win32 programming lesson 7: kernel objects. abstract many of the concepts we’ll look at today...
TRANSCRIPT
![Page 1: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/1.jpg)
Win32 ProgrammingLesson 7: Kernel Objects
![Page 2: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/2.jpg)
Abstract Many of the concepts we’ll look at today
won’t make complete sense until you use them
However, it’s impossible to talk about Windows without understanding how the API’s interact with Kernel Objects
![Page 3: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/3.jpg)
What is a Kernel Object? Any time you write Windows code you’re
probably manipulating Kernel objects and you just don’t know it
Examples: Access token objects Event objects File objects File-mapping objects The list goes on and on
![Page 4: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/4.jpg)
Manipulation of Kernel Objects Cannot be carried out directly from an
application Portability Security Consistency
Only manipulated via specific APIs Via a HANDLE object
![Page 5: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/5.jpg)
HANDLES Each HANDLE is process relative
Huh? If this is the case, how can we share objects
across processes? We’ll look at 3 mechanisms today
![Page 6: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/6.jpg)
Usage Tracking Kernel objects are owned by the Kernel not
the process Not necessarily destroyed on process exit Kernel tracks usage of the object when assigning
handles to processes
![Page 7: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/7.jpg)
Security Protected with a security descriptor
Who created the object Who can access the object Usually used for server applications, not client
![Page 8: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/8.jpg)
Example HANDLE CreateFileMapping (
HANDLE hFile, PSECURITY_ATTRIBUTES psa, DWORD flProtect, DWORD dwMaximumSizeHigh, DWORD dwMaximumSizeLow, PCTSTR pszName
);
![Page 9: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/9.jpg)
Security Attributes typedef struct _SECURITY_ATTRIBUTES {
DWORD nLength; LPVOID lpSecurityDescriptor;
BOOL bInheritHandle; } SECURITY_ATTRIBUTES;
![Page 10: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/10.jpg)
Security Attributes (cntd) SECURITY_ATTRIBUTES sa;
sa.nLength = sizeof(sa); // Used for versioning
sa.lpSecurityDescriptor = pSD;// Address of an initialized SD
sa.bInheritHandle = FALSE; // Discussed later
HANDLE hFileMapping = CreateFileMapping(INVALID_HANDLE_VALUE, &sa, PAGE_READWRITE, 0, 1024, "MyFileMapping“
);
![Page 11: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/11.jpg)
Existing Objects When you open an existing object, you must
specify what access you want HANDLE hFileMapping = OpenFileMapping(FI
LE_MAP_READ, FALSE, "MyFileMapping"); FILE_MAP_READ allows the correct
security check to be performed If it fails, we can call…?
ERROR_ACCESS_DENIED
![Page 12: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/12.jpg)
Kernel Object Handle Table Created when a process is created Details are undocumented, but it gives you a feel for
how it works
Index Pointer to Kernel Memory Block
Access Mask (DWORD)
Flags
1 0x???????? 0x???????? 0x????????
2 0x???????? 0x???????? 0x????????
… … … …
![Page 13: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/13.jpg)
Failure! Unfortunately, Windows isn’t 100%
consistent Failure usually returns:
0 (NULL) -1 (INVALID_HANDLE_VALUE) You must check the actual API in question (sorry)
![Page 14: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/14.jpg)
CloseHandle Of course, we have to close the handles we
open BOOL CloseHandle (HANDLE hObj)
Sets GetLastError on failure What happens if we don’t do this?
![Page 15: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/15.jpg)
Sharing Process Objects Object Handle Inheritance Named Objects Duplicating Objects
![Page 16: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/16.jpg)
Inheritance Used when we have a parent-child
relationship between processes Gives the Children controlled access to the
parent’s handles Create an Inheritable Handle Spawn a new Process Pass the inherited handle (often by command-line
option) The details are in the book – read them!
![Page 17: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/17.jpg)
Named Objects Many Kernel Objects can be named We can then use the name to access the object
from another thread See, for example, CreateMutex, CreateEvent
etc. All have the same parameter: pszName
![Page 18: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/18.jpg)
Example: CreateMutex Process A:
HANDLE hMutexProcessA = CreateMutex(NULL, FALSE, “Panther”);
Process B: HANDLE hMutexProcessB =
CreateMutex(NULL, FALSE, “Panther”); Now, checks for a Mutex with name Panther If found, checks access rights; if allowed, creates
entry in the Process’ Handle table
![Page 19: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/19.jpg)
Alernative Approach: Open Use OpenMutex instead of CreateMutex Main difference: Open can only open an
existing Mutex – it can never Create one Often used to prevent multiple instances of
the same application from running See example: OneOnly
![Page 20: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/20.jpg)
Duplicate Object Handles Final option is to create a duplicate copy of a
handle, and use a regular IPC to pass the new handle through
The call is DuplicateHandle Makes an entry in the handle table of another
process
![Page 21: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/21.jpg)
Example: Limiting Access Suppose we have a FileMapping object in our
system. We wish to pass READ ONLY access to this
object to one of our functions Would be nice if we could pass a read only
handle… and we can, by using DuplicateHandle
![Page 22: Win32 Programming Lesson 7: Kernel Objects. Abstract Many of the concepts we’ll look at today won’t make complete sense until you use them However,](https://reader034.vdocuments.us/reader034/viewer/2022051216/56649eec5503460f94bfd449/html5/thumbnails/22.jpg)
Example HANDLE hFileMapRW = CreateFileMapping(
INVALID_HANDLE_VALUE, NULL, PAGE_READWRITE, 0, 10240, NULL);
HANDLE hFileMapRO;DuplicateHandle(
GetCurrentProcess(), hFileMapRW, GetCurrentProcess(), &hFileMapRO, FILE_MAP_READ, FALSE, 0);
// Pass the RO handle…MyROFunction(hFileMapRO);CloseHandle(hFileMapRO);CloseHandle(hFileMapRW);