microsoft s net implementation n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Microsoft's .NET Implementation PowerPoint Presentation
Download Presentation
Microsoft's .NET Implementation

Loading in 2 Seconds...

play fullscreen
1 / 56

Microsoft's .NET Implementation - PowerPoint PPT Presentation


  • 533 Views
  • Uploaded on

Microsoft's .NET Implementation. Matthew Conover April 2002. What is .NET?. .NET = dumb name .NET != web services .NET is a framework .NET is platform independent .NET is language insensitive .NET specs are publicly available. Topics of Discussion. Introduction to .NET Assemblies

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Microsoft's .NET Implementation' - Mia_John


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
microsoft s net implementation

Microsoft's .NET Implementation

Matthew Conover

April 2002

what is net
What is .NET?
  • .NET = dumb name
  • .NET != web services
  • .NET is a framework
  • .NET is platform independent
  • .NET is language insensitive
  • .NET specs are publicly available
topics of discussion
Topics of Discussion
  • Introduction to .NET
  • Assemblies
  • Microsoft’s implementation of .NET
  • .NET Hook (dotNetHook) tool
introduction to net
Introduction to .NET
  • .NET CLI specifications (ECMA)
    • Partition I – Architecture
    • Partition II – Metadata
    • Partition III – CIL
    • Partition IV – Library
    • Partition V – Annexes
    • Class Library (XML specification)
introduction to net1
Introduction to .NET
  • Base Class Library (BCL)
    • Shared among all languages
  • Common Language Runtime (CLR)
    • Common Type System (CTS)
    • Common Language Specification (CLS)
    • Execution Engine
base class library
Base Class Library
  • Similar to Java’s System namespace.
  • Has classes for IO, threading, database, text, graphics, console, sockets/web/mail, security, cryptography, COM, run-time type discovery/invocation, assembly generation
common language runtime
Common Language Runtime
  • Common Type Specification
    • Specifies certain types required to be hosted by CLR
    • Specifies rules for class, structure, enumeration, interfaces, delegates, etc.
    • Everything is actually an object
common language runtime1
Common Language Runtime
  • Execution Engine
    • Handles object layout/references
    • Handles garbage collection
      • Managed heap
    • Enforces code access security
    • Handles verification
      • Safe methods can only do safe things
    • Compiles MSIL (bytecode) into native code
common language runtime2
Common Language Runtime

Assembly

BCL

Class Loader

External Assembly

JIT

Execution Engine

Machine Code

assemblies
Assemblies
  • Single-file or multi-file assemblies
  • Components:
    • Manifest
    • Metadata
    • MSIL (or native) code
    • Resources
manifest
Manifest
  • Defines assembly
  • Strong name
  • Files in the assembly
  • Type references
  • Referenced assemblies
metadata
Metadata
  • Contains all .NET data
  • Streams
    • #Strings
    • #Blob
    • #GUID
    • #US
    • #- or #~
  • Tables (stored in #- or #~)
    • In a predefined order
    • I.e., MethodDef, AssemblyRef, Constant
metadata1
Metadata

Signature, Version, Flags

Stream count

Metadata Header

Data offset

Stream size

Name

Stream Header 1

Stream Header 2

Stream bodies

and stream
#~ and #- Stream

Version

Heap sizes

Valid tables

Sorted tables

Tables Header

Table row count

Valid Table 1

Valid Table 2

Table bodies

methoddef table 0x06
MethodDef Table (0x06)

RVA

Offset to method

Implementation flags

Method flags

Method name

Offset into #Strings

Signature

Offset into #Blob

Parameters

Index into Param table (0x08)

methoddef table 0x061
MethodDef Table (0x06)

Param Table (0x08)

Flags

Sequence number

Parameter name

Offset into #Strings

Signature Blob

Flags

Parameter count

Return type

Parameter types

slide17
MSIL
  • Pseudo-assembly
    • nop, break, ret, call, callvirt, newobj, newarr, add, mul, xor, arglist, sizeof, throw, catch, dup
  • 0xFE = first byte of two byte opcodes
  • Uses “tokens” instead of offsets/pointers
  • All calls are stack based
    • “this” pointer passed as first argument
    • Arguments passed left-to-right by default
    • varargs passes an extra signature
slide18
MSIL

IL

Assembler

0x1f 0x09

0x28 0x06000006

ldc.i4.s 9

call Print(Int32)

Method token

Token

Table Number

Row Index

Upper 8 bits

Lower 24 bits

call stack
Call Stack

ldc.i4.1

ldc.i4.2

call ClassType::func(Int32, Int32)

ClassType a;

a.func(1, 2)

1

2

this pointer

Stack top

Left-to-right ordering

msil samples
MSIL Samples
  • Ldloc
    • Puts value on stack from a local variable
  • Ldarg
    • Puts an argument on the stack
  • Ldlen
    • Puts the length of an array on the stack
  • Ldelem
    • Puts the value of an element on the stack
  • Ld*a
    • Puts the address of something on the stack
msil samples cont
MSIL Samples (cont.)
  • Brtrue <target>
    • Branch to target if value on stack is true
  • Dup
    • Duplicate a value on the stack
  • Ldnull
    • Puts a null value on the stack
microsoft s net implementation1
Microsoft’s .NET Implementation
  • %SystemRoot%\Microsoft.NET
  • %SystemRoot%\Assembly +
    • \GAC
    • \NativeImages*
system libraries
System Libraries
  • mscoree.dll (execution engine)
  • mscorjit.dll (contains JIT)
  • mscorsn.dll (strong name)
  • mscorlib.dll (BCL)
  • fushion.dll (assembly binding)
net application
.NET Application
  • Jumps to _CorExeMain (mscoree)
  • Calls _CorExeMain in mscorwks.dll
  • _CorExeMain calls CoInitializeEE
  • CoInitializeEE calls:
    • EEStartup
    • ExecuteEXE
eestartup
EEStartup
  • GCHeap.Initialize
    • Managed heap = Doug Lea’s malloc?
  • ECall.Init
    • SetupGenericPInvokeCalliStub
    • PInvokeCalliWorker
  • NDirect.Init
  • UMThunkInit.UMThunkInit
  • COMDelegate.Init
  • ExecutionManger.Init
  • COMNlsInfo.InitializeNLS
eestartup cont
EEStartup (cont.)
  • Security::Start
  • SystemDomain.Init
    • Loads BCL
  • SystemDomain.NotifyProfilerStartup
  • SystemDomain.NotifyNewDomainLoads
  • SystemDomain.PublishAppDomainAndInformDebugger (ICorPublish/ICorDebug)
systemdomain init
SystemDomain.Init
  • LoadBaseSystemClasses
  • SystemDomain.CreatePreallocatedExceptions
loadbasesystemclasses
LoadBaseSystemClasses
  • SystemDomain.LoadSystemAssembly
    • Loads mscorlib.dll
  • Binder::StartupMscorlib
  • Binder::FetchClass(OBJECT)
  • MethodTable::InitForFinalization
  • InitJITHelpers2
  • Binder::FetchClass(VALUE)
  • Binder::FetchClass(ARRAY)
loadbasesystemclasses1
LoadBaseSystemClasses
  • Binder.FetchType(OBJECT_ARRAY)
  • Binder.FetchClass(STRING)
  • Binder.FetchClass(ENUM)
  • Binder.FetchClass(ExceptionClass)
  • Binder.FetchClass(OutOfMemoryExceptionClass)
  • Binder.FetchClass(StackOverflowExceptionClass)
loadbasesystemclasses2
LoadBaseSystemClasses
  • Binder.FetchClass(ExecutionEngineExceptionClass)
  • Binder.FetchClass(DelegateClass)
  • Binder.FetchClass(MultiDelegateClass)
net application review
.NET Application (review)
  • Jumps to _CorExeMain (mscoree)
  • Calls _CorExeMain in mscorwks.dll
  • _CorExeMain calls CoInitializeEE
  • CoInitializeEE calls:
    • EEStartup
    • ExecuteEXE
executeexe
ExecuteEXE
  • StrongNamesignatureVerification
    • In mscorsn.dll
  • PEFile::Create
    • Loads executable
  • ExecuteMainMethod
  • FushionBind.CreateFushionName
  • Assembly.ExecuteMainMethod
executemainmethod
ExecuteMainMethod
  • Thread.EnterRestrictiedContext
  • PEFile::GetMDImport
  • SystemDomain.SetDefaultDomainAttributes
    • Sets entry point
  • SystemDomain.InitializeDefaultDomain
  • BaseDomain.LoadAssembly
basedomain loadassembly
BaseDomain.LoadAssembly
  • BaseDomain.ApplySharePolicy
  • AssemblySecurityDescriptor.Init
  • Module.Create
  • BaseDomain.SetAssemblyManifestModule
  • AssemblySecurityDescriptor.AddDescriptorToDomainList
executeexe review
ExecuteEXE (review)
  • StrongNamesignatureVerification
    • In mscorsn.dll
  • PEFile::Create
    • Loads executable
  • ExecuteMainMethod
  • FushionBind.CreateFushionName
  • Assembly.ExecuteMainMethod
assembly executemainmethod
Assembly.ExecuteMainMethod
  • Assembly::GetEntryPoint
  • ClassLoader::ExecuteMainMethod
    • EEClass:FindMethod(entry point token)
eeclass findmethod
EEClass.FindMethod
  • ValidateMainMethod
  • CorCommandLine.GetArgvW
  • MethodDesc.Call
    • MethodDesc.IsRemotingIntercepted
    • MethodDesc.CallDescr calls MethodDesc.CallDescrWorker
    • CallDescrWorker calls Main()
net application1
.NET Application
  • Main() needs to be compiled
  • Main() calls PreStubWorker (mscorwks)
  • PreStubWorker
    • Compiles all IL methods
    • Calls MethodDesc.DoPrestub
methoddesc doprestub
MethodDesc.DoPrestub
  • MethodDesc.GetSecurityFlags
  • MethodDesc.GetUnsafeAddrofCode
  • MethodDesc.GetILHeader
  • MethodDesc.GetRVA
  • COR_DECODE_METHOD
    • Decode tiny/fat format
  • Security._CanSkipVerification
methoddesc doprestub1
MethodDesc.DoPrestub
  • EEConfig.ShouldJitMethod
  • MakeJitWorker
    • JITFunction
    • GetPrejittedCode
jitfunction
JITFunction
  • ExecutionManager::GetJitForType
    • EEJitManager::LoadJIT
    • Loads mscorjit.dll (in LoadJIT)
    • Calls getJit in mscorjit (in LoadJIT)
  • CallCompileMethodWithSEHWrapper
    • Debugger.JitBeginning
    • CILJit.compileMethod
    • Debugger.JitComplete
ciljit compilemethod
CILJit.compileMethod
  • Calls jitNativeCode
  • jitNativeCode
    • Compiler.compInit
    • Compiler.compCompile
compiler compcompile
Compiler.compCompile
  • Compiler.eeGetMethodClass
  • Compiler.eeGetClassAttribs
  • emitter.emitBegCG
  • Compiler.eeGetMethodAttribs
  • Compiler.comptInitDebuggingInfo
  • Compiler.genGenerateCode
  • emitter.emitEndCG
compiler gengeneratecode
Compiler.genGenerateCode
  • emitter.emitBegFN
  • Compiler.genCodeForBBlist
  • Compiler.genFnProlog
  • Compiler.genFnEpilog
  • emitter.emitEndCodeGen
  • Compiler.gcInfoBlocKHdrSave
  • emitter.emitEndFN
net application2
.NET Application
  • Show flowchart
net hook
.NET Hook
  • Reads through method table
  • Reads method
    • Parses header, code, EH data
  • Hooks interest functions
    • Inserts hooked code at front of method
    • Stored at the end of the .text section
  • Updates PE and section headers
  • Changes function RVAs in Metadata
method definition review
Method Definition (review)

RVA

Offset to method

Implementation flags

Method flags

Method name

Offset into #Strings

Signature

Offset into #Blob

Parameters

Index into Param table (0x08)

tiny method body
Tiny Method Body
  • Header size = 1 byte
  • Used when:
    • Maximum stack size is less than 8
    • The method has no local variables
    • No extra data section
    • No exceptions
tiny method
Tiny Method

Header (flags and code size)

Method body (IL)

fat method
Fat Method
  • Header size = 12 bytes

Flags

Header size

Max. stack size

Code size

Local var. signature

Describes local variables

Method body (IL)

Extra data sections

Currently only used for exceptions

hooked tiny method
Hooked Tiny Method

Header (flags and code size)

Updated

Hooking code (IL)

Inserted

Method body (IL)

hooked fat method
Hooked Fat Method

Flags

Header size

Max. stack size

Code size

Updated

Local var. signature

Hooking code (IL)

Inserted

Method body (IL)

Extra data sections

Updated

hooked assembly
Hooked Assembly

.text section

Functions (IL)

Metadata

References both

Import Address Table

End of old .text section

Hooked Functions (IL)

End of new .text section

next steps
Next Steps
  • More developers needed
  • Insert needed functions into metadata tables
  • Display contents of parameters
  • Don’t break exception handling
more information
More Information
  • .NET Specifications:
    • http://msdn.microsoft.com/net/ecma
  • SSCLI and .NET Framework SDK
    • http://msdn.microsoft.com/netframework/
  • .NET Hook
    • http://dotnethook.sourceforge.net
acknowledgements
Acknowledgements
  • Entercept’s Ricochet Team
    • http://www.entercept.com
  • w00w00
    • http://www.w00w00.org