Win32 programming
Download
1 / 22

Win32 Programming - PowerPoint PPT Presentation


  • 122 Views
  • Uploaded on

Win32 Programming. Lesson 7: Kernel Objects. Abstract. Many of the concepts we’ll look at today won’t make complete sense until you use them However, it’s impossible to talk about Windows without understanding how the API’s interact with Kernel Objects. What is a Kernel Object?.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Win32 Programming' - deron


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Win32 programming

Win32 Programming

Lesson 7: Kernel Objects


Abstract
Abstract

  • Many of the concepts we’ll look at today won’t make complete sense until you use them

  • However, it’s impossible to talk about Windows without understanding how the API’s interact with Kernel Objects


What is a kernel object
What is a Kernel Object?

  • Any time you write Windows code you’re probably manipulating Kernel objects and you just don’t know it

  • Examples:

    • Access token objects

    • Event objects

    • File objects

    • File-mapping objects

    • The list goes on and on


Manipulation of kernel objects
Manipulation of Kernel Objects

  • Cannot be carried out directly from an application

    • Portability

    • Security

    • Consistency

  • Only manipulated via specific APIs

    • Via a HANDLE object


Handles
HANDLES

  • Each HANDLE is process relative

    • Huh?

    • If this is the case, how can we share objects across processes?

    • We’ll look at 3 mechanisms today


Usage tracking
Usage Tracking

  • Kernel objects are owned by the Kernel not the process

    • Not necessarily destroyed on process exit

    • Kernel tracks usage of the object when assigning handles to processes


Security
Security

  • Protected with a security descriptor

    • Who created the object

    • Who can access the object

    • Usually used for server applications, not client


Example
Example

  • HANDLE CreateFileMapping (     HANDLE hFile,     PSECURITY_ATTRIBUTES psa,      DWORD flProtect,     DWORD dwMaximumSizeHigh,      DWORD dwMaximumSizeLow,      PCTSTR pszName);


Security attributes
Security Attributes

  • typedef struct _SECURITY_ATTRIBUTES { DWORD nLength;     LPVOID lpSecurityDescriptor;     BOOL bInheritHandle; } SECURITY_ATTRIBUTES; 


Security attributes cntd
Security Attributes (cntd)

  • SECURITY_ATTRIBUTES sa; sa.nLength = sizeof(sa);       // Used for versioning sa.lpSecurityDescriptor = pSD; // Address of an initialized SD sa.bInheritHandle = FALSE;    // Discussed later HANDLE hFileMapping = CreateFileMapping( INVALID_HANDLE_VALUE,  &sa, PAGE_READWRITE, 0,  1024,  "MyFileMapping“);


Existing objects
Existing Objects

  • When you open an existing object, you must specify what access you want

    • HANDLE hFileMapping = OpenFileMapping(FILE_MAP_READ, FALSE,     "MyFileMapping");

  • FILE_MAP_READ allows the correct security check to be performed

  • If it fails, we can call…?

    • ERROR_ACCESS_DENIED


Kernel object handle table
Kernel Object Handle Table

  • Created when a process is created

  • Details are undocumented, but it gives you a feel for how it works


Failure
Failure!

  • Unfortunately, Windows isn’t 100% consistent

  • Failure usually returns:

    • 0 (NULL)

    • -1 (INVALID_HANDLE_VALUE)

    • You must check the actual API in question (sorry)


Closehandle
CloseHandle

  • Of course, we have to close the handles we open

    • BOOL CloseHandle (HANDLE hObj)

  • Sets GetLastError on failure

  • What happens if we don’t do this?


Sharing process objects
Sharing Process Objects

  • Object Handle Inheritance

  • Named Objects

  • Duplicating Objects


Inheritance
Inheritance

  • Used when we have a parent-child relationship between processes

  • Gives the Children controlled access to the parent’s handles

    • Create an Inheritable Handle

    • Spawn a new Process

    • Pass the inherited handle (often by command-line option)

    • The details are in the book – read them!


Named objects
Named Objects

  • Many Kernel Objects can be named

  • We can then use the name to access the object from another thread

  • See, for example, CreateMutex, CreateEvent etc.

  • All have the same parameter: pszName


Example createmutex
Example: CreateMutex

  • Process A:

    • HANDLE hMutexProcessA = CreateMutex(NULL, FALSE, “Panther”);

  • Process B:

    • HANDLE hMutexProcessB = CreateMutex(NULL, FALSE, “Panther”);

    • Now, checks for a Mutex with name Panther

    • If found, checks access rights; if allowed, creates entry in the Process’ Handle table


Alernative approach open
Alernative Approach: Open

  • Use OpenMutex instead of CreateMutex

  • Main difference: Open can only open an existing Mutex – it can never Create one

  • Often used to prevent multiple instances of the same application from running

  • See example: OneOnly


Duplicate object handles
Duplicate Object Handles

  • Final option is to create a duplicate copy of a handle, and use a regular IPC to pass the new handle through

  • The call is DuplicateHandle

    • Makes an entry in the handle table of another process


Example limiting access
Example: Limiting Access

  • Suppose we have a FileMapping object in our system.

  • We wish to pass READ ONLY access to this object to one of our functions

  • Would be nice if we could pass a read only handle… and we can, by using DuplicateHandle


Example1
Example

  • HANDLE hFileMapRW = CreateFileMapping( INVALID_HANDLE_VALUE, NULL, PAGE_READWRITE, 0, 10240, NULL);HANDLE hFileMapRO;DuplicateHandle( GetCurrentProcess(), hFileMapRW, GetCurrentProcess(), &hFileMapRO, FILE_MAP_READ, FALSE, 0);// Pass the RO handle…MyROFunction(hFileMapRO);CloseHandle(hFileMapRO);CloseHandle(hFileMapRW);


ad