Muutke küpsiste eelistusi

E-raamat: Windows Internals, Part 1: System architecture, processes, threads, memory management, and more

4.46/5 (233 hinnangut Goodreads-ist)
, , ,
  • Formaat: 800 pages
  • Sari: Developer Reference
  • Ilmumisaeg: 05-May-2017
  • Kirjastus: Microsoft Press,U.S.
  • Keel: eng
  • ISBN-13: 9780133986440
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 40,94 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Windows Internals, Part 1: System architecture, processes, threads, memory management, and moreSuurem pilt
  • Formaat: 800 pages
  • Sari: Developer Reference
  • Ilmumisaeg: 05-May-2017
  • Kirjastus: Microsoft Press,U.S.
  • Keel: eng
  • ISBN-13: 9780133986440
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Delve inside Windows architecture and internals - and see how core components work behind the scenes. This classic guide has been fully updated for Windows 8.1 and Windows Server 2012 R2, and now presents its coverage in three volumes: Book 1, User Mode; Book 2, Kernel Mode; Book 3, Device Driver Models.

In Book 1, you'll plumb Windows fundamentals, independent of platform - server, desktop, tablet, phone, Xbox. Coverage focuses on high-level functional descriptions of the various Windows components and features that interact with, or are manipulated by, user mode programs, or applications. You'll also examine management mechanisms and operating system components that are implemented in user mode, such as service processes.

As always, you get critical insider perspectives on how Windows operates. And through hands-on experiments, you'll experience its internal behavior firsthand - knowledge you can apply to improve application design, debugging, system performance, and support.

Planned chapters: Concepts & Tools; System Architecture; Windows Application Support; Windows Store Apps; Graphics & the Desktop; Management Mechanisms; User Mode Memory Management; Security; Storage; Networking; Hyper-V.



Delve inside Windows architecture and internals - and see how core components work behind the scenes. This classic guide has been fully updated for Windows 8.1 and Windows Server 2012 R2, and now presents its coverage in three volumes: Book 1, User Mode; Book 2, Kernel Mode; Book 3, Device Driver Models.

In Book 1, you'll plumb Windows fundamentals, independent of platform - server, desktop, tablet, phone, Xbox. Coverage focuses on high-level functional descriptions of the various Windows components and features that interact with, or are manipulated by, user mode programs, or applications. You'll also examine management mechanisms and operating system components that are implemented in user mode, such as service processes.

As always, you get critical insider perspectives on how Windows operates. And through hands-on experiments, you'll experience its internal behavior firsthand - knowledge you can apply to improve application design, debugging, system performance, and support.

Planned chapters: Concepts & Tools; System Architecture; Windows Application Support; Windows Store Apps; Graphics & the Desktop; Management Mechanisms; User Mode Memory Management; Security; Storage; Networking; Hyper-V.

Introduction xi
Chapter 1 Concepts and tools 1(44)
Windows operating system versions
1(3)
Windows 10 and future Windows versions
3(1)
Windows 10 and OneCore
3(1)
Foundation concepts and terms
4(31)
Windows API
4(3)
Services, functions, and routines
7(1)
Processes
8(10)
Threads
18(2)
Jobs
20(1)
Virtual memory
21(2)
Kernel mode vs. user mode
23(4)
Hypervisor
27(2)
Firmware
29(1)
Terminal Services and multiple sessions
29(1)
Objects and handles
30(1)
Security
31(1)
Registry
32(1)
Unicode
33(2)
Digging into Windows internals
35(9)
Performance Monitor and Resource Monitor
36(2)
Kernel debugging
38(5)
Windows Software Development Kit
43(1)
Windows Driver Kit
43(1)
Sysinternals tools
44(1)
Conclusion
44(1)
Chapter 2 System architecture 45(56)
Requirements and design goals
45(1)
Operating system model
46(1)
Architecture overview
47(12)
Portability
50(1)
Symmetric multiprocessing
51(2)
Scalability
53(1)
Differences between client and server versions
54(3)
Checked build
57(2)
Virtualization-based security architecture overview
59(2)
Key system components
61(38)
Environment subsystems and subsystem DLLs
62(6)
Other subsystems
68(4)
Executive
72(3)
Kernel
75(4)
Hardware abstraction layer
79(3)
Device drivers
82(6)
System processes
88(11)
Conclusion
99(2)
Chapter 3 Processes and jobs 101(92)
Creating a process
101(4)
CreateProcess functions arguments
102(1)
Creating Windows modern processes
103(1)
Creating other kinds of processes
104(1)
Process internals
105(8)
Protected processes
113(7)
Protected Process Light (PPL)
115(4)
Third-party PPL support
119(1)
Minimal and Pico processes
120(3)
Minimal processes
120(1)
Pico processes
121(2)
Trustlets (secure processes)
123(6)
Trustlet structure
123(1)
Trustlet policy metadata
124(1)
Trustlet attributes
125(1)
System built-in Trustlets
125(1)
Trustlet identity
126(1)
Isolated user-mode services
127(1)
Trustlet-accessible system calls
128(1)
Flow of CreateProcess
129(25)
Stage 1: Converting and validating parameters and flags
131(4)
Stage 2: Opening the image to be executed
135(3)
Stage 3: Creating the Windows executive process object
138(6)
Stage 4: Creating the initial thread and its stack and context
144(2)
Stage 5: Performing Windows subsystem-specific initialization
146(2)
Stage 6: Starting execution of the initial thread
148(1)
Stage 7: Performing process initialization in the context of the new process
148(6)
Terminating a process
154(1)
Image loader
155(21)
Early process initialization
157(3)
DLL name resolution and redirection
160(4)
Loaded module database
164(4)
Import parsing
168(2)
Post-import process initialization
170(1)
SwitchBack
171(2)
API Sets
173(3)
Jobs
176(15)
Job limits
177(1)
Working with a job
178(1)
Nested jobs
179(4)
Windows containers (server silos)
183(8)
Conclusion
191(2)
Chapter 4 Threads 193(108)
Creating threads
193(1)
Thread internals
194(13)
Data structures
194(12)
Birth of a thread
206(1)
Examining thread activity
207(7)
Limitations on protected process threads
212(2)
Thread scheduling
214(73)
Overview of Windows scheduling
214(1)
Priority levels
215(8)
Thread states
223(5)
Dispatcher database
228(3)
Quantum
231(7)
Priority boosts
238(17)
Context switching
255(1)
Scheduling scenarios
256(4)
Idle threads
260(4)
Thread suspension
264(1)
(Deep) freeze
264(2)
Thread selection
266(2)
Multiprocessor systems
268(15)
Thread selection on multiprocessor systems
283(1)
Processor selection
284(2)
Heterogeneous scheduling (big.LITTLE)
286(1)
Group-based scheduling
287(10)
Dynamic fair share scheduling
289(3)
CPU rate limits
292(3)
Dynamic processor addition and replacement
295(2)
Worker factories (thread pools)
297(3)
Worker factory creation
298(2)
Conclusion
300(1)
Chapter 5 Memory management 301(182)
Introduction to the memory manager
301(8)
Memory manager components
302(1)
Large and small pages
303(2)
Examining memory usage
305(3)
Internal synchronization
308(1)
Services provided by the memory manager
309(15)
Page states and memory allocations
310(3)
Commit charge and commit limit
313(1)
Locking memory
314(1)
Allocation granularity
314(1)
Shared memory and mapped files
315(2)
Protecting memory
317(2)
Data Execution Prevention
319(2)
Copy-on-write
321(2)
Address Windowing Extensions
323(1)
Kernel-mode heaps (system memory pools)
324(8)
Pool sizes
325(2)
Monitoring pool usage
327(4)
Look-aside lists
331(1)
Heap manager
332(16)
Process heaps
333(1)
Heap types
334(1)
The NT heap
334(1)
Heap synchronization
334(1)
The low-fragmentation heap
335(1)
The segment heap
336(5)
Heap security features
341(1)
Heap debugging features
342(1)
Pageheap
343(4)
Fault-tolerant heap
347(1)
Virtual address space layouts
348(23)
x86 address space layouts
349(3)
x86 system address space layout
352(1)
x86 session space
353(2)
System page table entries
355(1)
ARM address space layout
356(1)
64-bit address space layout
357(2)
x64 virtual addressing limitations
359(1)
Dynamic system virtual address space management
359(5)
System virtual address space quotas
364(1)
User address space layout
365(6)
Address translation
371(12)
x86 virtual address translation
371(6)
Translation look-aside buffer
377(3)
x64 virtual address translation
380(1)
ARM virtual address translation
381(2)
Page fault handling
383(15)
Invalid PTEs
384(1)
Prototype PTEs
385(1)
In-paging I/O
386(1)
Collided page faults
387(1)
Clustered page faults
387(2)
Page files
389(5)
Commit charge and the system commit limit
394(3)
Commit charge and page file size
397(1)
Stacks
398(3)
User stacks
399(1)
Kernel stacks
400(1)
DPC stack
401(1)
Virtual address descriptors
401(3)
Process VADs
402(1)
Rotate VADs
403(1)
NUMA
404(1)
Section objects
405(7)
Working sets
412(13)
Demand paging
413(1)
Logical prefetcher and ReadyBoot
413(3)
Placement policy
416(1)
Working set management
417(4)
Balance set manager and swapper
421(1)
System working sets
422(1)
Memory notification events
423(2)
Page frame number database
425(21)
Page list dynamics
428(8)
Page priority
436(2)
Modified page writer and mapped page writer
438(2)
PFN data structures
440(3)
Page file reservation
443(3)
Physical memory limits
446(3)
Windows client memory limits
447(2)
Memory compression
449(7)
Compression illustration
450(3)
Compression architecture
453(3)
Memory partitions
456(3)
Memory combining
459(8)
The search phase
460(1)
The classification phase
461(1)
The page combining phase
462(1)
From private to shared PTE
462(2)
Combined pages release
464(3)
Memory enclaves
467(5)
Programmatic interface
468(1)
Memory enclave initializations
469(1)
Enclave construction
469(2)
Loading data into an enclave
471(1)
Initializing an enclave
472(1)
Proactive memory management (SuperFetch)
472(10)
Components
473(1)
Tracing and logging
474(1)
Scenarios
475(1)
Page priority and rebalancing
476(2)
Robust performance
478(1)
ReadyBoost
479(1)
ReadyDrive
480(1)
Process reflection
480(2)
Conclusion
482(1)
Chapter 6 I/O system 483(122)
I/O system components
483(5)
The I/O manager
485(1)
Typical I/O processing
486(2)
Interrupt Request Levels and Deferred Procedure Calls
488(4)
Interrupt Request Levels
488(2)
Deferred Procedure Calls
490(2)
Device drivers
492(18)
Types of device drivers
492(6)
Structure of a driver
498(2)
Driver objects and device objects
500(7)
Opening devices
507(3)
I/O processing
510(42)
Types of I/O
511(2)
I/O request packets
513(12)
I/O request to a single-layered hardware-based driver
525(8)
I/O requests to layered drivers
533(3)
Thread-agnostic I/O
536(1)
I/O cancellation
537(4)
I/O completion ports
541(5)
I/O prioritization
546(6)
Container notifications
552(1)
Driver Verifier
552(7)
I/O-related verification options
554(1)
Memory-related verification options
555(4)
The Plug and Play manager
559(16)
Level of Plug and Play support
560(1)
Device enumeration
561(2)
Device stacks
563(6)
Driver support for Plug and Play
569(2)
Plug-and-play driver installation
571(4)
General driver loading and installation
575(3)
Driver loading
575(2)
Driver installation
577(1)
The Windows Driver Foundation
578(12)
Kernel-Mode Driver Framework
579(8)
User-Mode Driver Framework
587(3)
The power manager
590(13)
Connected Standby and Modern Standby
594(1)
Power manager operation
595(1)
Driver power operation
596(3)
Driver and application control of device power
599(1)
Power management framework
600(2)
Power availability requests
602(1)
Conclusion
603(2)
Chapter 7 Security 605(166)
Security ratings
605(3)
Trusted Computer System Evaluation Criteria
605(2)
The Common Criteria
607(1)
Security system components
608(3)
Virtualization-based security
611(8)
Credential Guard
612(5)
Device Guard
617(2)
Protecting objects
619(47)
Access checks
621(4)
Security identifiers
625(21)
Virtual service accounts
646(4)
Security descriptors and access control
650(16)
Dynamic Access Control
666(1)
The AuthZ API
666(2)
Conditional ACES
667(1)
Account rights and privileges
668(9)
Account rights
669(1)
Privileges
670(5)
Super privileges
675(2)
Access tokens of processes and threads
677(1)
Security auditing
677(7)
Object access auditing
679(3)
Global audit policy
682(1)
Advanced Audit Policy settings
683(1)
AppContainers
684(26)
Overview of UWP apps
685(2)
The AppContainer
687(23)
Logon
710(12)
Winlogon initialization
711(2)
User logon steps
713(5)
Assured authentication
718(1)
Windows Biometric Framework
719(2)
Windows Hello
721(1)
User Account Control and virtualization
722(13)
File system and registry virtualization
722(7)
Elevation
729(6)
Exploit mitigations
735(21)
Process-mitigation policies
735(5)
Control Flow Integrity
740(12)
Security assertions
752(4)
Application Identification
756(1)
AppLocker
757(5)
Software Restriction Policies
762(2)
Kernel Patch Protection
764(1)
PatchGuard
765(3)
HyperGuard
768(2)
Conclusion
770(1)
Index 771
Pavel Yosifovich is a developer, trainer, and author specializing in Microsoft technologies and tools. He is a Microsoft MVP and a Pluralsight author, and loves all things software. Pavel has been around since the days of 8-bit machines and still looks back fondly on his programming days on his Commodore 64. Alex Ionescu is Vice President of EDR Strategy at CrowdStrike and an internationally recognized expert in low-level system software, operating system research and kernel development, security training, and reverse engineering. He teaches Windows Internals courses around the world and is active in the security research community through conference talks and bug bounty programs. Mark Russinovich is Chief Technology Officer for Microsoft Azure, Microsoft's global enterprise-grade cloud platform. Mark is a widely recognized expert in distributed systems and operating systems. He co-founded Winternals Software and joined Microsoft in 2006 when it was acquired. He is the primary author of the Sysinternals tools and website, which include dozens of popular Windows administration and diagnostic utilities. David Solomon (retired) taught Windows kernel internals for 20 years to developers and IT professionals worldwide, including at Microsoft. His first book was Windows NT for OpenVMS Professionals. He then authored Inside Windows NT, 2nd edition, and later, with Mark Russinovich, coauthored the 3rd, 4th, 5th, and 6th editions of the Windows Internals series. David has spoken at many Microsoft conferences and was a recipient of the 1993 and 2005 Microsoft Support Most Valuable Professional (MVP) award.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97801339864402e.html