深入解析Windows操作系统 (第5版英文版)
一键收藏,随时查看,分享好友!
深入解析Windows操作系统 (第5版英文版)    Ben Fathi
近20年来,无论是开发人员还是系统管理员,如果想探究Windows核心部件的运作机理或者各种技术细节,都会求助于这部毋庸置疑的权威著作。书中深入透彻地阐述了Windows底层的方方面面,包括系统架构,各种系统机制和管理机制,进程、线程和作业,安全,I/O系统,存储管理、内存管理和缓存管理,文件系统,联网,启动与停机,崩溃转储分析等内容,使Windows的内幕在你面前变得一目了然。
本书作者阵容空前强大,与上一版相比,本版修订篇幅超过25%,除针对Windows Vista和Windows Server 2008新特性(PatchGuard、 Hyper-V支持、内核事务管理器、I/O优先级等)进行了全面更新外,作者也对之前未涉及或者阐述不够的既有技术进行了挖掘,更充分运用了自己编写的流行工具Process Explorer 和Process Monitor更新了大量实验和示例。这一切都使本书更趋完美。
出版社:人民邮电出版社 出版日期:2009年9月 ISBN:978-7-115-21165-1/TP 定 价:158.00元
关键字: Windows  操作系统  深入解析  深入解析Windows操作系统  
免责声明:图书版权归出版社和作者所有,51CTO.com 仅提供试读
本书详细信息
序言、前言和目录
  • 序言
  • 前言
  • 目录
  • chapter three and chapter four
  • 3 System Mechanisms
  • 3.1 Trap Dispatching
  • 3.1.1 Interrupt Dispatching(1)
  • 3.1.1 Interrupt Dispatching(2)
  • 3.1.1 Interrupt Dispatching(3)
  • 3.1.1 Interrupt Dispatching(4)
  • 3.1.1 Interrupt Dispatching(5)
  • 3.1.1 Interrupt Dispatching(6)
  • 3.1.1 Interrupt Dispatching(7)
  • 3.1.2 Exception Dispatching(1)
  • 3.1.2 Exception Dispatching(2)
  • 3.1.3 System Service Dispatching(1)
  • 3.1.3 System Service Dispatching(2)
  • 3.2 Object Manager
  • 3.2.1 Executive Objects
  • 3.2.2 Object Structure(1)
  • 3.2.2 Object Structure(2)
  • 3.2.2 Object Structure(3)
  • 3.2.2 Object Structure(4)
  • 3.2.2 Object Structure(5)
  • 3.2.2 Object Structure(6)
  • 3.2.2 Object Structure(7)
  • 3.2.2 Object Structure(8)
  • 3.2.2 Object Structure(9)
  • 3.3.2 Low-IRQL Synchronization(1)
  • 3.3.2 Low-IRQL Synchronization(2)
  • 3.3.1 High-IRQL Synchronization
  • 3.3.2 Low-IRQL Synchronization(3)
  • 3.3.2 Low-IRQL Synchronization(4)
  • 3.3.2 Low-IRQL Synchronization(5)
  • 3.3 Synchronization
  • 3.4 System Worker Threads
  • 3.5 Windows global Flags
  • 3.6 Advanced Local Procedure Calls (
  • 3.7 Kernel event Tracing
  • 3.8 Wow64
  • 3.8.1 Wow64 Process Address Space La
  • 3.8.2 System Calls
  • 3.8.3-3.8.10
  • 3.9 User-Mode Debugging
  • 3.10 Image Loader
  • 3.10.1 Early Process Initialization
  • 3.10.2 Loaded Module Database
  • 3.10.3 Import Parsing
  • 3.10.4 Post Import Process Initializ
  • 3.11 Hypervisor (Hyper-V)
  • 3.11.1 Partitions
  • 3.11.2 Root Partition
  • 3.11.3 Child Partitions
  • 3.11.4 Hardware Emulation and Suppor
  • 3.12 Kernel Transaction Manager
  • 3.13 Hotpatch Support
  • 3.14 Kernel Patch Protection
  • 3.15 Code integrity
  • 4 Management Mechanisms
  • 4.1 The Registry
  • 4.1.1 Viewing and Changing the Regis
  • 4.1.2 Registry Usage
  • 4.1.3 Registry Data Types
  • 4.1.4 Registry Logical Structure
  • 4.1.5 Transactional Registry (TxR)
  • 4.1.6 Monitoring Registry Activity
  • 4.1.7 Registry Internals(1)
  • 4.1.7 Registry Internals(2)
  • 4.1.7 Registry Internals(3)
  • 4.1.7 Registry Internals(4)
  • 4.1.7 Registry Internals(4)
  • 4.2 Services
  • 4.2.1 Service Applications(1)
  • 4.2.1 Service Applications(2)
  • 4.2.1 Service Applications(3)
  • 4.2.2 The Service Control Manager
  • 4.2.3 Service Startup
  • 4.2.4 Startup Errors
  • 4.2.5 Accepting the Boot and Last Kn
  • 4.2.6 Service Failures
  • 4.2.7 Service Shutdown
  • 4.2.8 Shared Service Processes
  • 4.2.9 Service Tags
  • 4.2.10 Service Control Programs
  • 4.3 Windows Management instrumentati
  • 4.3.1 Providers
  • 4.3.2 The Common Information Model a
  • 4.3.3 Class Association
  • 4.3.4 WMI Implementation
  • 4.3.5 WMI Security
  • 4.4 Windows Diagnostic infrastructur
  • chapter five and chapter six
  • 5 Processes, Threads, and Jobs
  • 5.1.1 Data Structures
  • 5.1.2 Kernel Variables
  • 5.1.3 Performance Counters
  • 5.1.4 Relevant Functions
  • 5.2 Protected Processes
  • 5.3 Flow of CreateProcess
  • 5.3.1 Stage 1: Converting and Valida
  • 5.3.2 Stage 2: Opening the Image to
  • 5.3.3 Stage 3: Creating the Windows
  • 5.3.4 Stage 4: Creating the Initial
  • 5.3.5 Stage 5: Performing Windows Su
  • 5.3.6 Stage 6: Starting Execution of
  • 5.3.7 Stage 7: Performing Process In
  • 5.4 Thread Internals
  • 5.5 examining Thread activity
  • 5.6 Worker Factories (Thread Pools)
  • 5.7 Thread Scheduling
  • 5.7.1 Overview of Windows Scheduling
  • 5.7.2 Priority Levels
  • 5.7.3 Windows Scheduling APIs
  • 5.7.4 Relevant Tools
  • 5.7.5 Real-Time Priorities
  • 5.7.6 Thread States
  • 5.7.7 Dispatcher Database
  • 5.7.8 Quantum
  • 5.7.9 Scheduling Scenarios
  • 5.7.10 Context Switching
  • 5.7.11 Idle Thread
  • 5.7.12 Priority Boosts(1)
  • 5.7.12 Priority Boosts(2)
  • 5.7.12 Priority Boosts(3)
  • 5.7.12 Priority Boosts(4)
  • 5.7.12 Priority Boosts(5)
  • 5.7.12 Priority Boosts(6)
  • 5.7.13 Multiprocessor Systems(1)
  • 5.7.13 Multiprocessor Systems(2)
  • 5.7.13 Multiprocessor Systems(3)
  • 5.7.14 Multiprocessor Thread-Schedul
  • 5.7.15 CPU Rate Limits
  • 5.8 Job Objects
  • 6 Security
  • 6.1 Security Ratings
  • 6.2 Security System Components
  • 6.3 Protecting Objects
  • 6.3.1 Access Checks(1)
  • 6.3.1 Access Checks(2)
  • 6.3.1 Access Checks(3)
  • 6.3.1 Access Checks(4)
  • 6.3.1 Access Checks(5)
  • 6.3.1 Access Checks(6)
  • 6.3.2 Security Descriptors and Acces
  • 6.3.2 Security Descriptors and Acces
  • 6.3.2 Security Descriptors and Acces
  • 6.3.2 Security Descriptors and Acces
  • 6.4 account Rights and Privileges
  • 6.4.1 Account Rights
  • 6.4.2 Privileges
  • 6.4.3 Super Privileges
  • 6.5 Security auditing
  • 6.6 logon
  • 6.6.1 Winlogon Initialization
  • 6.6.2 User Logon Steps
  • 6.7 user account Control
  • 6.7.1 Virtualization
  • 6.7.2 Elevation
  • 6.8 Software Restriction Policies
  • chapter seven and chapter eight
  • 7 I/O System
  • 7.1 I/O System Components
  • 7.2 Device Drivers
  • 7.2.1 Types of Device Drivers
  • 7.2.2 Structure of a Driver
  • 7.2.3 Driver Objects and Device Obje
  • 7.2.4 Opening Devices(1)
  • 7.2.4 Opening Devices(2)
  • 7.3 I/O Processing
  • 7.3.1 Types of I/O(1)
  • 7.3.1 Types of I/O(2)
  • 7.3.1 Types of I/O(3)
  • 7.3.2 I/O Request to a Single-Layere
  • 7.3.2 I/O Request to a Single-Layere
  • 7.3.3 I/O Requests to Layered Driver
  • 7.3.3 I/O Requests to Layered Driver
  • 7.3.4 I/O Cancellation
  • 7.3.5 I/O Completion Ports
  • 7.3.6 I/O Prioritization
  • 7.3.7 Driver Verifier
  • 7.4 Kernel-Mode Driver Framework (KM
  • 7.4.1 Structure and Operation of a K
  • 7.4.2 KMDF Data Model
  • 7.4.3 KMDF I/O Model
  • 7.5 user-Mode Driver Framework (uMDF
  • 7.6 The Plug and Play (PnP) Manager
  • 7.6.1 Level of Plug and Play Support
  • 7.6.2 Driver Support for Plug and Pl
  • 7.6.3 Driver Loading, Initialization
  • 7.6.3 Driver Loading, Initialization
  • 7.6.3 Driver Loading, Initialization
  • 7.6.4 Driver Installation
  • 7.7 The Power Manager
  • 7.7.1 Power Manager Operation
  • 7.7.2 Driver Power Operation
  • 7.7.3 Driver and Application Control
  • 8 Storage Management
  • 8.1 Storage Terminology
  • 8.2 Disk Drivers
  • 8.2.1 Winload
  • 8.2.2 Disk Class, Port, and Miniport
  • 8.2.3 Disk Device Objects
  • 8.2.4 Partition Manager
  • 8.3 Volume Management
  • 8.3.1 Basic Disks
  • 8.3.2 Dynamic Disks
  • 8.3.3 Multipartition Volume Manageme
  • 8.3.4 The Volume Namespace(1)
  • 8.3.4 The Volume Namespace(2)
  • 8.3.5 Volume I/O Operations
  • 8.3.6 Virtual Disk Service
  • 8.4 BitLocker Drive encryption
  • 8.4.1 BitLocker Architecture
  • 8.4.2 Encryption Keys
  • 8.4.3 Trusted Platform Module (TPM)
  • 8.4.4 BitLocker Boot Process
  • 8.4.5 BitLocker Key Recovery
  • 8.4.6 Full Volume Encryption Driver
  • 8.4.7 BitLocker Management
  • 8.5.1 Shadow Copies
  • 8.5.2 VSS Architecture
  • 8.5.3 VSS Operation
  • 8.5.4 Uses in Windows
  • chapter
  • 9 Memory Management
  • 9.1 Introduction to the Memory Manag
  • 9.2 Services the Memory Manager Prov
  • 9.2.1 Large and Small Pages
  • 9.2.2 Reserving and Committing Pages
  • 9.2.3 Locking Memory
  • 9.2.4 Allocation Granularity
  • 9.2.5 Shared Memory and Mapped Files
  • 9.2.6 Protecting Memory
  • 9.2.7 No Execute Page Protection
  • 9.2.8 Copy-on-Write
  • 9.2.9 Address Windowing Extensions
  • 9.3 Kernel-Mode Heaps (System Memory
  • 9.3.1 Pool Sizes
  • 9.3.2 Monitoring Pool Usage
  • 9.3.3 Look-Aside Lists
  • 9.4 Heap Manager
  • 9.4.1 Types of Heaps
  • 9.4.2 Heap Manager Structure
  • 9.4.3 Heap Synchronization
  • 9.4.4 The Low Fragmentation Heap
  • 9.4.5 Heap Security Features
  • 9.4.6 Heap Debugging Features
  • 9.4.7 Pageheap
  • 9.5 Virtual address Space layouts
  • 9.5.1 x86 Address Space Layouts
  • 9.5.2 x86 System Address Space Layou
  • 9.5.3 x86 Session Space
  • 9.5.4 System Page Table Entries
  • 9.5.5 64-Bit Address Space Layouts
  • 9.5.6 64-Bit Virtual Addressing Limi
  • 9.5.7 Dynamic System Virtual Address
  • 9.5.8 System Virtual Address Space Q
  • 9.5.9 User Address Space Layout
  • 9.6 address Translation
  • 9.6.1 x86 Virtual Address Translatio
  • 9.6.2 Translation Look-Aside Buffer
  • 9.6.3 Physical Address Extension (PA
  • 9.6.4 IA64 Virtual Address Translati
  • 9.6.4 x64 Virtual Address Translatio
  • 9.7 Page Fault Handling
  • 9.7.1 Invalid PTEs
  • 9.7.2 Prototype PTEs
  • 9.7.3 In-Paging I/O
  • 9.7.4 Collided Page Faults
  • 9.7.5 Clustered Page Faults
  • 9.7.6 Page Files
  • 9.8 Stacks
  • 9.9 Virtual address Descriptors
  • 9.10 NuMa
  • 9.11 Section Objects
  • 9.12 Driver Verifier
  • 9.13 Page Frame Number Database
  • 9.13.1 Page List Dynamics
  • 9.13.2 Page Priority
  • 9.13.3 Modified Page Writer
  • 9.13.4 PFN Data Structures
  • 9.14 Physical Memory limits
  • 9.15 Working Sets
  • 9.15.1 Demand Paging
  • 9.15.2 Logical Prefetcher
  • 9.15.3 Placement Policy
  • 9.15.4 Working Set Management
  • 9.15.5 Balance Set Manager and Swapp
  • 9.15.6 System Working Set
  • 9.15.7 Memory Notification Events
  • 9.16 Proactive Memory Management (Su
  • 9.16.1 Components
  • 9.16.2 Tracing and Logging
  • 9.16.3 Scenarios
  • 9.16.4 Page Priority and Rebalancing
  • 9.16.5 Robust Performance
  • 9.16.6 ReadyBoost
  • 9.16.6 ReadyDrive
  • 10 Cache Manager
  • 10.1 Key Features of the Cache Manag
  • 10.2 Cache Virtual Memory Management
  • 10.3 Cache Size
  • 10.4 Cache Data Structures
  • 10.4.1 Systemwide Cache Data Structu
  • 10.4.2 Per-File Cache Data Structure
  • 10.5 File System interfaces
  • 10.5.1 Copying to and from the Cache
  • 10.5.2 Caching with the Mapping and
  • 10.5.3 Caching with the Direct Memor
  • 10.6 Fast i/O
  • 10.7 read ahead and Write behind
  • 10.7.1 Intelligent Read-Ahead
  • 10.7.2 Write-Back Caching and Lazy W
  • 10.7.3 Write Throttling
  • 10.7.4 System Threads
  • chapter
  • 11 File Systems
  • 11.1 Windows File System Formats
  • 11.2 File System Driver architecture
  • 11.2.1 Local FSDs
  • 11.2.2 Remote FSDs
  • 11.2.3 File System Operation
  • 11.2.4 File System Filter Drivers
  • 11.3 Troubleshooting File System Pro
  • 11.4 Common log File System(1)
  • 11.4 Common log File System(2)
  • 11.5 NTFS Design goals and Features
  • 11.5 NTFS Design goals and Features
  • 11.5 NTFS Design goals and Features
  • 11.5 NTFS Design goals and Features
  • 11.5 NTFS Design goals and Features
  • 11.5 NTFS Design goals and Features
  • 11.5 NTFS Design goals and Features
  • 11.6 NTFS File System Driver
  • 11.7 NTFS On-Disk Structure(1)
  • 11.7 NTFS On-Disk Structure(2)
  • 11.7 NTFS On-Disk Structure(3)
  • 11.7 NTFS On-Disk Structure(4)
  • 11.7 NTFS On-Disk Structure(5)
  • 11.7 NTFS On-Disk Structure(6)
  • 11.7 NTFS On-Disk Structure(7)
  • 11.7 NTFS On-Disk Structure(8)
  • 11.7 NTFS On-Disk Structure(9)
  • 11.7 NTFS On-Disk Structure(10)
  • 11.7 NTFS On-Disk Structure(11)
  • 11.7 NTFS On-Disk Structure(12)
  • 11.7 NTFS On-Disk Structure(13)
  • 11.7 NTFS On-Disk Structure(14)
  • 11.7 NTFS On-Disk Structure(15)
  • 11.8 NTFS recovery Support
  • 11.8.1 Design
  • 11.8.2 Metadata Logging
  • 11.8.3 Recovery
  • 11.8.4 NTFS Bad-Cluster Recovery
  • 11.8.5 Self-Healing
  • 11.9 encrypting File System Security
  • 11.9.1 Encrypting a File for the Fir
  • 11.9.2 The Decryption Process
  • 11.9.3 Backing Up Encrypted Files
  • 12 Networking
  • 12.1 Windows Networking Architecture
  • 12.1.1 The OSI Reference Model
  • 12.1.2 Windows Networking Components
  • 12.2 Networking APis
  • 12.2.1 Windows Sockets(1)
  • 12.2.1 Windows Sockets(2)
  • 12.2.2 Winsock Kernel (WSK)
  • 12.2.3 Remote Procedure Call
  • 12.2.4 Web Access APIs
  • 12.2.5 Named Pipes and Mailslots
  • 12.2.5 Named Pipes and Mailslots(2)
  • 12.2.5 Named Pipes and Mailslots(3)
  • 12.2.6 NetBIOS
  • 12.2.7 Other Networking APIs
  • 12.3 Multiple redirector Support
  • 12.3.1 Multiple Provider Router
  • 12.3.2 Multiple UNC Provider
  • 12.4 Name resolution
  • 12.5 Location and Topology
  • 12.6 Protocol Drivers(1)
  • 12.6 Protocol Drivers(2)
  • 12.6 Protocol Drivers(3)
  • 12.7 NDiS Drivers(1)
  • 12.7 NDiS Drivers(2)
  • 12.7.1 Variations on the NDIS Minipo
  • 12.7.2 Connection-Oriented NDIS
  • 12.7.3 Remote NDIS
  • 12.7.4 QoS
  • 12.8 Binding
  • 12.9 Layered Network Services(1)
  • 12.9 Layered Network Services(2)
  • 12.9 Layered Network Services(3)
  • 随便说两句
    留言共
    匿名发表 验证码: (点击进行更换)
    作译者简介
    Ben Fathi
      
    本作者其他图书
    相关图书
       作者:张楚雄 孟秋菊 译
      百科全书式的Windows Server 2012 R2资源大全 通过本书,您可以了解Hyper-V的新增功能,以及远程连接到办公室的新颖
    ·Windows Server 2003网络管理员完全
    ·Windows内核设计思想
    ·非常网管——Windows Server 2008配
    ·超级网管员——网络应用
    ·深入解析Windows操作系统:第6版(上
    相关技术专题

    51CTO旗下网站

    领先的IT技术网站 51CTO 中国首个CIO网站 CIOage 中国首家数字医疗网站 HC3i 51CTO学院