2. 程式人生 > >程序建立過程分析NtCreateProcess-NtCreateProcessEx-PspCreateProcess

程序建立過程分析NtCreateProcess-NtCreateProcessEx-PspCreateProcess

阿新 發佈:2018-11-12

轉載自:http://www.blogfshare.com/createprocess-analyse.html

在核心中,windows建立一個程序的過程是從NtCreateProcess函式開始的。找到這個函式,發現它只是簡單地對引數稍作處理,然後把建立程序的任務交給NtCreateProcessEx函式。

NTSTATUS
NtCreateProcess(
    __out PHANDLE ProcessHandle,
    __in ACCESS_MASK DesiredAccess,
    __in_opt POBJECT_ATTRIBUTES ObjectAttributes,
    __in HANDLE ParentProcess,
    __in BOOLEAN InheritObjectTable,
    __in_opt HANDLE SectionHandle,
    __in_opt HANDLE DebugPort,
    __in_opt HANDLE ExceptionPort
    )
{
    ULONG Flags = 0;

    if ((ULONG_PTR)SectionHandle & 1) {
        Flags |= PROCESS_CREATE_FLAGS_BREAKAWAY;
    }

    if ((ULONG_PTR) DebugPort & 1) {
        Flags |= PROCESS_CREATE_FLAGS_NO_DEBUG_INHERIT;
    }

    if (InheritObjectTable) {
        Flags |= PROCESS_CREATE_FLAGS_INHERIT_HANDLES;
    }

    return NtCreateProcessEx (ProcessHandle,
                              DesiredAccess,
                              ObjectAttributes OPTIONAL,
                              ParentProcess,
                              Flags,
                              SectionHandle,
                              DebugPort,
                              ExceptionPort,
                              0);
}

所以我們來看NtCreateProcessEx函式的流程。它也只是簡單地檢查ProcessHandle引數代表的控制代碼是否可寫,ParentProcess是否不為空,這是個必需的引數,不能為NULL,並且呼叫者必須對該程序具有PROCESS_CREATE_PROCESS訪問許可權。真正的建立工作交給PspCreateProcess函式。

NtCreateProcessEx(
    __out PHANDLE ProcessHandle,
    __in ACCESS_MASK DesiredAccess,
    __in_opt POBJECT_ATTRIBUTES ObjectAttributes,
    __in HANDLE ParentProcess,
    __in ULONG Flags,
    __in_opt HANDLE SectionHandle,
    __in_opt HANDLE DebugPort,
    __in_opt HANDLE ExceptionPort,
    __in ULONG JobMemberLevel
    )

{
    NTSTATUS Status;

    PAGED_CODE();

    if (KeGetPreviousMode() != KernelMode) {

        try {
            ProbeForWriteHandle (ProcessHandle);
        } except (EXCEPTION_EXECUTE_HANDLER) {
            return GetExceptionCode ();
        }
    }

    if (ARGUMENT_PRESENT (ParentProcess)) {
        Status = PspCreateProcess (ProcessHandle,
                                   DesiredAccess,
                                   ObjectAttributes,
                                   ParentProcess,
                                   Flags,
                                   SectionHandle,
                                   DebugPort,
                                   ExceptionPort,
                                   JobMemberLevel);
    } else {
        Status = STATUS_INVALID_PARAMETER;
    }

    return Status;
}

下面來看看PspCreateProcess 的執行流程。

1.   if (ARGUMENT_PRESENT (ParentProcess)) {

       //如果ParentProcess不為空,則通過ObReferenceObjectByHandle 獲得父程序物件的EPROCESS指標,放在區域性變數Parent。
       Status = ObReferenceObjectByHandle (ParentProcess,
                                           PROCESS_CREATE_PROCESS,
                                           PsProcessType,
                                           PreviousMode,
                                           &Parent,
                                           NULL);
       if (!NT_SUCCESS (Status)) {
           return Status;
       }

       if (JobMemberLevel != 0 && Parent->Job == NULL) {
           ObDereferenceObject (Parent);
           return STATUS_INVALID_PARAMETER;
       }

        //獲得父程序Affinity設定。

       Affinity = Parent->Pcb.Affinity;

       新程序的工作集最大/最小值被初始化為全域性變數。
       WorkingSetMinimum = PsMinimumWorkingSet;
       WorkingSetMaximum = PsMaximumWorkingSet;

   } else {

       Parent = NULL;

       //Affinity設定為全域性變數KeActiveProcessors,系統中當前的可用處理器。
       Affinity = KeActiveProcessors;
       WorkingSetMinimum = PsMinimumWorkingSet;
       WorkingSetMaximum = PsMaximumWorkingSet;
   }

2.呼叫ObCreateObject 建立一個型別為PsProcessType的核心物件,置於區域性變數Process中,物件體為EPROCESS

Status = ObCreateObject (PreviousMode,
                            PsProcessType,
                            ObjectAttributes,
                            PreviousMode,
                            NULL,
                            sizeof (EPROCESS),
                            0,
                            0,
                            &Process);

   if (!NT_SUCCESS (Status)) {
       goto exit_and_deref_parent;
   }

3.把Process置0,並初始化部分成員。

RtlZeroMemory (Process, sizeof(EPROCESS));

//初始化程序的引用計數
    ExInitializeRundownProtection (&Process->RundownProtect);

//初始化程序鎖
    PspInitializeProcessLock (Process);

//初始化程序的執行緒連結串列
    InitializeListHead (&Process->ThreadListHead);

#if defined(_WIN64)

    if (Flags & PROCESS_CREATE_FLAGS_OVERRIDE_ADDRESS_SPACE) {
        PS_SET_BITS (&Process->Flags, PS_PROCESS_FLAGS_OVERRIDE_ADDRESS_SPACE);
    }

#endif

//繼承資源配額

    PspInheritQuota (Process, Parent);

//繼承父程序的裝置點陣圖
    ObInheritDeviceMap (Process, Parent);
    if (Parent != NULL) {

//繼承父程序
        Process->DefaultHardErrorProcessing = Parent->DefaultHardErrorProcessing;

//儲存父程序PID
        Process->InheritedFromUniqueProcessId = Parent->UniqueProcessId;

    } else {
        Process->DefaultHardErrorProcessing = PROCESS_HARDERROR_DEFAULT;
        Process->InheritedFromUniqueProcessId = NULL;
    }

4.判斷SectionHandle是否為空

if (ARGUMENT_PRESENT (SectionHandle)) {

   //不為空,ObReferenceObjectByHandle 獲取記憶體區物件的指標
    Status = ObReferenceObjectByHandle (SectionHandle,
                                        SECTION_MAP_EXECUTE,
                                        MmSectionObjectType,
                                        PreviousMode,
                                        &SectionObject,
                                        NULL);
    if (!NT_SUCCESS (Status)) {
        goto exit_and_deref;
    }

} else {
    SectionObject = NULL;

//父程序不為系統程序
    if (Parent != PsInitialSystemProcess) {

//acquire run-down protection on a shared object so the caller can safely access the object

        if (ExAcquireRundownProtection (&Parent->RundownProtect)) {

//繼承自父程序
            SectionObject = Parent->SectionObject;
            if (SectionObject != NULL) {
                ObReferenceObject (SectionObject);
            }

//減少引用計數

            ExReleaseRundownProtection (&Parent->RundownProtect);
        }

        if (SectionObject == NULL) {
            Status = STATUS_PROCESS_IS_TERMINATING;
            goto exit_and_deref;
        }
    }
}

Process->SectionObject = SectionObject;

新程序物件的記憶體區物件已經完成初始化。

5.初始化DebugPort引數。

if (ARGUMENT_PRESENT (DebugPort)) {
        Status = ObReferenceObjectByHandle (DebugPort,
                                            DEBUG_PROCESS_ASSIGN,
                                            DbgkDebugObjectType,
                                            PreviousMode,
                                            &DebugPortObject,
                                            NULL);

        if (!NT_SUCCESS (Status)) {
            goto exit_and_deref;
        }

        Process->DebugPort = DebugPortObject;
        if (Flags&PROCESS_CREATE_FLAGS_NO_DEBUG_INHERIT) {
            PS_SET_BITS (&Process->Flags, PS_PROCESS_FLAGS_NO_DEBUG_INHERIT);
        }

    } else {
        if (Parent != NULL) {
            DbgkCopyProcessDebugPort (Process, Parent);
        }
    }

6.初始化ExceptionPort引數。

if (ARGUMENT_PRESENT (ExceptionPort)) {
        Status = ObReferenceObjectByHandle (ExceptionPort,
                                            0,
                                            LpcPortObjectType,
                                            PreviousMode,
                                            &ExceptionPortObject,
                                            NULL);

        if (!NT_SUCCESS (Status)) {
            goto exit_and_deref;
        }

        Process->ExceptionPort = ExceptionPortObject;
    }

    Process->ExitStatus = STATUS_PENDING;

7.建立地址空間。

if (Parent != NULL) {
    //建立一個全新的地址空間

    if (!MmCreateProcessAddressSpace (WorkingSetMinimum,
                                      Process,
                                      &DirectoryTableBase[0])) {

        Status = STATUS_INSUFFICIENT_RESOURCES;
        goto exit_and_deref;
    }

} else {

//否則新程序控制代碼表指向當前程序控制代碼表
    Process->ObjectTable = CurrentProcess->ObjectTable;
    //利用空閒執行緒的地址空間來初始化新程序的地址空間

    Status = MmInitializeHandBuiltProcess (Process, &DirectoryTableBase[0]);
    if (!NT_SUCCESS (Status)) {
        goto exit_and_deref;
    }
}

PS_SET_BITS (&Process->Flags, PS_PROCESS_FLAGS_HAS_ADDRESS_SPACE);
Process->Vm.MaximumWorkingSetSize = WorkingSetMaximum;

8.初始化新程序物件的基本優先順序、Affinity、程序頁表目錄和超空間的頁幀號。

KeInitializeProcess (&Process->Pcb,
                        NORMAL_BASE_PRIORITY,
                        Affinity,
                        &DirectoryTableBase[0],
                        (BOOLEAN)(Process->DefaultHardErrorProcessing & PROCESS_HARDERROR_ALIGNMENT_BIT));

9.初始化新程序的安全屬性。

Status = PspInitializeProcessSecurity (Parent, Process);
   if (!NT_SUCCESS (Status)) {
       goto exit_and_deref;
   }

10.設定新程序優先順序。

Process->PriorityClass = PROCESS_PRIORITY_CLASS_NORMAL;
   if (Parent != NULL) {
       if (Parent->PriorityClass == PROCESS_PRIORITY_CLASS_IDLE ||
           Parent->PriorityClass == PROCESS_PRIORITY_CLASS_BELOW_NORMAL) {

//拷貝父程序的優先順序
           Process->PriorityClass = Parent->PriorityClass;
       }
       //如果引數中包含了控制代碼繼承標誌,則把父程序控制代碼表中凡是具有繼承屬性的物件拷貝到新程序控制代碼表中。

       Status = ObInitProcess ((Flags&PROCESS_CREATE_FLAGS_INHERIT_HANDLES) ? Parent : NULL,
                               Process);

       if (!NT_SUCCESS (Status)) {
           goto exit_and_deref;
       }

   } else {
       Status = MmInitializeHandBuiltProcess2 (Process);
       if (!NT_SUCCESS (Status)) {
           goto exit_and_deref;
       }
   }

   Status = STATUS_SUCCESS;
   SavedStatus = STATUS_SUCCESS;

11.初始化新程序的地址空間

if (SectionHandle != NULL) {

//新程序有新的可執行映像記憶體區物件,根據指定的記憶體區物件來初始化程序地址空間。

       Status = MmInitializeProcessAddressSpace (Process,
                                                 NULL,
                                                 SectionObject,
                                                 &Flags,
                                                 &(Process->SeAuditProcessCreationInfo.ImageFileName));

       if (!NT_SUCCESS (Status)) {
           goto exit_and_deref;
       }

       SavedStatus = Status;
       CreatePeb = TRUE;
       UseLargePages = ((Flags & PROCESS_CREATE_FLAGS_LARGE_PAGES) != 0 ? TRUE : FALSE);

   } else if (Parent != NULL) {
       if (Parent != PsInitialSystemProcess) {

//根據父程序來初始化程序地址空間,並把父程序的映像名稱拷貝到新程序物件的資料結構中。
           Process->SectionBaseAddress = Parent->SectionBaseAddress;

           Status = MmInitializeProcessAddressSpace (Process,
                                                     Parent,
                                                     NULL,
                                                     &Flags,
                                                     NULL);

           if (!NT_SUCCESS (Status)) {
               goto exit_and_deref;
           }

           CreatePeb = TRUE;
           UseLargePages = ((Flags & PROCESS_CREATE_FLAGS_LARGE_PAGES) != 0 ? TRUE : FALSE);
         

           if (Parent->SeAuditProcessCreationInfo.ImageFileName != NULL) {
               ImageFileNameSize = sizeof(OBJECT_NAME_INFORMATION) +
                                   Parent->SeAuditProcessCreationInfo.ImageFileName->Name.MaximumLength;

               Process->SeAuditProcessCreationInfo.ImageFileName =
                   ExAllocatePoolWithTag (PagedPool,
                                          ImageFileNameSize,
                                          ‘aPeS’);

               if (Process->SeAuditProcessCreationInfo.ImageFileName != NULL) {
                   RtlCopyMemory (Process->SeAuditProcessCreationInfo.ImageFileName,
                                  Parent->SeAuditProcessCreationInfo.ImageFileName,
                                  ImageFileNameSize);

 

                   Process->SeAuditProcessCreationInfo.ImageFileName->Name.Buffer =
                       (PUSHORT)(((PUCHAR) Process->SeAuditProcessCreationInfo.ImageFileName) +
                       sizeof(UNICODE_STRING));

               } else {
                   Status = STATUS_INSUFFICIENT_RESOURCES;
                   goto exit_and_deref;
               }
           }

       } else {

          //系統程序,不指定記憶體區和父程序,直接初始化,同樣拷貝父程序的映像名稱到新程序物件的資料結構中。

           Flags &= ~PROCESS_CREATE_FLAGS_ALL_LARGE_PAGE_FLAGS;
           Status = MmInitializeProcessAddressSpace (Process,
                                                     NULL,
                                                     NULL,
                                                     &Flags,
                                                     NULL);

           if (!NT_SUCCESS (Status)) {
               goto exit_and_deref;
           }

 

           Process->SeAuditProcessCreationInfo.ImageFileName =
               ExAllocatePoolWithTag (PagedPool,
                                      sizeof(OBJECT_NAME_INFORMATION),
                                      ‘aPeS’);

           if (Process->SeAuditProcessCreationInfo.ImageFileName != NULL) {
               RtlZeroMemory (Process->SeAuditProcessCreationInfo.ImageFileName,
                              sizeof(OBJECT_NAME_INFORMATION));
           } else {
               Status = STATUS_INSUFFICIENT_RESOURCES;
               goto exit_and_deref;
           }
       }
   }

還有第四種可能性,即沒有指定映像記憶體區物件,也沒有指定父程序。這對應於系統的引導程序(後蛻化成空閒程序),它的地址空間是在MmInitSystem執行過程中初始化的,由MiInitMachineDependent函式呼叫MmInitializeProcessAddressSpace來完成。

12.建立程序ID。利用ExCreateHandle函式在CID控制代碼表中建立一個程序ID項。

CidEntry.Object = Process;
   CidEntry.GrantedAccess = 0;
   Process->UniqueProcessId = ExCreateHandle (PspCidTable, &CidEntry);
   if (Process->UniqueProcessId == NULL) {
       Status = STATUS_INSUFFICIENT_RESOURCES;
       goto exit_and_deref;
   }

   ExSetHandleTableOwner (Process->ObjectTable, Process->UniqueProcessId);

13.審計建立行為

if (SeDetailedAuditingWithToken (NULL)) {
       SeAuditProcessCreation (Process);
   }

14.如果父程序屬於一個作業物件,則也加入到父程序所在的作業中。

if (Parent) {
        Job = Parent->Job;
        if (Job != NULL && !(Job->LimitFlags & JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK)) {
            if (Flags&PROCESS_CREATE_FLAGS_BREAKAWAY) {
                if (!(Job->LimitFlags & JOB_OBJECT_LIMIT_BREAKAWAY_OK)) {
                    Status = STATUS_ACCESS_DENIED;

                } else {
                    Status = STATUS_SUCCESS;
                }

            } else {
                Status = PspGetJobFromSet (Job, JobMemberLevel, &Process->Job);
                if (NT_SUCCESS (Status)) {
                    PACCESS_TOKEN Token, NewToken;
                    Job = Process->Job;
                    Status = PspAddProcessToJob (Job, Process);

 

                    Token = Job->Token;
                    if (Token != NULL) {
                        Status = SeSubProcessToken (Token,
                                                    &NewToken,
                                                    FALSE,
                                                    Job->SessionId);

                        if (!NT_SUCCESS (Status)) {
                            goto exit_and_deref;
                        }

                        SeAssignPrimaryToken (Process, NewToken);    
                        ObDereferenceObject (NewToken);                    
                    }
                }
            }

            if (!NT_SUCCESS (Status)) {
                goto exit_and_deref;
            }
        }
    }

15.對於通過映像記憶體區來建立程序的情形,建立一個PEB,對於程序拷貝的情況,則使用繼承的PEB。

if (Parent && CreatePeb) {

        RtlZeroMemory (&InitialPeb, FIELD_OFFSET(INITIAL_PEB, Mutant));

        InitialPeb.Mutant = (HANDLE)(-1);
        InitialPeb.ImageUsesLargePages = (BOOLEAN) UseLargePages;
            
        if (SectionHandle != NULL) {
            Status = MmCreatePeb (Process, &InitialPeb, &Process->Peb);
            if (!NT_SUCCESS (Status)) {
                Process->Peb = NULL;
                goto exit_and_deref;
            }

            Peb =  Process->Peb;

        } else {
            SIZE_T BytesCopied;

            InitialPeb.InheritedAddressSpace = TRUE;
            Process->Peb = Parent->Peb;
            MmCopyVirtualMemory (CurrentProcess,
                                 &InitialPeb,
                                 Process,
                                 Process->Peb,
                                 sizeof (INITIAL_PEB),
                                 KernelMode,
                                 &BytesCopied);

#if defined(_WIN64)
            if (Process->Wow64Process != NULL) {
                
                RtlZeroMemory (&InitialPeb32, FIELD_OFFSET(INITIAL_PEB32, Mutant));
                InitialPeb32.Mutant = -1;
                InitialPeb32.InheritedAddressSpace = TRUE;
                InitialPeb32.ImageUsesLargePages = (BOOLEAN) UseLargePages;

                MmCopyVirtualMemory (CurrentProcess,
                                     &InitialPeb32,
                                     Process,
                                     Process->Wow64Process->Wow64,
                                     sizeof (INITIAL_PEB32),
                                     KernelMode,
                                     &BytesCopied);
            }
#endif

        }
    }

    Peb = Process->Peb;

16.把新程序加入全域性的程序連結串列中。PsActiveProcessHead

PspLockProcessList (CurrentThread);
   InsertTailList (&PsActiveProcessHead, &Process->ActiveProcessLinks);
   PspUnlockProcessList (CurrentThread);
   AccessState = NULL;
   if (!PsUseImpersonationToken) {
       AccessState = &LocalAccessState;
       Status = SeCreateAccessStateEx (NULL,
                                       (Parent == NULL || Parent != PsInitialSystemProcess)?
                                          PsGetCurrentProcessByThread (CurrentThread) :
                                          PsInitialSystemProcess,
                                       AccessState,
                                       &AuxData,
                                       DesiredAccess,
                                       &PsProcessType->TypeInfo.GenericMapping);
       if (!NT_SUCCESS (Status)) {
           goto exit_and_deref;
       }
   }

17.把新程序物件插入到當前程序的控制代碼表中。

Status = ObInsertObject (Process,
                             AccessState,
                             DesiredAccess,
                             1,     // bias the refcnt by one for future process manipulations
                             NULL,
                             &LocalProcessHandle);

    if (AccessState != NULL) {
        SeDeleteAccessState (AccessState);
    }

    if (!NT_SUCCESS (Status)) {
        goto exit_and_deref_parent;
    }

18.計算新程序的優先順序和時限重置值,設定記憶體優先順序。

ASSERT(IsListEmpty(&Process->ThreadListHead) == TRUE);

   BasePriority = PspComputeQuantumAndPriority(Process,
                                               PsProcessPriorityBackground,
                                               &QuantumReset);

   Process->Pcb.BasePriority = (SCHAR)BasePriority;
   Process->Pcb.QuantumReset = QuantumReset;

19。設定程序的訪問許可權,GrantedAccess。由於新程序已經被加入到控制代碼表中,所以它現在能夠被終止了(PROCESS_TERMINATE)。有父程序,但不是PsInitialialSystemProcess,首先執行訪問檢查,然後計算程序的訪問許可權。如果是PsInitialialSystemProcess的子程序,則授予所有的訪問許可權。

Process->GrantedAccess = PROCESS_TERMINATE;
   if (Parent && Parent != PsInitialSystemProcess) {
       Status = ObGetObjectSecurity (Process,
                                     &SecurityDescriptor,
                                     &MemoryAllocated);

       if (!NT_SUCCESS (Status)) {
           ObCloseHandle (LocalProcessHandle, PreviousMode);
           goto exit_and_deref;

       SubjectContext.ProcessAuditId = Process;
       SubjectContext.PrimaryToken = PsReferencePrimaryToken(Process);
       SubjectContext.ClientToken = NULL;
       AccessCheck = SeAccessCheck (SecurityDescriptor,
                                    &SubjectContext,
                                    FALSE,
                                    MAXIMUM_ALLOWED,
                                    0,
                                    NULL,
                                    &PsProcessType->TypeInfo.GenericMapping,
                                    PreviousMode,
                                    &Process->GrantedAccess,
                                    &accesst);

       PsDereferencePrimaryTokenEx (Process, SubjectContext.PrimaryToken);
       ObReleaseObjectSecurity (SecurityDescriptor,
                                MemoryAllocated);

       if (!AccessCheck) {
           Process->GrantedAccess = 0;
       }

       Process->GrantedAccess |= (PROCESS_VM_OPERATION |
                                  PROCESS_VM_READ |
                                  PROCESS_VM_WRITE |
                                  PROCESS_QUERY_INFORMATION |
                                  PROCESS_TERMINATE |
                               

相關推薦

程序建立過程分析NtCreateProcess-NtCreateProcessEx-PspCreateProcess

轉載自:http://www.blogfshare.com/createprocess-analyse.html 在核心中,windows建立一個程序的過程是從NtCreateProcess函式開始的。找到這個函式,發現它只是簡單地對引數稍作處理,然後把建立程序的任務交給NtCreateProc

Linux下程序建立過程分析(_do_fork/do_fork詳解)--Linux程序的管理與排程(八)

前言 Unix標準的複製程序的系統呼叫時fork(即分叉),但是Linux,BSD等作業系統並不止實現這一個,確切的說linux實現了三個,fork,vfork,clone(確切說vfork創造出來的是輕量級程序,也叫執行緒,是共享資源的程序

Linux核心建立一個程序過程分析

不管在什麼系統中,所有的任務都是以程序為載體的,所以理解程序的建立對於理解作業系統的原理是非常重要的,本文是我在學習linux核心中所做的筆記,如有錯誤還請大家批評指正。注:我所閱讀的核心版本是0.11。 一、關於PCB 對於一個程序來說,PCB就好像是他的

Android原始碼解析之應用程式資源管理器(Asset Manager)的建立過程分析

轉載自:https://blog.csdn.net/luoshengyang/article/details/8791064 我們分析了Android應用程式資源的編譯和打包過程,最終得到的應用程式資源就與應用程式程式碼一起打包在一個APK檔案中。Android應用程式在執行的過程中,是通過一個

作業系統中的fork()函式對應的程序建立過程

一、fork入門知識      一個程序,包括程式碼、資料和分配給程序的資源。fork()函式通過系統呼叫建立一個與原來程序幾乎完全相同的程序, 也就是兩個程序可以做完全相同的事,但如果初始引數或者傳入的變數不同,兩個程序也可以做不同的事。  

轉自 老羅 Android應用程式資源管理器(Asset Manager)的建立過程分析

原文地址在 http://blog.csdn.net/luoshengyang/article/details/8791064 原創老羅,轉載請說明     在前面一篇文章中,我們分析了Android應用程式資源的編譯和打包過程,最終得到的應用程式資源就與

Android Activity應用視窗的建立過程分析

前言 所謂的視窗(Window)就是一個顯示在手機螢幕上視覺化檢視的一片區域。在Android中視窗是一個抽象的概念,每一個Activity就對應著一個視窗,而所有的視窗都是由檢視(View)來呈現,而我們知道View構成的一個樹形結構的檢視就組成了一個Activity的介面了。在Android

Linux idle程序建立過程(kernel 4.14)

idle程序是核心建立的第一個程序,也常常被叫做swapper 程序: asmlinkage __visible void __init start_kernel(void) { char *command_line; char *after_dashes;

OkHttp3的連線池及連線建立過程分析

如我們前面在 OkHttp3 HTTP請求執行流程分析 中的分析,OkHttp3通過Interceptor鏈來執行HTTP請求,整體的執行過程大體如下: OkHttp Flow 這些Interceptor中每一個的職責,這裡不再贅述。 在OkHttp3中,Str

Android應用程式視窗(Activity)的執行上下文環境(Context)的建立過程分析

                        在前文中,我們簡要介紹了Android應用程式視窗的框架。Android應用程式視窗在執行的過程中,需要訪問一些特定的資源或者類。這些特定的資源或者類構成了Android應用程式的執行上下文環境,Android應用程式視窗可以通過一個Context介面來訪問它,

webrtc 點對點會話建立過程分析

關於 webrtc 建立點對點連線的文章很多,其中都提到了如何利用 stun 伺服器獲取本機的公網地址,本文側重區域網(兩臺裝置之間可以直接 ping 通)下webrtc 點對點連線建立問題分析。 1.區域網內連線建立過程 瞭解過 webrtc 的都知道,要在公

Android應用程式視窗(Activity)的檢視物件(View)的建立過程分析

       從前文可知道,每一個Activity元件都有一個關聯的Window物件,用來描述一個應用程式視窗。每一個應用程式視窗內部又包含有一個View物件,用來描述應用程式視窗的檢視。應用程式視窗檢視是真正用來實現UI內容和佈局的,也就是說,每一個Activity元件的U

程序建立過程詳解 CreateProcess

1 BOOL 2 WINAPI 3 CreateProcessW( 4 LPCWSTR lpApplicationName, 5 LPWSTR lpCommandLine, 6 LPSECURITY_ATTRIBUTES lpProce

Android AMS(五) Activity的檢視物件(View)的建立過程分析

從Android AMS(四) Activity的視窗物件(Window)的建立過程分析知道,每一個Activity元件都有一個關聯的Window物件,用來描述一個應用程式視窗。每一個應用程式視窗內部又包含有一個View物件,用來描述應用程式視窗的檢視。應用程式視窗檢視是真正用來實現UI內容和佈局的

Android AMS(四) Activity的視窗物件(Window)的建立過程分析

在Android AMS(二) App啟動過程之onCreate中講到,在activity到onCreate狀態前,會呼叫Activity.java-->attach()方法 final void attach(Context context, ActivityThread aTh

Android應用程式視窗(Activity)的視窗物件(Window)的建立過程分析

       在前文中,我們分析了Android應用程式視窗的執行上下文環境的建立過程。由此可知,每一個Activity元件都有一個關聯的ContextImpl物件,同時,它還關聯有一個Window物件,用來描述一個具體的應用程式視窗。由此又可知,Activity只不過是一個

Chromium硬體加速渲染的OpenGL上下文繪圖表面建立過程分析

       GPU命令需要在OpenGL上下文中執行。每一個OpenGL上下文都關聯有一個繪圖表面,GPU命令就是作用在繪圖表面上的。不同用途的OpenGL上下文關聯的繪圖表面不一樣,例如用於離屏渲染的OpenGL上下文關聯的繪圖表面可以用Pbuffer描述,而用於螢幕渲染

Linux程序啟動過程分析do_execve(可執行程式的載入和執行)---Linux程序的管理與排程(十一)

execve系統呼叫 execve系統呼叫 我們前面提到了, fork, vfork等複製出來的程序是父程序的一個副本, 那麼如何我們想載入新的程式, 可以通過execve來載入和啟動新的程式。 x86架構下, 其實還實現了一個

Chromium網頁Layer Tree建立過程分析

       在Chromium中,WebKit會建立一個Graphics Layer Tree描述網頁。Graphics Layer Tree是和網頁渲染相關的一個Tree。網頁渲染最終由Chromium的CC模組完成,因此CC模組又會根據Graphics Layer Tr

MyBatis執行原理(二)SqlSession物件建立過程分析

在上一篇博文中分析了SqlSessionFactory物件建立的過程,有了SqlSessionFactory物件工廠就可以建立SqlSession了,下面就來具體分析一下SqlSession物件建立