Critical Regions和Guarded Regions区别
KeEnterCriticalRegion和KeLeaveCriticalRegion配合使用,能禁止用户模式APC和普通内核模式APC的调用,但是不能禁止特殊内核模式的调用(NormalRoutine为空的内核模式APC)
KeEnterGuardedRegion和KeLeaveGuardedRegion能禁止所有APC调用
KeEnterCriticalRegion会调用KeEnterCriticalRegionThread()函数,再看看KeEnterCriticalRegionThread()的内部实现
FORCEINLINE
VOID
KeEnterCriticalRegionThread (
PKTHREAD Thread
) /*++ Routine Description: This function disables kernel APC's for the current thread. N.B. The following code does not require any interlocks. There are
two cases of interest: 1) On an MP system, the thread cannot
be running on two processors as once, and 2) if the thread is
is interrupted to deliver a kernel mode APC which also calls
this routine, the values read and stored will stack and unstack
properly. Arguments: Thread - Supplies a pointer to the current thread. N.B. This must be a pointer to the current thread. Return Value: None. --*/ { ASSERT(Thread == KeGetCurrentThread()); ASSERT((Thread->KernelApcDisable <= ) && (Thread->KernelApcDisable != -)); Thread->KernelApcDisable -= ;
KeMemoryBarrierWithoutFence();
return;
}
KeEnterGuardRegion会调用KeEnterGuardRegionThread()函数,再看看KeEnterGuardRegionThread()的内部实现
FORCEINLINE
VOID
KeEnterGuardedRegionThread (
IN PKTHREAD Thread
) /*++ Routine Description: This function disables special kernel APC's for the current thread. N.B. The following code does not require any interlocks. There are
two cases of interest: 1) On an MP system, the thread cannot
be running on two processors as once, and 2) if the thread is
is interrupted to deliver a kernel mode APC which also calls
this routine, the values read and stored will stack and unstack
properly. Arguments: Thread - Supplies a pointer to the current thread. N.B. This must be a pointer to the current thread. Return Value: None. --*/ { ASSERT(KeGetCurrentIrql() <= APC_LEVEL); ASSERT(Thread == KeGetCurrentThread()); ASSERT((Thread->SpecialApcDisable <= ) && (Thread->SpecialApcDisable != -)); Thread->SpecialApcDisable -= ;
KeMemoryBarrierWithoutFence();
return;
}
注意两者之间的区别
KeEnterCriticalRegionThread中为
Thread->KernelApcDisable -= 1;
KeEnterGuardRegionThread中为
Thread->SpecialApcDisable -= 1;
再看看这里的改变会对APC的派发有什么影响,查看KiDeliverApc函数代码
VOID
KiDeliverApc (
IN KPROCESSOR_MODE PreviousMode,
IN PKEXCEPTION_FRAME ExceptionFrame,
IN PKTRAP_FRAME TrapFrame
) /*++ Routine Description: This function is called from the APC interrupt code and when one or
more of the APC pending flags are set at system exit and the previous
IRQL is zero. All special kernel APC's are delivered first, followed
by normal kernel APC's if one is not already in progress, and finally
if the user APC queue is not empty, the user APC pending flag is set,
and the previous mode is user, then a user APC is delivered. On entry
to this routine IRQL is set to APC_LEVEL. N.B. The exception frame and trap frame addresses are only guaranteed
to be valid if, and only if, the previous mode is user. Arguments: PreviousMode - Supplies the previous processor mode. ExceptionFrame - Supplies a pointer to an exception frame. TrapFrame - Supplies a pointer to a trap frame. Return Value: None. --*/ { PKAPC Apc;
PKKERNEL_ROUTINE KernelRoutine;
KLOCK_QUEUE_HANDLE LockHandle;
PLIST_ENTRY NextEntry;
PVOID NormalContext;
PKNORMAL_ROUTINE NormalRoutine;
PKTRAP_FRAME OldTrapFrame;
PKPROCESS Process;
PVOID SystemArgument1;
PVOID SystemArgument2;
PKTHREAD Thread; //
// If the thread was interrupted in the middle of the SLIST pop code,
// then back up the PC to the start of the SLIST pop.
// if (TrapFrame != NULL) {
KiCheckForSListAddress(TrapFrame);
} //
// Save the current thread trap frame address and set the thread trap
// frame address to the new trap frame. This will prevent a user mode
// exception from being raised within an APC routine.
// Thread = KeGetCurrentThread();
OldTrapFrame = Thread->TrapFrame;
Thread->TrapFrame = TrapFrame; //
// If special APC are not disabled, then attempt to deliver one or more
// APCs.
// Process = Thread->ApcState.Process;
Thread->ApcState.KernelApcPending = FALSE;
if (Thread->SpecialApcDisable == ) { //
// If the kernel APC queue is not empty, then attempt to deliver a
// kernel APC.
//
// N.B. The following test is not synchronized with the APC insertion
// code. However, when an APC is inserted in the kernel queue of
// a running thread an APC interrupt is requested. Therefore, if
// the following test were to falsely return that the kernel APC
// queue was empty, an APC interrupt would immediately cause this
// code to be executed a second time in which case the kernel APC
// queue would found to contain an entry.
// KeMemoryBarrier();
while (IsListEmpty(&Thread->ApcState.ApcListHead[KernelMode]) == FALSE) { //
// Raise IRQL to dispatcher level, lock the APC queue, and check
// if any kernel mode APC's can be delivered.
//
// If the kernel APC queue is now empty because of the removal of
// one or more entries, then release the APC lock, and attempt to
// deliver a user APC.
// KeAcquireInStackQueuedSpinLock(&Thread->ApcQueueLock, &LockHandle);
NextEntry = Thread->ApcState.ApcListHead[KernelMode].Flink;
if (NextEntry == &Thread->ApcState.ApcListHead[KernelMode]) {
KeReleaseInStackQueuedSpinLock(&LockHandle);
break;
} //
// Clear kernel APC pending, get the address of the APC object,
// and determine the type of APC.
//
// N.B. Kernel APC pending must be cleared each time the kernel
// APC queue is found to be non-empty.
// Thread->ApcState.KernelApcPending = FALSE;
Apc = CONTAINING_RECORD(NextEntry, KAPC, ApcListEntry);
ReadForWriteAccess(Apc);
KernelRoutine = Apc->KernelRoutine;
NormalRoutine = Apc->NormalRoutine;
NormalContext = Apc->NormalContext;
SystemArgument1 = Apc->SystemArgument1;
SystemArgument2 = Apc->SystemArgument2;
if (NormalRoutine == (PKNORMAL_ROUTINE)NULL) { //
// First entry in the kernel APC queue is a special kernel APC.
// Remove the entry from the APC queue, set its inserted state
// to FALSE, release dispatcher database lock, and call the kernel
// routine. On return raise IRQL to dispatcher level and lock
// dispatcher database lock.
// RemoveEntryList(NextEntry);
Apc->Inserted = FALSE;
KeReleaseInStackQueuedSpinLock(&LockHandle);
(KernelRoutine)(Apc,
&NormalRoutine,
&NormalContext,
&SystemArgument1,
&SystemArgument2); #if DBG if (KeGetCurrentIrql() != LockHandle.OldIrql) {
KeBugCheckEx(IRQL_UNEXPECTED_VALUE,
KeGetCurrentIrql() << | LockHandle.OldIrql << ,
(ULONG_PTR)KernelRoutine,
(ULONG_PTR)Apc,
(ULONG_PTR)NormalRoutine);
} #endif } else { //
// First entry in the kernel APC queue is a normal kernel APC.
// If there is not a normal kernel APC in progress and kernel
// APC's are not disabled, then remove the entry from the APC
// queue, set its inserted state to FALSE, release the APC queue
// lock, call the specified kernel routine, set kernel APC in
// progress, lower the IRQL to zero, and call the normal kernel
// APC routine. On return raise IRQL to dispatcher level, lock
// the APC queue, and clear kernel APC in progress.
// if ((Thread->ApcState.KernelApcInProgress == FALSE) &&
(Thread->KernelApcDisable == )) { RemoveEntryList(NextEntry);
Apc->Inserted = FALSE;
KeReleaseInStackQueuedSpinLock(&LockHandle);
(KernelRoutine)(Apc,
&NormalRoutine,
&NormalContext,
&SystemArgument1,
&SystemArgument2); #if DBG if (KeGetCurrentIrql() != LockHandle.OldIrql) {
KeBugCheckEx(IRQL_UNEXPECTED_VALUE,
KeGetCurrentIrql() << | LockHandle.OldIrql << | ,
(ULONG_PTR)KernelRoutine,
(ULONG_PTR)Apc,
(ULONG_PTR)NormalRoutine);
} #endif if (NormalRoutine != (PKNORMAL_ROUTINE)NULL) {
Thread->ApcState.KernelApcInProgress = TRUE;
KeLowerIrql();
(NormalRoutine)(NormalContext,
SystemArgument1,
SystemArgument2); KeRaiseIrql(APC_LEVEL, &LockHandle.OldIrql);
} Thread->ApcState.KernelApcInProgress = FALSE; } else {
KeReleaseInStackQueuedSpinLock(&LockHandle);
goto CheckProcess;
}
}
} //
// Kernel APC queue is empty. If the previous mode is user, user APC
// pending is set, and the user APC queue is not empty, then remove
// the first entry from the user APC queue, set its inserted state to
// FALSE, clear user APC pending, release the dispatcher database lock,
// and call the specified kernel routine. If the normal routine address
// is not NULL on return from the kernel routine, then initialize the
// user mode APC context and return. Otherwise, check to determine if
// another user mode APC can be processed.
//
// N.B. There is no race condition associated with checking the APC
// queue outside the APC lock. User APCs are always delivered at
// system exit and never interrupt the execution of the thread
// in the kernel.
// if ((PreviousMode == UserMode) &&
(IsListEmpty(&Thread->ApcState.ApcListHead[UserMode]) == FALSE) &&
(Thread->ApcState.UserApcPending != FALSE)) { //
// Raise IRQL to dispatcher level, lock the APC queue, and deliver
// a user mode APC.
// KeAcquireInStackQueuedSpinLock(&Thread->ApcQueueLock, &LockHandle); //
// If the user APC queue is now empty because of the removal of
// one or more entries, then release the APC lock and exit.
// Thread->ApcState.UserApcPending = FALSE;
NextEntry = Thread->ApcState.ApcListHead[UserMode].Flink;
if (NextEntry == &Thread->ApcState.ApcListHead[UserMode]) {
KeReleaseInStackQueuedSpinLock(&LockHandle);
goto CheckProcess;
} Apc = CONTAINING_RECORD(NextEntry, KAPC, ApcListEntry);
ReadForWriteAccess(Apc);
KernelRoutine = Apc->KernelRoutine;
NormalRoutine = Apc->NormalRoutine;
NormalContext = Apc->NormalContext;
SystemArgument1 = Apc->SystemArgument1;
SystemArgument2 = Apc->SystemArgument2;
RemoveEntryList(NextEntry);
Apc->Inserted = FALSE;
KeReleaseInStackQueuedSpinLock(&LockHandle);
(KernelRoutine)(Apc,
&NormalRoutine,
&NormalContext,
&SystemArgument1,
&SystemArgument2); if (NormalRoutine == (PKNORMAL_ROUTINE)NULL) {
KeTestAlertThread(UserMode); } else {
KiInitializeUserApc(ExceptionFrame,
TrapFrame,
NormalRoutine,
NormalContext,
SystemArgument1,
SystemArgument2);
}
}
} //
// Check if process was attached during the APC routine.
// CheckProcess:
if (Thread->ApcState.Process != Process) {
KeBugCheckEx(INVALID_PROCESS_ATTACH_ATTEMPT,
(ULONG_PTR)Process,
(ULONG_PTR)Thread->ApcState.Process,
(ULONG)Thread->ApcStateIndex,
(ULONG)KeIsExecutingDpc());
} //
// Restore the previous thread trap frame address.
// Thread->TrapFrame = OldTrapFrame;
return;
}
可以看到,这个函数会判断Thread->SpecialApcDisable 和 Thread->KernelApcSidable 的值,如果Thread->SpecialApcDisable 为0,会先派发特殊内核APC,然后判断Thread->KernelApcDisable是否为0,为0 就去进一步的派发普通内核 Apc和 用户Apc
后续再补充代码实现细节.
Critical Regions和Guarded Regions区别的更多相关文章
- Windows内核开发-6-内核机制 Kernel Mechanisms
Windows内核开发-6-内核机制 Kernel Mechanisms 一部分Windows的内核机制对于驱动开发很有帮助,还有一部分对于内核理解和调试也很有帮助. Interrupt Reques ...
- [REP]AWS Regions and Availability Zones: the simplest explanation you will ever find around
When it comes to Amazon Web Services, there are two concepts that are extremely important and spanni ...
- Windows Kernel Security Training Courses
http://www.codemachine.com/courses.html#kerdbg Windows Kernel Internals for Security Researchers Thi ...
- C puzzles详解【51-57题】
第五十一题 Write a C function which does the addition of two integers without using the '+' operator. You ...
- mser 最大稳定极值区域(文字区域定位)算法 附完整C代码
mser 的全称:Maximally Stable Extremal Regions 第一次听说这个算法时,是来自当时部门的一个同事, 提及到他的项目用它来做文字区域的定位,对这个算法做了一些优化. ...
- Hbase学习02
第2章 Apache HBase配置 本章在“入门”一章中进行了扩展,以进一步解释Apache HBase的配置. 请仔细阅读本章,特别是基本先决条件,确保您的HBase测试和部署顺利进行,并防止数据 ...
- fasta/fastq格式解读
1)知识简介--------------------------------------------------------1.1)测序质量值 首先在了解fastq,fasta之前,了解一下什么是质量 ...
- [libgdx游戏开发教程]使用Libgdx进行游戏开发(4)-素材管理
游戏中总是有大量的图像资源,我们通常的做法是把要用的图片做成图片集,这样做的好处就不多说了.直接来看怎么用. 这里我们使用自己的类Assets来管理它们,让这个工具类作为我们的资源管家,从而可以在任何 ...
- 目标检测之线段检测---lsd line segment detector
(1)线段检测应用背景 (2)线段检测原理简介 (3)线段检测实例 a line segment detector (4)hough 变换和 lsd 的区别 --------------------- ...
随机推荐
- csv文件乱码
问题描述: 生成的csv文件,设置为UTF-8格式,在windows上用EXCEL打开的话会乱码,在linux上用vim或者cat打开查看正常:设置为GBK格式的话,在windows上用EXCEL打开 ...
- VC6.0快捷键一览表
F1 显示帮助,如果光标停在代码的某个字符上,显示MSDN中相应的帮助内容 F2 书签功能: Ctrl+F2 –在某行设置一个书签(再按一次次是取消) F2 –跳到下一个书签位置 Shift+F2 – ...
- 解决ImageCropperComponent发布报错
ng serve可以正常运行,npm run build 就会报错: ERROR in : Type ImageCropperComponent in -/node_modules/ng2-img-c ...
- C# 判断质数的2种基本方法
质数(prime number)又称素数,有无限个. 质数定义为在大于1的自然数中,除了1和它本身以外不再有其他因数. 目前学习了判断数字n是否为质数的2种基本方法: 一.计数法 根据定义,既然质数只 ...
- 使用WebService调用第三方服务
场景 某个系统服务由第三方提供,我方要使用到这个这个服务,就可以使用WebService的方式. 什么是WebService 关于什么WebService,官方是这么解释的: Web service是 ...
- Java50道经典习题-程序12 计算奖金
题目:企业发放的奖金根据利润提成.利润(I)低于或等于10万元时,奖金可提10%: 利润高于10万元,低于20万元时,低于10万元的部分按10%提成,高于10万元的部分,可提成7.5%: ...
- 486. Predict the Winner
Given an array of scores that are non-negative integers. Player 1 picks one of the numbers from eith ...
- 使用git提交代码流程
一.拉取最新代码 一般在本地进行开发时,都是切换到自己的dev分支进行开发,当开发完成需要进行代码提交,在进行代码提交前需要先进行拉取远程仓库代码,进行更新,但是此时会提示需要将本地代码进行commi ...
- ROS(URDF机器人建模)
新建功能包mbot_description 在功能包下新建文件config,launch,meshes,urdf. 在launch文件夹下新建文件display_mbot_base_urdf.laun ...
- IntelliJ IDEA 配置JSP & Servlet开发环境
首先我们要安装和配置好JAVA和TOMCAT,这里不再详细描述 下载地址: JAVA:https://www.oracle.com/technetwork/java/javase/downloads/ ...