WSL(Windows Subsystem for Linux)--Pico Process Overview

来源:https://www.cnblogs.com/yitouniu/archive/2018/11/29/10039315.html
-Advertisement-
Play Games

【轉載】 Windows Subsystem for Linux -- Pico Process Overview Overview This post discusses pico processes, the foundation of WSL. It explains how pico pro ...


【轉載】

Windows Subsystem for Linux -- Pico Process Overview

Overview

This post discusses pico processes, the foundation of WSL.  It explains how pico processes work in Windows and goes into the history of how they came to be, the abstractions we decided to implement and the various use cases beyond WSL that emerged. Armed with this context, the next series of posts will dive into specific areas of how exactly WSL works.

Drawbridge

The pico process concept originated in MSR as part of the Drawbridge project. A goal of this project was to implement a lightweight way to run an application in an isolated environment, with the application’s OS dependencies decoupled from the underlying host OS (e.g., XP application running on Windows 10).  Normally, this would be done by running the application and OS in a virtual machine, but this comes with significant resource overhead. Instead, the Drawbridge project aimed to run the target application and OS entirely within the user-mode address space of a single process on the host OS. With its reduced overhead, when compared to a VM, this approach allows for greater density of application workloads on a single host while still providing much of the same isolation and compatibility guarantees. Check out the official Drawbridge project page for more detailed information for how they pulled this off.

In Drawbridge, the “library OS” was the target OS of the application workload.  To support a library OS that differs from the underlying host OS in addition to running the library OS in user-mode, the MSR folks needed the host OS to get out of the way and stop trying to manage the user-mode address space inside this process. They coined this type of process a “pico process” on the host side to indicate that it is a smaller version of a normal host process. A kernel-mode driver was responsible for supporting the pico process and acting as the broker between the host OS kernel and the library OS in user-mode.

Of course, proper support for this on top of a publicly released and supported version of Windows would require core Windows kernel changes to add the facilities necessary for pico processes. The MSR team brought this idea to us over in the kernel team toward the beginning of 2013, and we all agreed it would be great feature to add. In fact, we realized that this approach aligned well with some internal discussion we had been having around longer-term strategy to bring back the idea of subsystems to facilitate future architectural changes within Windows. This initial support for pico processes first appeared in Windows 8.1 and Windows Server 2012R2 but was limited to Drawbridge. Pico process support was later expanded to other Windows features.

Minimal Process

As we started implementing official support for pico processes, we decided to split the abstraction into two layers:

  • Minimal process: This is the most rudimentary type of process. Specifically, a process marked as a minimal process tells the rest of the host to get out of the way and not manage it. From the Windows kernel point of view, it is simply an empty user-mode address space.
  • Pico process: This is a minimal process with an associated pico provider kernel-mode driver to manage that empty user-mode address space.

picoProcess

Unlike traditional NT processes, when creating a minimal process, the user-mode address space is untouched and no threads are created to run in that process. Various locations in the kernel were surgically updated to skip user-mode address space setup, including:

  • The user-mode binary ntdll.dll is not mapped into the process by default.
  • The process environment block (PEB) is not created.
  • There is no initial thread created, and thread environment blocks (TEBs) are not automatically created whenever a thread is created for the pico process.
  • The shared user data section is not mapped into the process. This is a block of memory mapped read-only into all user-mode address space for efficient retrieval of common system-wide information.
  • Various places that assumed a process would always have a PEB and/or TEBs were updated to be able to handle processes without them.

While the Windows kernel does not actively manage a minimal process, it still provides all of the underlying OS support you would expect – thread scheduling, memory management, etc.

You may be wondering – why did we separate the notion of “minimal” and “pico” processes? The idea of an empty minimal process seemed useful on its own, separate from anything related to supporting a pico process. While we had nothing specific in mind around this time back in 2013, eventually a couple of scenarios did surface in Windows 10 that are now using minimal processes directly:

  • Memory Compression: Memory compression is a Windows feature that compresses unused memory to keep more data resident in RAM. It also reduces the amount of data written to and read from the pagefile, thus improving performance. Windows memory compression utilizes the user-mode address space of a minimal process.
  • Virtualization based Security (VBS): Using underlying virtualization capabilities, VBS isolates the user-mode address space of critical user-mode processes from the rest of the OS to prevent tampering, even from the kernel or kernel-mode drivers. A minimal process is created to indicate to management tools (e.g., Task Manager) that VBS is running.

Pico Processes and Providers

A pico process is simply a minimal process that is associated with a pico provider kernel-mode driver. This pico provider surfaces the entire kernel interface as far as the user-mode portion of the process is concerned. The Windows kernel passes all system calls and exceptions that originate from the user-mode portion of a pico process to the pico provider to handle as it sees fit. This allows the pico provider to model a different user/kernel contract separate from what Windows would normally provide.

Early during boot, a kernel-mode driver registers with the Windows kernel as a pico provider, and the kernel and provider exchange a set of interfaces specific to the needs of a pico provider. For example, the pico provider provides function pointers for the kernel to call when dispatching a user-mode system call or exception, and the kernel provides function pointers for creating pico processes and threads.

Regardless of what behaviors and abstractions the pico provider exposes to user-mode, it ultimately will rely on the Windows kernel for underlying support of thread scheduling, memory management and I/O. Of course, portions of the Windows kernel had to be updated to support new scenarios where needed.

Windows Kernel Changes

Later posts will detail the Windows kernel changes in more detail, but here is a quick sampling:

  • Improved fork support: Yes – the Windows kernel has supported “fork” for a long time (going back to earlier POSIX and SFU application support), but it is not exposed in the Win32 programming model that the rest of Windows is programmed against. We have improved the fork implementation to meet some new requirements as part of the WSL work.
  • Fine-grained memory management: Windows normally manages the user-mode address space in 64KB chunks, but was updated to allow management at single-page 4KB granularity for pico processes.
  • Case-sensitive file names: Again, yes – the Windows kernel and NTFS have long supported case-sensitive file names, but it is disabled by default and not exposed in the Win32 programming model. Changes were made to allow individual threads to opt-in to case-sensitivity operations to support a broader range of WSL scenarios.

您的分享是我們最大的動力!

-Advertisement-
Play Games
更多相關文章
  • crond 什麼是? crond 是linux系統中用於定期執行命令或指定程式任務的服務。一般情況下,安裝完系統操作之後,預設會啟動任務調度服務。 linux調度任務的工作可以分為兩類: 系統自身執行的工作:系統周期性執行的任務工作,如:輪詢系統日誌,備份系統數據,清理緩存等 用戶執行的工作:某個用 ...
  • 最近在開發dueros的技能,官方提供的PHPSDK中有多個實力,而運行實例的命令如下是 nohup php -S 0.0.0.0:8029 myindex.php & 從命令來看,肯定是在8029啟動了一個服務,因為之前從來沒有用過這個Linux命令,所以對這個命令很好奇。比如,這個命令的標準格式 ...
  • [TOC] Shell腳本規範     良好的代碼規範不僅方便閱讀,也利於維護和提升開發效率。因此建議大家在編寫Shell腳本時養成良好的代碼習慣。今天就和大家探討一下在Shell腳本中的一些規範,詳細如下所示: 1、在Shell腳本中,第一行指定腳本解釋器,如下所示: 2、在S ...
  • ifconfig命令 作用:用於顯示以及設置當前活動網卡信息 一. 顯示當前活動網卡信息 ifconfig 從上面可以看到當前主要有2塊活動網卡,eth0:代表當前本地真實網卡 lo:代表回訪網卡,也可以看到當前的ip地址:192.168.125.128 二. 重新設置網卡的ip地址,一般只有roo ...
  • 索引: 商業開發實戰總結 一、機器概述 1.屏幕:14'' 2.解析度:1920*1080 3.顯卡:Intel 核顯 & Nvidia GeForce 940MX 獨顯 ,雙顯卡 4.其它硬體在 Linux 下可忽略 二、目標概述 1.系統安裝後為中文環境 2.輸入法為中文拼音輸入法 3.屏幕顯示 ...
  • hostname命令 作用:顯示以及設置主機名 一. 顯示系統主機名 第一種方式:hostname 第二種方式:cat /etc/sysconfig/ntework 使用舉例: 從上面可以看到我的系統主機名為pclu 二. 設置系統主機名,必須是root用戶才可以執行 第一種方式:hostname ...
  • [TOC] 背景 一直沒搞清楚 與 的區別, 看著公司里遺留的shell, 也就稀里糊塗地用著... 這是很糟糕的態度 結論放前面 使進程在後臺運行, 預設輸出到標準輸出(即當前屏幕), 除非重定向輸出. 此時忽略 SIGINT 信號. ==若關閉會話, 則進程會結束== 進程仍舊在前臺跑, 預設輸 ...
  • 前言:因windows10的更新,最近很多朋友會遇到mstsc遠程連接桌面報錯: windows10企業版解決方式: 按“win+R”,運行 gpedit.msc, 找:“電腦配置”->“管理模板”->“系統”->“憑據分配”,這裡面有個“加密 Oracle 修正”,按圖修改即可; windows ...
一周排行
    -Advertisement-
    Play Games
  • 移動開發(一):使用.NET MAUI開發第一個安卓APP 對於工作多年的C#程式員來說,近來想嘗試開發一款安卓APP,考慮了很久最終選擇使用.NET MAUI這個微軟官方的框架來嘗試體驗開發安卓APP,畢竟是使用Visual Studio開發工具,使用起來也比較的順手,結合微軟官方的教程進行了安卓 ...
  • 前言 QuestPDF 是一個開源 .NET 庫,用於生成 PDF 文檔。使用了C# Fluent API方式可簡化開發、減少錯誤並提高工作效率。利用它可以輕鬆生成 PDF 報告、發票、導出文件等。 項目介紹 QuestPDF 是一個革命性的開源 .NET 庫,它徹底改變了我們生成 PDF 文檔的方 ...
  • 項目地址 項目後端地址: https://github.com/ZyPLJ/ZYTteeHole 項目前端頁面地址: ZyPLJ/TreeHoleVue (github.com) https://github.com/ZyPLJ/TreeHoleVue 目前項目測試訪問地址: http://tree ...
  • 話不多說,直接開乾 一.下載 1.官方鏈接下載: https://www.microsoft.com/zh-cn/sql-server/sql-server-downloads 2.在下載目錄中找到下麵這個小的安裝包 SQL2022-SSEI-Dev.exe,運行開始下載SQL server; 二. ...
  • 前言 隨著物聯網(IoT)技術的迅猛發展,MQTT(消息隊列遙測傳輸)協議憑藉其輕量級和高效性,已成為眾多物聯網應用的首選通信標準。 MQTTnet 作為一個高性能的 .NET 開源庫,為 .NET 平臺上的 MQTT 客戶端與伺服器開發提供了強大的支持。 本文將全面介紹 MQTTnet 的核心功能 ...
  • Serilog支持多種接收器用於日誌存儲,增強器用於添加屬性,LogContext管理動態屬性,支持多種輸出格式包括純文本、JSON及ExpressionTemplate。還提供了自定義格式化選項,適用於不同需求。 ...
  • 目錄簡介獲取 HTML 文檔解析 HTML 文檔測試參考文章 簡介 動態內容網站使用 JavaScript 腳本動態檢索和渲染數據,爬取信息時需要模擬瀏覽器行為,否則獲取到的源碼基本是空的。 本文使用的爬取步驟如下: 使用 Selenium 獲取渲染後的 HTML 文檔 使用 HtmlAgility ...
  • 1.前言 什麼是熱更新 游戲或者軟體更新時,無需重新下載客戶端進行安裝,而是在應用程式啟動的情況下,在內部進行資源或者代碼更新 Unity目前常用熱更新解決方案 HybridCLR,Xlua,ILRuntime等 Unity目前常用資源管理解決方案 AssetBundles,Addressable, ...
  • 本文章主要是在C# ASP.NET Core Web API框架實現向手機發送驗證碼簡訊功能。這裡我選擇是一個互億無線簡訊驗證碼平臺,其實像阿裡雲,騰訊雲上面也可以。 首先我們先去 互億無線 https://www.ihuyi.com/api/sms.html 去註冊一個賬號 註冊完成賬號後,它會送 ...
  • 通過以下方式可以高效,並保證數據同步的可靠性 1.API設計 使用RESTful設計,確保API端點明確,並使用適當的HTTP方法(如POST用於創建,PUT用於更新)。 設計清晰的請求和響應模型,以確保客戶端能夠理解預期格式。 2.數據驗證 在伺服器端進行嚴格的數據驗證,確保接收到的數據符合預期格 ...