Windows internals /
See how the core components of the Windows operating system work behind the scenes--guided by a team of internationally renowned internals experts. Fully updated for Windows Server(R) 2008 and Windows Vista(R), this classic guide delivers key architectural insights on system design, debugging, perfo...
Saved in:
| Main Author: | |
|---|---|
| Corporate Author: | |
| Other Authors: | , , |
| Format: | Electronic eBook |
| Language: | English |
| Published: |
Redmond, Wash. :
Microsoft Press,
©2009.
|
| Edition: | 5th ed. |
| Subjects: | |
| Online Access: | CONNECT |
MARC
| LEADER | 00000cam a2200000Ia 4500 | ||
|---|---|---|---|
| 001 | in00006040761 | ||
| 006 | m o d | ||
| 007 | cr cnu---auuuu | ||
| 008 | 091028s2009 wauac ob 101 0 eng d | ||
| 005 | 20220718132414.3 | ||
| 035 | |a 1WRLDSHRocn460637182 | ||
| 040 | |a UMI |b eng |e pn |c UMI |d OCLCQ |d NRC |d CEF |d OCLCQ |d DEBSZ |d YUS |d B24X7 |d OCLCQ |d OCLCA |d OCLCF |d OCLCQ |d OCLCA |d UAB |d AU@ |d OCLCQ |d OCLCO |d INARC |d CZL |d OCLCO | ||
| 019 | |a 490995708 |a 781260396 |a 1044298971 |a 1056354197 |a 1060793443 |a 1074328074 |a 1295604991 |a 1300574195 | ||
| 020 | |z 9780735625303 | ||
| 020 | |z 0735625301 | ||
| 020 | |a 0735636060 | ||
| 020 | |a 9780735636064 | ||
| 020 | |a 0735637962 | ||
| 020 | |a 9780735637962 | ||
| 024 | 7 | |a CL0500000051 |2 stock-number | |
| 035 | |a (OCoLC)460637182 |z (OCoLC)490995708 |z (OCoLC)781260396 |z (OCoLC)1044298971 |z (OCoLC)1056354197 |z (OCoLC)1060793443 |z (OCoLC)1074328074 |z (OCoLC)1295604991 |z (OCoLC)1300574195 | ||
| 037 | |a CL0500000051 |b Safari Books Online | ||
| 050 | 4 | |a QA76.76.W56 |b P55 2009 ebook | |
| 082 | 0 | 4 | |a 005.4/32 |2 22 |
| 049 | |a TXMM | ||
| 100 | 1 | |a Russinovich, Mark E. | |
| 245 | 1 | 0 | |a Windows internals / |c Mark E. Russinovich, David A. Solomon ; with Alex Ionescu. |
| 246 | 3 | |a Microsoft Windows internals | |
| 250 | |a 5th ed. | ||
| 260 | |a Redmond, Wash. : |b Microsoft Press, |c ©2009. | ||
| 300 | |a 1 online resource (xxvi, 1181 pages) : |b illustrations, portraits | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 347 | |a text file | ||
| 504 | |a Includes bibliographical references and index. | ||
| 505 | 0 | |a Foreword -- Acknowledgments -- Introduction -- Concepts and Tools -- Windows Operating System Versions -- Foundation Concepts and Terms -- Windows API -- Services, Functions, and Routines -- Processes, Threads, and Jobs -- Virtual Memory -- Kernel Mode vs. User Mode -- Terminal Services and Multiple Sessions -- Objects and Handles -- Security -- Registry -- Unicode -- Digging into Windows Internals -- Reliability and Performance Monitor -- Kernel Debugging -- Windows Software Development Kit -- Windows Driver Kit -- Sysinternals Tools -- Conclusion -- System Architecture -- Requirements and Design Goals -- Operating System Model -- Architecture Overview -- Portability -- Symmetric Multiprocessing -- Scalability -- Differences Between Client and Server Versions -- Checked Build -- Key System Components -- Environment Subsystems and Subsystem DLLs -- Ntdll.dll -- Executive -- Kernel -- Hardware Abstraction Layer -- Device Drivers -- System Processes -- Conclusion -- System Mechanisms -- Trap Dispatching -- Interrupt Dispatching -- Exception Dispatching -- System Service Dispatching -- Object Manager -- Executive Objects -- Object Structure -- Synchronization -- High-IRQL Synchronization -- Low-IRQL Synchronization -- System Worker Threads -- Windows Global Flags -- Advanced Local Procedure Calls (ALPCs) -- Kernel Event Tracing -- Wow64 -- Wow64 Process Address Space Layout -- System Calls -- Exception Dispatching -- User Callbacks -- File System Redirection -- Registry Redirection and Reflection -- I/O Control Requests -- 16-Bit Installer Applications -- Printing -- Restrictions -- User-Mode Debugging -- Kernel Support -- Native Support -- Windows Subsystem Support -- Image Loader -- Early Process Initialization -- Loaded Module Database -- Import Parsing -- Post Import Process Initialization -- Hypervisor (Hyper-V) -- Partitions -- Root Partition. | |
| 505 | 8 | |a Child Partitions -- Hardware Emulation and Support -- Kernel Transaction Manager -- Hotpatch Support -- Kernel Patch Protection -- Code Integrity -- Conclusion -- Management Mechanisms -- The Registry -- Viewing and Changing the Registry -- Registry Usage -- Registry Data Types -- Registry Logical Structure -- Transactional Registry (TxR) -- Monitoring Registry Activity -- Registry Internals -- Services -- Service Applications -- The Service Control Manager -- Service Startup -- Startup Errors -- Accepting the Boot and Last Known Good -- Service Failures -- Service Shutdown -- Shared Service Processes -- Service Tags -- Service Control Programs -- Windows Management Instrumentation -- Providers -- The Common Information Model and the Managed Object Format Language -- Class Association -- WMI Implementation -- WMI Security -- Windows Diagnostic Infrastructure -- WDI Instrumentation -- Diagnostic Policy Service -- Diagnostic Functionality -- Conclusion -- Processes, Threads, and Jobs -- Process Internals -- Data Structures -- Kernel Variables -- Performance Counters -- Relevant Functions -- Protected Processes -- Flow of CreateProcess -- Stage 1: Converting and Validating Parameters and Flags -- Stage 2: Opening the Image to Be Executed -- Stage 3: Creating the Windows Executive Process Object (PspAllocateProcess) -- Stage 4: Creating the Initial Thread and Its Stack and Context -- Stage 5: Performing Windows Subsystem-Specific Post-Initialization -- Stage 6: Starting Execution of the Initial Thread -- Stage 7: Performing Process Initialization in the Context of the New Process -- Thread Internals -- Data Structures -- Kernel Variables -- Performance Counters -- Relevant Functions -- Birth of a Thread -- Examining Thread Activity -- Limitations on Protected Process Threads -- Worker Factories (Thread Pools) -- Thread Scheduling. | |
| 505 | 8 | |a Overview of Windows Scheduling -- Priority Levels -- Windows Scheduling APIs -- Relevant Tools -- Real-Time Priorities -- Thread States -- Dispatcher Database -- Quantum -- Scheduling Scenarios -- Context Switching -- Idle Thread -- Priority Boosts -- Multiprocessor Systems -- Multiprocessor Thread-Scheduling Algorithms -- CPU Rate Limits -- Job Objects -- Conclusion -- Security -- Security Ratings -- Trusted Computer System Evaluation Criteria -- The Common Criteria -- Security System Components -- Protecting Objects -- Access Checks -- Security Descriptors and Access Control -- Account Rights and Privileges -- Account Rights -- Privileges -- Super Privileges -- Security Auditing -- Logon -- Winlogon Initialization -- User Logon Steps -- User Account Control -- Virtualization -- Elevation -- Software Restriction Policies -- Conclusion -- I/O System -- I/O System Components -- The I/O Manager -- Typical I/O Processing -- Device Drivers -- Types of Device Drivers -- Structure of a Driver -- Driver Objects and Device Objects -- Opening Devices -- I/O Processing -- Types of I/O -- I/O Request to a Single-Layered Driver -- I/O Requests to Layered Drivers -- I/O Cancellation -- I/O Completion Ports -- I/O Prioritization -- Driver Verifier -- Kernel-Mode Driver Framework (KMDF) -- Structure and Operation of a KMDF Driver -- KMDF Data Model -- KMDF I/O Model -- User-Mode Driver Framework (UMDF) -- The Plug and Play (PnP) Manager -- Level of Plug and Play Support -- Driver Support for Plug and Play -- Driver Loading, Initialization, and Installation -- Driver Installation -- The Power Manager -- Power Manager Operation -- Driver Power Operation -- Driver and Application Control of Device Power -- Conclusion -- Storage Management -- Storage Terminology -- Disk Drivers -- Winload -- Disk Class, Port, and Miniport Drivers -- Disk Device Objects. | |
| 505 | 8 | |a Partition Manager -- Volume Management -- Basic Disks -- Dynamic Disks -- Multipartition Volume Management -- The Volume Namespace -- Volume I/O Operations -- Virtual Disk Service -- BitLocker Drive Encryption -- BitLocker Architecture -- Encryption Keys -- Trusted Platform Module (TPM) -- BitLocker Boot Process -- BitLocker Key Recovery -- Full Volume Encryption Driver -- BitLocker Management -- Volume Shadow Copy Service -- Shadow Copies -- VSS Architecture -- VSS Operation -- Uses in Windows -- Conclusion -- Memory Management -- Introduction to the Memory Manager -- Memory Manager Components -- Internal Synchronization -- Examining Memory Usage -- Services the Memory Manager Provides -- Large and Small Pages -- Reserving and Committing Pages -- Locking Memory -- Allocation Granularity -- Shared Memory and Mapped Files -- Protecting Memory -- No Execute Page Protection -- Copy-on-Write -- Address Windowing Extensions -- Kernel-Mode Heaps (System Memory Pools) -- Pool Sizes -- Monitoring Pool Usage -- Look-Aside Lists -- Heap Manager -- Types of Heaps -- Heap Manager Structure -- Heap Synchronization -- The Low Fragmentation Heap -- Heap Security Features -- Heap Debugging Features -- Pageheap -- Virtual Address Space Layouts -- x86 Address Space Layouts -- x86 System Address Space Layout -- x86 Session Space -- System Page Table Entries -- 64-Bit Address Space Layouts -- 64-Bit Virtual Addressing Limitations -- Dynamic System Virtual Address Space Management -- System Virtual Address Space Quotas -- User Address Space Layout -- Address Translation -- x86 Virtual Address Translation -- Translation Look-Aside Buffer -- Physical Address Extension (PAE) -- IA64 Virtual Address Translation -- x64 Virtual Address Translation -- Page Fault Handling -- Invalid PTEs -- Prototype PTEs -- In-Paging I/O -- Collided Page Faults -- Clustered Page Faults. | |
| 505 | 8 | |a Page Files -- Stacks -- User Stacks -- Kernel Stacks -- DPC Stack -- Virtual Address Descriptors -- Process VADs -- Rotate VADs -- NUMA -- Section Objects -- Driver Verifier -- Page Frame Number Database -- Page List Dynamics -- Page Priority -- Modified Page Writer -- PFN Data Structures -- Physical Memory Limits -- Windows Client Memory Limits -- Working Sets -- Demand Paging -- Logical Prefetcher -- Placement Policy -- Working Set Management -- Balance Set Manager and Swapper -- System Working Set -- Memory Notification Events -- Proactive Memory Management (SuperFetch) -- Components -- Tracing and Logging -- Scenarios -- Page Priority and Rebalancing -- Robust Performance -- ReadyBoost -- ReadyDrive -- Conclusion -- Cache Manager -- Key Features of the Cache Manager -- Single, Centralized System Cache -- The Memory Manager -- Cache Coherency -- Virtual Block Caching -- Stream-Based Caching -- Recoverable File System Support -- Cache Virtual Memory Management -- Cache Size -- Cache Virtual Size -- Cache Working Set Size -- Cache Physical Size -- Cache Data Structures -- Systemwide Cache Data Structures -- Per-File Cache Data Structures -- File System Interfaces -- Copying to and from the Cache -- Caching with the Mapping and Pinning Interfaces -- Caching with the Direct Memory Access Interfaces -- Fast I/O -- Read Ahead and Write Behind -- Intelligent Read-Ahead -- Write-Back Caching and Lazy Writing -- Write Throttling -- System Threads -- Conclusion -- File Systems -- Windows File System Formats -- CDFS -- UDF -- FAT12, FAT16, and FAT32 -- exFAT -- NTFS -- File System Driver Architecture -- Local FSDs -- Remote FSDs -- File System Operation -- File System Filter Drivers -- Troubleshooting File System Problems -- Process Monitor Basic vs. Advanced Modes -- Process Monitor Troubleshooting Techniques -- Common Log File System. | |
| 520 | |a See how the core components of the Windows operating system work behind the scenes--guided by a team of internationally renowned internals experts. Fully updated for Windows Server(R) 2008 and Windows Vista(R), this classic guide delivers key architectural insights on system design, debugging, performance, and support--along with hands-on experiments to experience Windows internal behavior firsthand. Delve inside Windows architecture and internals: Understand how the core system and management mechanisms work--from the object manager to services to the registry Explore internal system data structures using tools like the kernel debugger Grasp the scheduler's priority and CPU placement algorithms Go inside the Windows security model to see how it authorizes access to data Understand how Windows manages physical and virtual memory Tour the Windows networking stack from top to bottom--including APIs, protocol drivers, and network adapter drivers Troubleshoot file-system access problems and system boot problems Learn how to analyze crashes. | ||
| 590 | |a O'Reilly Online Learning Platform: Academic Edition (SAML SSO Access) | ||
| 630 | 0 | 0 | |a Microsoft Windows (Computer file) |
| 630 | 0 | 0 | |a Microsoft Windows server. |
| 630 | 0 | 7 | |a Microsoft Windows (Computer file) |2 blmlsh |
| 630 | 0 | 7 | |a Microsoft Windows server. |2 blmlsh |
| 630 | 0 | 7 | |a Microsoft Windows (Computer file) |2 fast |0 (OCoLC)fst01367862 |
| 630 | 0 | 7 | |a Microsoft Windows server. |2 fast |0 (OCoLC)fst01391015 |
| 650 | 0 | |a Computer network architectures. | |
| 650 | 0 | |a Operating systems (Computers) | |
| 700 | 1 | |a Solomon, David A. | |
| 700 | 1 | |a Ionescu, Alex. | |
| 700 | 1 | |a Pietrek, Matt. |t Windows internals. | |
| 710 | 2 | |a Microsoft Corporation. | |
| 730 | 0 | |a WORLDSHARE SUB RECORDS | |
| 776 | |z 0-7356-2530-1 | ||
| 856 | 4 | 0 | |u https://go.oreilly.com/middle-tennessee-state-university/library/view/-/9780735625303/?ar |z CONNECT |3 O'Reilly |t 0 |
| 949 | |a ho0 | ||
| 994 | |a 92 |b TXM | ||
| 998 | |a wi |d z | ||
| 999 | f | f | |s 79f170b1-6c48-4f1f-9920-659f5b4fbfa3 |i d6460075-0182-4f1c-b1ec-9e1724e4b829 |t 0 |
| 952 | f | f | |a Middle Tennessee State University |b Main |c James E. Walker Library |d Electronic Resources |t 0 |e QA76.76.W56 P55 2009 ebook |h Library of Congress classification |
| 856 | 4 | 0 | |3 O'Reilly |t 0 |u https://go.oreilly.com/middle-tennessee-state-university/library/view/-/9780735625303/?ar |z CONNECT |
