Page 366 - DCAP103_Principle of operating system
P. 366

Unit 12: Processes and Threads in Windows



                                                                                                  Notes
            used after the first user has logged in (but has done nothing) is not the user’s fault. The culprit is
            services.exe creating all the services. In addition, it also loads any remaining device drivers that have
            not yet been loaded. The hierarchy of initial processes and some typical services are shown in Figure 12.8.


              Figure 12.8: The processes starting up during the boot phase. The ones above the line
               are always started. The ones below it are examples of services that could be started


                  Process               Description

              idle                      Not really a process, but home to the idle thread
                                        Creates  smss.exe  &  paging  files;  reads  registry;  opens
                  system
                                        DLLs
                  smss.exe              First real proc; much initialization; creates csrss & winlogon

                  csrss.exe             Win32 subsystem process
                  winlogon.exe          Login daemon
                  lsass.exe             Authentication manager

                  services.exe          Looks in registry and starts services
                  Printer server        Allows remote jobs to use the printer
                  File server           Serves requests for local files

                  Telnet daemon         Allows remote logins
                  Incoming email handler  Accepts and stores inbound email

                  Incoming fax handler  Accepts and prints inbound faxes
                  DNS resolver          Internet domain name system server
                  Event logger          Logs various system events
                  Plug-and-play manager  Monitors hardware to see what is out there


            Winlogon.exe is also responsible for all user logins. The actual login dialog is handled by a
            separate program in msgina.dll to make it possible for third parties to replace the standard login
            with faceprint identification or something else other than name and password. After a successful
            login, winlogon.exe gets the user’s profile from the registry and from it determines which shell
            to run. Many people do not realize it, but the standard Windows desktop is justexplorer.exe
            with some options set. If desired, a user can select any other program as the shell, including
            the command prompt or even Word, by editing the registry. However, editing the registry is
            not for the faint of heart; a mistake here can make the system unusable.

            12.3 Memory Management


            Windows 2000 has an extremely sophisticated virtual memory system. It has a number of Win32
            functions for using it and part of the executive plus six dedicated kernel threads for managing
            it. In the following sections, we will look at the fundamental concepts, the Win32 API calls, and
            finally the implementation.

            12.3.1 Fundamental Concepts of Memory Management
            In Windows 2000, every user process has its own virtual address space. Virtual addresses are
            32 bits long, so each process has 4 GB of virtual address space. The lower 2 GB minus about


                                             LOVELY PROFESSIONAL UNIVERSITY                                   359
   361   362   363   364   365   366   367   368   369   370   371