Slashdot Mirror
Inside the Windows Vista Kernel
Reader trparky recommends an article on Technet (which, be warned, is rather chaotically formatted). Mark Russinovich, whose company Winternals Software was recently bought by Microsoft, has published the first of a series of articles on what's new in the Vista kernel. Russinovich writes: "In this issue, I'll look at changes in the areas of processes and threads, and in I/O. Future installments will cover memory management, startup and shutdown, reliability and recovery, and security. The scope of this article comprises changes to the Windows Vista kernel only, specifically Ntoskrnl.exe and its closely associated components. Please remember that there are many other significant changes in Windows Vista that fall outside the kernel proper and therefore won't be covered."
There's a lot here, but I'm going to comment on Multimedia Class Scheduler Service (MMCSS):
Classic: multimedia apps take precedence over anti-virus.
Yet another (promised?) feature they could not deliver.
I thought for a second that they required admin access to activate MMCSS; but upon a second reading, it looks like they've merely reimplemented nice with some kind of setuid root service.
Aren't they getting ahead of themselves? COMMAND.COM is hardly a "kernel".
I want to delete my account but Slashdot doesn't allow it.
From the article: "...the symbolic file link (or as it's called in UNIX, the soft link) finally arrives in Windows Vista." - anybody heard "soft link"? Me (after 10 years of using Linux) never...
Twofo Is Dying
DC++ hub.twofo.co.uk:4144
It is official; Netcraft confirms: Twofo is dying
One more crippling bombshell hit the already beleagured University of Warwick filesharing community when ITS confirmed that Twofo total share has dropped yet again, now down to less than a fraction of 1 percent of all file sharing. Coming hot on the heels of a recent Netcraft survey which plainly states that Twofo has lost more share, this news serves to reinforce what we've known all along. Twofo is collapsing in complete disarry, as fittingly exemplified by failing dead last in the recent Student comprehensive leeching test.
You don't need to be one of the Hub Operators to predict Twofo's future. The hand writing is on the toilet wall: Twofo faces a bleak future. In fact there won't be any future at all for Twofo because Twofo is dying. Things are looking very bad for Twofo. As many of us are already aware, Twofo continues to lose users. Fines and disconnections flow like a river of feces.
N00b Campus users are the most endangered of them all, having lost 93% of their total share. The sudden and unpleasant departures of long time Twofo sharers fool_on_the_hill and Twinklefeet only serves to underscore the point more clearly. There can no longer be any doubt: Twofo is dying.
Let's keep to the facts and look at the numbers.
Sources indicate that there are at most 150 users in the hub. How many filelists have been downloaded? Let's see. 719. But 1621 IP addresses have been logged, and 1727 nicks have been sighted connecting to one user over the last term. How many searches are there? 600 searches in 3 hours. The highest sharer on campus, known as "firstchoice", or Andrew.Maddison@warwick.ac.uk in real life, was sharing over 1 TiB, despite working in ITS and not being on the resnet. He's only there so people off campus who think they're too good for bittorrent can continue to abuse the University's internet connection.
Due to troubles at the University of Warwick, lack of internet bandwidth, enforcements of Acceptable Usage Policies, abysmal sharing, retarded leechers, clueless n00bs, and ITS fining and disconnecting users, Twofo has no future. All major student surveys show that Twofo has steadily declined in file share. Twofo is very sick and its long term survival prospects are very dim. If Twofo is to survive at all it will be among p2p hardcore fuckwits, desperate to grab stuff for free off the internet. Nothing short of a miracle could save Twofo from its fate at this point in time. For all practical purposes, Twofo is dead.
Fact: Twofo is dying
Everytime I read anything about Vista's new features, I hear myself saying "fucking finally" like half a dozen times. Symlinks? Cancelling I/O? These are things other, better operating systems have had for over a decade. Anyone wanna start a pool for when they'll roll out a patent for symlinks?
Isnt this like entering the belly of the beast? I will save you some time in reading the article.
:-)
Proper care for your Vista "Beast"
1) Feed it plenty of CPU cycles. Preferrably multiple cores.
2) Give it obsene amounts of memory. 2.5G preferable.
3) This one seems to really enjoy Video Ram as wll, probably it tastes better. 256M advised.
4) Keep feeding it a constant supply of disk space. Interestingly enough, this version seems to consume HD space simply with doing nothing.
Thats the basics folks. Give your Vista beast what it needs and you should have a kind of good experience. At least for at least 6 months or so... Then you must slay the beast and re-install..
They actually have a screenshot of what it looks like inside the Vista kernel.
"Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
I think we've finally seen the very first actually interesting Slashdot story about Vista. About fucking time.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Much of this new stuff sounds like features of QNX. QNX has a "sporadic scheduler", for when you need things like 10ms of CPU every 100ms. QNX has had I/O cancellation for years. In QNX, you can set a timeout on any system call that blocks. If you set a 35ms timeout on a write, after 36 milliseconds, you'll have control back. Very useful in real-time systems where you're doing something less important, like logging, that should never take very long but, in some trouble condition, might. QNX has had prioritized I/O for years, too.
It all works, too. I've done compiles on QNX while running a real time program on the same machine, without the real time program missing a deadline.
Of course, in Vista, it's all more complicated.
Black box OS kernels like Windows can really never be disclosed. All you can really do is make some guesses or have an insider reveal some limited details.
For this reason, OS classes in school will be based on Linux,BSD,Minux,or even ReactOS. With all of these, if want to really know how it works, there is the code.
The secret-software-business is quite different that the shared discoveries of the scientific method that works well in education and science.
Historically, the open ones will be the only ones that survive. In 50 years: You want to know how DOS worked in the 1980s? Well, no source is available. But freedos provides a good example of how it worked. You want to know how some random UNIX worked. Well the source to that specific one is not available, but BSD and Linux are a good examples of how it worked. You want to know how Windows-2000 worked? Well, no source code is available, but ReactOS provides a close approximation of how it worked.
The subject line made me think instantly of the old Adventure game,
"you are in a maze of twisty passages all alike"
sent a shiver up the spine.
For details on what looks to be the inspiration of Windows Vista scheduling, cycle counters, priority boosts, class scheduling, threads and processes and I/O, and class and port drivers, do see the VMS Internals and Data Structures Manual. Circa 1992. Well, threading dates to 1996.
Sweet baby galaxy, NTOSKRNL.EXE??? 8.3 filename? In two-thousand-fucking-seven? No wonder Vista sucks, if they can't get rid of the stupidest old limitations. And I'm not talking about technical limitations, this one shows a limitation of thinking.
Yesterday was the time to do it right. Are we having a REVOLUTION yet?
name on the jar of as fittingly least of which is Fly...don't fear Keep unnecessary You. The t1reless clothes or be a
The bigger story for me is that Mark Russinovich, who wrote all those great sysinternals programs, and who investigated the Sony rootkit, is now a Microsoft employee. I guess that's because I missed this story back in July.
Sweet, VMS functionality isn't being lost.
Try this "man ionice" works for me
"think of it as evolution in action"
I was just thinking earlier, wouldn't it be nice if everyone wrote web pages that were compliant, and without IE hacks, so that eventually Microsoft would be forced to create a standards compliant browser.
Then I turn up at that Russinovich site and find it's been written in such a way that it's unreadable in Firefox! Of course! If Microsoft just keeps writing shit browsers, we'll be forced to adopt their standards! I really really hate them...
So, looking at the fluff piece, Windows Vista has:
A BogoMIPS calculator (CPU Cycle Counting).
A Solaris-like scheduling class (Multimedia Class Scheduler Service).
File-based Symbolic Links (1980's Unix anyone?)
A hack to get around priority inversion or an extra layer of queue or something (I/O Completion and Cancellation).
And some I/O priority stuff that, again, various quality Unix kernels have had since god was a boy.
Keep cracking that whip, Bill, don't let the slaves forget where their next meal's coming from.
The article doesn't mention that process startup is now quite different from the other versions of Windows NT.
.exe file mapped into memory. No stack is allocated, and no threads are created. In normal process creation, the parent process actually uses the debugger API calls to allocate memory for the stack into the new process's address space, copies the command line and environment into the new memory, and creates the initial thread pointing at kernel32!BaseProcessStartupThunk. It resumes the thread and off it goes. (NT has no concept of environment or command line at the kernel level.)
In previous versions of NT, process creation was quite different from systems such as UNIX. The system call NtCreateProcess creates a "blank" process with nothing in it but ntdll.dll and the new
This changed in Vista for one reason: DRM. Microsoft made it so that certain processes, namely wmplayer.exe and halo2.exe, cannot be a target of the debugger API calls for obvious reasons. It ignores privilege level in blocking the API. If the old method of starting processes were used, then the parent process could start wmplayer.exe with patches to steal the DRM keys or dump decrypted data to disk. Vista's kernel now does the entire initialization for these processes to close this hole.
By the way, Microsoft needs to change that web page so that it doesn't select Spanish over English if you have Spanish listed as an acceptable language in your browser, even if English is higher in the list. This happens for both IE7 and FF2.
Melissa
"Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
Having symlinks in the Vista kernel is nice and all, but Vista doesn't seem to offer a way to create these in Explorer. Who wants to break open a command line just to create a symlink?
Correct me if I'm wrong, but don't people criticize Linux all the time of a lack of GUI utilities in comparison to Windows? Yet when I drag a file somewhere in KDE, I can just click on "Link Here" and poof, I've got a symlink. Why have I not heard a single complaint about the lack of a user-friendly way to do this in Vista?
Furthermore, you need to have Administrator access (or use Administrator to give yourself the priviledge) to create a symlink, "because not all applications may handle symbolic links correctly". Doesn't this seem broken to anyone? Or at the very least, worrysome?
99.9% of Windows users will not know what a symbolic link is, and even less will know how actually enable the feature for non-administrators. This means that no end-user application can ever use them. A lot of work for nothing - good job Microsoft.
They should have added an API call to tell kernel32, "hey, I know how to use symbolic links, so let me use them".
Melissa
"Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
"While Windows has always supported prioritization of CPU usage, it hasn't included the concept of I/O priority. Without I/O priority, background activities like search indexing, virus scanning, and disk defragmenting can severely impact the responsiveness of foreground operations."
I've been flamed in the past for saying that 2000/XP didn't support I/O prioritization. A couple idle priority processes could bring a system to its knees with file I/O.
Now I can go back and win an argument I had with another Linux user in 2005, who believed that NT has always supported I/O prioritization.
A lot of Microsoft programs still use 8.3 names. Do you really need longer names? Is there something that "Microsoft Word for Windows.exe" can do that "WINWORD.EXE" can't?
There are quite a few little dos utilties and such that if you ran them to delete a directory they don't start with that directory... they start by deleting every single file in the top most directories, then delete those directories, then delete all the files in next level of directories, etc etc etc.
That way if you make a symbolic link to a file system, then use the wrong utility in a attempt to remove said symbolic link, you end up wiping out the entire file system it's linked to...
(I mean seriously folks.. who puts up with this sort of stuff?)
And TFA says, basically:
1. Windows gets a bunch of features that make it more like a Real OS.
2. More information in the next installment.
The features are really good, but the article kind of sucks.
Please correct me if I got my facts wrong.
HAHAHAHAAAaaaaa!1!! you RTFA. Loser.
I want to delete my account but Slashdot doesn't allow it.
Whoa, check it out! All of the old catalogue of Sysinternals/Winternals software, plus some new stuff, has all been released as freeware! There's some useful stuff in there!
For once and for all, if this Vista is as full of DRM as it sounds, I will not use it. For anything, ever.
Not only am I hostile to the very concept of DRM, but I will actively work to circumvent it where I find it and work against it at every level. Trying to prevent piracy is one thing. Turning your own computer into an agent which works against your own interests is something else.
I made a nice packet off the MS stock years ago. I'm ever grateful for the cash, but I had no problem turning my back on Sony, and now I will do the same to Vista unless I find a suitably cracked version. I'll buy a copy if there's a way to disable all the DRM crap, but I won't buy my enemy a weapon to use against me.
You are welcome on my lawn.
It's the fact that the backwards compatibility is still there. C:\PROGRA~1 etc is fucking ugly and confusing for the new user. They stole long file names from other OSs but implemented it poorly. They need to take the same route as OSX. Start from scratch (sort of) and forget backwards compatibility for once. Allow good implementation of a virtual machine for that sort of crap. You can't get rid of the burdens from your old OS if you allow backwards compatibilty. 8.3 filenames are just one of the burdens.
Err... Not quite. Not all of the SysInternals tools were migrated, and NONE of the source code was. Microsoft's hiding behind some pretty lame excuses (e.g. "They're using undocumented APIs!" or "Hackers are using it to make spyware!") for not distributing the source code.
The Winternals Administrator's Pak is also ">being discontinued, and have its functionality available only to those with Software Assurance agreements.
Finally the content producers will share in the billions made on the back of the creativity of millions of content producers who posted their videos on uTube.
Only LEMMINGS would need a scoring system (in Slashdot) to decide what they want/need to read. Scoring was brought into the American schooling system to replace whipping for getting the wrong answer.
00010110100101100101100001010101011011100101010101 01010101010100100000101010000101010010101010101011 11101010101010101010000101001010101010110110101010 10101000010100101100100110101100101010101010101011 10101000010101010110110100010111010001010111010100 01010101010110101010101000101101001011001011000010 10101011011100101010101010101010101001000001010100 00101010010101010101011111010101010101010100001010 01010101010110110101010101010000101001011001001101 01100101010101010101011101010000101010101101101000 10111010001010111010100010101010101101010101010001 01101001011001011000010101010110111001010101010101 01010101001000001010100001010100101010101010111110 10101010101010100001010010101010101101101010101010 10000101001011001001101011001010101010101010111010 10000101010101101101000101110100010101110101000101 01010101101010101010001011010010110010110000101010 10110111001010101010101010101010010000010101000010 10100101010101010111110101010101010101000010100101 01010101101101010101010100001010010110010011010110 01010101010101010111010100001010101011011010001011 101000101011101010001010101010110101010
Is it true that every line in the source contains comments like this?
; Hah! Take that user!
; Oh nice try but we thought of that!
; Clearly they are trying to steal this.
; Thief! Thief!
; MP3s have no DRM. Refuse to play.
; Block association away from Windows Media Player
; SONY rootkit plugs in here
; Powered up. Now lets get today's authorization.
You know something? Ever since I got my new Mac, I just don't care what is new in the next version of Windows anymore....
Strange, that...
I think you are talking about writing Windows Driver, not trying to understand OS internals, (so you could write an OS).
/usr/include.
Or are you implying that you could figure out the internals of Linux by looking in
I dont think anyone can really know exactly what is in the Windows Kernel when it is closed source.
"Please remember that there are many other significant changes in Windows Vista that fail outside the kernel proper and therefore won't be covered."
It certainly sounds broken to _me_. Why wouldn't all apps handle symlinks correctly?
In Mac OS 9, and in 8, and 7... when did they add aliases (the Mac OS equivalent to symlinks) anyway, I think it was 7... all the standard file routines, including the "open file" and "save file" dialogs, automatically resolved aliases.
A Mac application doesn't need to know anything about aliases to handle them "correctly." It is only a Mac application that needs to open an alias file directly as a file that needs to do something special.
Proper engineering means the "proper" default behavior is built into the API and requires no application modifications. It's half-assed engineering to add something new that requires all applications to be rewritten, by someone who understands the new feature, to work properly with the new feature. You shouldn't have to do anything special to open a file just because it happens to be a symlink, or on removable media, or across the network... and it doesn't, on most operating systems.
"How to Do Nothing," kids activities, back in print!
There are sufficiently different open OS's to cover all modern and past OS architectures.
UNIX - BSD, Linux, Minix
DOS - FreeDOS.
Windows NT/200 - ReactOS.
VMS - FreeVMS
Mach,XNU,OSX - Darwin
Microkernel - Hurd
Multics - SIMTICS
Plan9 - Plan9
BeOS - Haiku
OS/2 - NuDawn ?
Solaris - OpenSolaris
RT-OS - eCos
man 2 ioprio_set
Process ownership
"An unprivileged process may only set the I/O priority of a process whose real UID matches the real or effective UID of the calling process. A process which has the CAP_SYS_NICE capability can change the priority of any process."
Sound like you can set priority for your own processes.
"think of it as evolution in action"
Ary you cursed or why do you still get modded down when you hit them the truth straight in the eyes?
Must me someone hating you. But why?
Maybe it's that thing that poeple can't accept that the're wrong because this would crash their whole world view and self-acceptance.
Poor primitives...
Any sufficiently advanced intelligence is indistinguishable from stupidity.
Ok, I'm not trying to troll, but the latest CPU scheduling algorithm is just yet another example of how when it comes to Windows, the design is done more by the marketing department than by the engineers. At least we hope the engineers would have raised objections!
I understand their CPU cycle counting is intended to improve fairness between applications, but the proposed scheme will have just the opposite effect. Consider, for example, that interrupts aren't counted against a process' cpu usage. All well and good in theory, but the practical result is that a process which is I/O intensive - that is, one which causes interrupts to occur - will actually run much longer than it would otherwise. So, the problem of one I/O intensive process locking out all of the other applications will only get worse in Vista.
And the interesting thing is that this will actually give a subtle priority boost to multimedia applications, without them having to raise their priority level. IOTW, your multimedia app gets realtime priority whether you asked for it or not.
Well intentioned, yes. But also naive.
The society for a thought-free internet welcomes you.
Click here. He talks about a lot of things, including these "protected processes", and even says that the purpose is for DRM.
Melissa
"Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
I know that badvista.org has a campaign to mark products with DRM and defectivebydesign, but nothing in this story has anything to do with DRM; having these tags on the article is less then useful. Maybe the tags need the same type of moderation system that the comments get.
You may get dandruff for less...
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Don't try to weasel away from the fact that Vista is all about DRM. Either MS makes their OS for the people or they make it for the media companies. There's no middle road here.
So, if a media company installs linux on a server somewhere, does that mean linux is no longer made for the people?
Please reflect on this article and realize it's not a "fair and balanced" presentation.
Mentioning a few features with no analysis of the possible downsides is not very useful writing.
Some downsides:
3. Use a security model that doesn't allow viruses to spread in the first place.
So the prof hands out the license agreement for all the students to sign...
To use the source code of the NT kernel and have your students agree to some license agreement, you should have a purpose.
What is that purpose?:
1. To write a better OS? No. bad idea. Any ideas you get may be viewed as stolen. Why not use Linux,BSD,ReactOS,Hurd or XNU/Darwin instead? The ideas you get from these are free.
2. To learn about basic design principles of OS components. Why not use Linux,BSD,ReactOS,Hurd,OpenSolaris or Darwin instead? What exactly would NTOS have that open OS's not have?
3. To write better Microsoft Drivers...ok sure...
The point here is that learning about NT internals can only really help you write better Microsoft code, not to learn what OS's are made of.
I'm not sure but I think it means media company installed linux on a server somewhere.
You'll never find a greater hive of scum and villany...
Want to find other gamers to play board and role playing game
Isn't Vista distributed on DVD? Are machines capable of running Vista ever going to be incapable of booting from Joliet or UDF discs?
And why don't we suffer the 8.3 UPPERCASE restriction with linux?