NtCreateProcess and fork
in [Win32 Kernel]
|
Prev: CreateFile for USB device returns ERROR_FILE_NOT_FOUND
Next: How to dump system service dispatch table?
From: Iker Arizmendi on 18 Apr 2008 12:55 Is it possible to implement something that resembles UNIX fork() with NtCreateProcess/NtCreateThread and which is usable for non-GUI applications running under the Win32 subsystem? The CreateProcess API provides handle inheritance, so that part seems compatible with Win32. However, whether a parent's address space can be usefully inherited by a child is not clear. There are suggestions on the web that setting SectionHandle to NULL goes some way towards this, but I could find nothing on the impact this would have on Win32 DLLs already mapped by the parent, the setup of a child's stack, registration of the child with Win32, etc. Regards, Iker Arizmendi
From: Johannes Passing on 20 Apr 2008 05:56 Implementing fork is possible with the native API. The key to creating a process with cloned address space, handles and token should be (besides making all handles inheritable) to pass the handle of the parent process to the 4th parameter (InheritFromProcessHandle) and TRUE to the 5th (InheritHandles) parameter of ZwCreateProcess. However, using ZwCreateProcess, informing CSRSS and everything else necessary to create a process using the native API is pretty tedious - and all undocumented. I also think there are good reasons for this functionality not to be exposed to the Win32 API. Therefore, I am not quite convinced that using fork for Win32 processes is a very promising solution... --Johannes Iker Arizmendi wrote: > Is it possible to implement something that resembles > UNIX fork() with NtCreateProcess/NtCreateThread and > which is usable for non-GUI applications running under > the Win32 subsystem? The CreateProcess API provides > handle inheritance, so that part seems compatible with > Win32. However, whether a parent's address space can be > usefully inherited by a child is not clear. There are > suggestions on the web that setting SectionHandle to > NULL goes some way towards this, but I could find nothing > on the impact this would have on Win32 DLLs already > mapped by the parent, the setup of a child's stack, > registration of the child with Win32, etc. > > Regards, > Iker Arizmendi > -- Johannes Passing - http://int3.de/
From: Iker Arizmendi on 21 Apr 2008 13:02 I understand that these APIs are not meant for "public" consumption. The request isn't for any official docs, nor for support of any kind. I'm just looking for informal pointers and discussion from folks in the know. As to whether a Win32 fork would be promising, I think the answer to that is "yes". Of course, not all applications benefit from the availability of fork, but some do. And for authors of the latter I think a Win32 fork would be a very welcome addition. Iker "Johannes Passing" wrote: > Implementing fork is possible with the native API. The key to creating a > process with cloned address space, handles and token should be (besides > making all handles inheritable) to pass the handle of the parent process > to the 4th parameter (InheritFromProcessHandle) and TRUE to the 5th > (InheritHandles) parameter of ZwCreateProcess. > > However, using ZwCreateProcess, informing CSRSS and everything else > necessary to create a process using the native API is pretty tedious - > and all undocumented. > > I also think there are good reasons for this functionality not to be > exposed to the Win32 API. Therefore, I am not quite convinced that using > fork for Win32 processes is a very promising solution... > > --Johannes > > Iker Arizmendi wrote: > > Is it possible to implement something that resembles > > UNIX fork() with NtCreateProcess/NtCreateThread and > > which is usable for non-GUI applications running under > > the Win32 subsystem? The CreateProcess API provides > > handle inheritance, so that part seems compatible with > > Win32. However, whether a parent's address space can be > > usefully inherited by a child is not clear. There are > > suggestions on the web that setting SectionHandle to > > NULL goes some way towards this, but I could find nothing > > on the impact this would have on Win32 DLLs already > > mapped by the parent, the setup of a child's stack, > > registration of the child with Win32, etc. > > > > Regards, > > Iker Arizmendi > > > > > -- > Johannes Passing - http://int3.de/ >
From: Mikep on 21 Apr 2008 15:57 Gary Nebbett describes an implementation in his book Windows NT/2000 Native API --- http://books.google.com/books?hl=en&id=Fp1ct-bKYdcC&dq=%22gary+nebbett%22+windows+api&printsec=frontcover&source=web&ots=ciLzfYAKbI&sig=8qIdnRiHutRSrNFT_dEkwrnUchA#PPP1,M1 MIke "Iker Arizmendi" <IkerArizmendi(a)discussions.microsoft.com> wrote in message news:78098D4F-6C29-41D1-89B8-10ADF56E8FA8(a)microsoft.com... >I understand that these APIs are not meant for "public" > consumption. The request isn't for any official docs, nor > for support of any kind. I'm just looking for informal > pointers and discussion from folks in the know. > > As to whether a Win32 fork would be promising, I think > the answer to that is "yes". Of course, not all applications > benefit from the availability of fork, but some do. And for > authors of the latter I think a Win32 fork would be a > very welcome addition. > > Iker > > "Johannes Passing" wrote: > >> Implementing fork is possible with the native API. The key to creating a >> process with cloned address space, handles and token should be (besides >> making all handles inheritable) to pass the handle of the parent process >> to the 4th parameter (InheritFromProcessHandle) and TRUE to the 5th >> (InheritHandles) parameter of ZwCreateProcess. >> >> However, using ZwCreateProcess, informing CSRSS and everything else >> necessary to create a process using the native API is pretty tedious - >> and all undocumented. >> >> I also think there are good reasons for this functionality not to be >> exposed to the Win32 API. Therefore, I am not quite convinced that using >> fork for Win32 processes is a very promising solution... >> >> --Johannes >> >> Iker Arizmendi wrote: >> > Is it possible to implement something that resembles >> > UNIX fork() with NtCreateProcess/NtCreateThread and >> > which is usable for non-GUI applications running under >> > the Win32 subsystem? The CreateProcess API provides >> > handle inheritance, so that part seems compatible with >> > Win32. However, whether a parent's address space can be >> > usefully inherited by a child is not clear. There are >> > suggestions on the web that setting SectionHandle to >> > NULL goes some way towards this, but I could find nothing >> > on the impact this would have on Win32 DLLs already >> > mapped by the parent, the setup of a child's stack, >> > registration of the child with Win32, etc. >> > >> > Regards, >> > Iker Arizmendi >> > >> >> >> -- >> Johannes Passing - http://int3.de/ >>
From: JD on 22 Apr 2008 10:28 You can take a look to see how Cygwin implemented this. Cygwin is a Unix emulation library and I recall reading about how they implemented fork(). "Iker Arizmendi" <IkerArizmendi(a)discussions.microsoft.com> wrote in message news:61CECC87-CC3C-4588-B47F-C0ECECE05FB8(a)microsoft.com... > Is it possible to implement something that resembles > UNIX fork() with NtCreateProcess/NtCreateThread and > which is usable for non-GUI applications running under > the Win32 subsystem? The CreateProcess API provides > handle inheritance, so that part seems compatible with > Win32. However, whether a parent's address space can be > usefully inherited by a child is not clear. There are > suggestions on the web that setting SectionHandle to > NULL goes some way towards this, but I could find nothing > on the impact this would have on Win32 DLLs already > mapped by the parent, the setup of a child's stack, > registration of the child with Win32, etc. > > Regards, > Iker Arizmendi >
|
Next
|
Last
Pages: 1 2 Prev: CreateFile for USB device returns ERROR_FILE_NOT_FOUND Next: How to dump system service dispatch table? |