因为对象管理器没有为他们提供服务.然而,一些属性是可以通过WIN32 API函数被调用的.类型对象的属性见下表
Table 3-6 Type Object Attributes
Attribute | Purpose |
---|---|
Type name | The name for objects of this type("process," "event," "port, " and so on) |
Pool type | Whether objects of this type should be allocated from paged or nonpaged memory |
Default quota | charges Default paged and nonpaged pool values to charge to process quotas |
Access types | The types of access a thread can request when opening a handle to an object of this type ("read," "write," "terminate," "suspend," and so on) |
Generic access rights mapping | A mapping between the four generic access rights (read, write, execute, and all) to the type-specific access rights |
Synchronization | Whether a thread can wait on objects of this type |
Methods | One or more routines that the object manager calls automatically at certain points in an object's lifetime |
The last attribute in Table 3-6, methods, comprises a set of internal routines that are similar to C++ constructors and destructors—that is, routines that are automatically called when an object is created or destroyed. The object manager extends this idea by calling an object method in other situations as well, such as when someone opens or closes a handle to an object or when someone attempts to change the protection on an object. Some object types specify methods, whereas others don't, depending on how the object type is to be used.
When an executive component creates a new object type, it can register one or more methods with the object manager. Thereafter, the object manager calls the methods at well-defined points in the lifetime of objects of that type, usually when an object is created, deleted, or modified in some way. The methods that the object manager supports are listed in Table 3-7.
Table 3-7 Object Methods
Method | When Method Is Called |
---|---|
Open | When an object handle is opened |
Close | When an object handle is closed |
Delete | Before the object manager deletes an object |
Query name | When a thread requests the name of an object, such as a file, that exists in a secondary object domain |
Parse | When the object manager is searching for an object name that exists in a secondary object domain |
Security | When a process reads or changes the protection of an object, such as a file, that exists in a secondary object domain |