Jigar Mehta’s WebBlog

May 13, 2007

Windows Subsystem

Filed under: Uncategorized — jigarme @ 4:15 pm

As a part of my study of Windows Internals, following is something thats important when debugging the applications..

The Windows subsystem consists of the following major components:

  • The environment subsystem process (Csrss.exe) contains support for:

    • Console (text) windows

    • Creating and deleting processes and threads

    • Portions of the support for 16-bit virtual DOS machine (VDM) processes

    • Other miscellaneous functions, such as GetTempFile, DefineDosDevice, ExitWindowsEx, and several natural language support functions

  • The kernel-mode device driver (Win32k.sys) contains:

    • The window manager, which controls window displays; manages screen output; collects input from keyboard, mouse, and other devices; and passes user messages to applications.

    • The Graphics Device Interface (GDI), which is a library of functions for graphics output devices. It includes functions for line, text, and figure drawing and for graphics manipulation.

  • Subsystem DLLs (such as Kernel32.dll, Advapi32.dll, User32.dll, and Gdi32.dll) translate documented Windows API functions into the appropriate and mostly undocumented kernel-mode system service calls to Ntoskrnl.exe and Win32k.sys.

  • Graphics device drivers are hardware-dependent graphics display drivers, printer drivers, and video miniport drivers.

Stay tuned.. Wave


Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: