https://nesl42.github.io/tags/win32/ 敬渊's Blog Hugo 0.154.5 & FixIt v0.4.3-20260123080729-2a5bd268 zh-CN Sun, 12 Mar 2023 00:00:00 +0000 https://nesl42.github.io/posts/2023-3-winkernel%E8%B0%83%E8%AF%95/ Sun, 12 Mar 2023 00:00:00 +0000 https://nesl42.github.io/posts/2023-3-winkernel%E8%B0%83%E8%AF%95/ Technology <p>[toc]</p> <p>最后一部分了，接下来好好写个调试器，看看win内核的洞去了。</p> <h2 class="heading-element" id="01调试对象"><span>01.调试对象</span> <a href="#01%e8%b0%83%e8%af%95%e5%af%b9%e8%b1%a1" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h2><h3 class="heading-element" id="调试器与被调试程序"><span>调试器与被调试程序</span> <a href="#%e8%b0%83%e8%af%95%e5%99%a8%e4%b8%8e%e8%a2%ab%e8%b0%83%e8%af%95%e7%a8%8b%e5%ba%8f" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h3><p>示例图如下：</p> https://nesl42.github.io/posts/2023-3-winkernel%E6%B6%88%E6%81%AF%E6%9C%BA%E5%88%B6/ Tue, 07 Mar 2023 00:00:00 +0000 https://nesl42.github.io/posts/2023-3-winkernel%E6%B6%88%E6%81%AF%E6%9C%BA%E5%88%B6/ Technology <p>[toc]</p> <h2 class="heading-element" id="1消息队列"><span>1.消息队列</span> <a href="#1%e6%b6%88%e6%81%af%e9%98%9f%e5%88%97" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h2><h3 class="heading-element" id="消息队列"><span>消息队列</span> <a href="#%e6%b6%88%e6%81%af%e9%98%9f%e5%88%97" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h3><p>本质上是一种数据结构，先进先出。</p> https://nesl42.github.io/posts/2023-3-winkernel%E5%86%85%E5%AD%98%E7%AE%A1%E7%90%86/ Sun, 05 Mar 2023 00:00:00 +0000 https://nesl42.github.io/posts/2023-3-winkernel%E5%86%85%E5%AD%98%E7%AE%A1%E7%90%86/ Technology <p>[toc]</p> <h2 class="heading-element" id="01线性地址的管理"><span>01.线性地址的管理</span> <a href="#01%e7%ba%bf%e6%80%a7%e5%9c%b0%e5%9d%80%e7%9a%84%e7%ae%a1%e7%90%86" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h2><ol> <li>每个进程都有自己的用户空间需要管理，当我们使用<strong>VirtualAlloc</strong>等函数申请一块固定的地址空间时，首先需要确认这块空间是否被占用，如果该空间已被占用则申请失败。</li> <li>用户空间并非像内核空间一样通过一块链表去管理已占用的线性地址空间（效率低）， 而是通过<strong>搜索二叉树</strong></li> </ol> <p><strong>申请内存的两种方式</strong>：</p> https://nesl42.github.io/posts/2023-3-winkernel%E5%BC%82%E5%B8%B8/ Thu, 02 Mar 2023 00:00:00 +0000 https://nesl42.github.io/posts/2023-3-winkernel%E5%BC%82%E5%B8%B8/ Technology <p>[toc]</p> <h2 class="heading-element" id="01cpu异常记录"><span>01.CPU异常记录</span> <a href="#01cpu%e5%bc%82%e5%b8%b8%e8%ae%b0%e5%bd%95" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h2><p>一个异常产生后，首先是要<strong>记录异常信息</strong>（异常的类型、异常发生的位置等），然后要寻找异常的处理函数，称为<strong>异常的分发</strong>,最后找到异常处理函数并调用，称为<strong>异常处理</strong>。</p> https://nesl42.github.io/posts/2023-2-winkernelapc/ Sun, 26 Feb 2023 00:00:00 +0000 https://nesl42.github.io/posts/2023-2-winkernelapc/ Technology <p>[toc]</p> <h2 class="heading-element" id="01apc的本质"><span>01.APC的本质</span> <a href="#01apc%e7%9a%84%e6%9c%ac%e8%b4%a8" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h2><ol> <li>线程是不能被“杀掉”、“挂起”、“恢复”的，线程在执行的时候自己占据着CPU，别人不能控制它</li> <li>举个极端的例子：如果不调用API，屏蔽中断，并保证代码不出现异常，线程将永久占用CPU</li> <li>所以说线程如果想“死”，一定是自己执行代码把自己杀死，不存在“他杀”的情况</li> </ol> <p><strong>思考</strong>：那如果想改变一个线程的行为该怎么办 <strong>答案</strong>：可以给他提供一个函数，让它自己去调用：APC（Asyncroneus Procedure Call，异步过程调用）</p> https://nesl42.github.io/posts/2023-2-winkernel%E4%BA%8B%E4%BB%B6%E7%AD%89%E5%BE%85/ Thu, 23 Feb 2023 00:00:00 +0000 https://nesl42.github.io/posts/2023-2-winkernel%E4%BA%8B%E4%BB%B6%E7%AD%89%E5%BE%85/ Technology <p>[toc]</p> <h2 class="heading-element" id="01临界区"><span>01.临界区</span> <a href="#01%e4%b8%b4%e7%95%8c%e5%8c%ba" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h2><blockquote> <p>这个部分在驱动那一部分写了，这里就直接复制粘贴过来了</p> https://nesl42.github.io/posts/2023-2-winkernel%E5%8F%A5%E6%9F%84%E8%A1%A8/ Sun, 19 Feb 2023 00:00:00 +0000 https://nesl42.github.io/posts/2023-2-winkernel%E5%8F%A5%E6%9F%84%E8%A1%A8/ Technology <p>[toc]</p> <h2 class="heading-element" id="01句柄表"><span>01.句柄表</span> <a href="#01%e5%8f%a5%e6%9f%84%e8%a1%a8" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h2><ol> <li> <p>当一个进程创建或者打开一个内核对象时，将获得一个句柄，通过这个句柄可以访问对应的内核对象</p> https://nesl42.github.io/posts/2023-2-winkernel%E8%BF%9B%E7%A8%8B%E7%BA%BF%E7%A8%8B/ Sat, 18 Feb 2023 00:00:00 +0000 https://nesl42.github.io/posts/2023-2-winkernel%E8%BF%9B%E7%A8%8B%E7%BA%BF%E7%A8%8B/ Technology <p>[toc]</p> <blockquote> <p><a href="https://blog.csdn.net/qq_41490873/category_8987386.html" target="_blank" rel="external nofollow noopener noreferrer">进程&amp;线程</a></p> <p><a href="https://blog.csdn.net/qq_41490873/category_9930822.html" target="_blank" rel="external nofollow noopener noreferrer">滴水中级上</a></p> </blockquote> <h2 class="heading-element" id="001进程结构体"><span>001.进程结构体</span> <a href="#001%e8%bf%9b%e7%a8%8b%e7%bb%93%e6%9e%84%e4%bd%93" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h2><p>每个windows进程在0环都有一个对应的结构体：<code>EPROCESS</code> ，这个结构体包含了进程所有重要的信息。</p> https://nesl42.github.io/posts/2023-1-winkernel%E9%A9%B1%E5%8A%A8/ Wed, 18 Jan 2023 00:00:00 +0000 https://nesl42.github.io/posts/2023-1-winkernel%E9%A9%B1%E5%8A%A8/ Technology <p>[toc]</p> <h2 class="heading-element" id="001驱动开发环境配置"><span>001.驱动开发环境配置</span> <a href="#001%e9%a9%b1%e5%8a%a8%e5%bc%80%e5%8f%91%e7%8e%af%e5%a2%83%e9%85%8d%e7%bd%ae" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h2><p>vs2010:https://learn.microsoft.com/zh-cn/visualstudio/releasenotes/vs2010-sp1-vs</p> https://nesl42.github.io/posts/2023-1-winkernel%E7%B3%BB%E7%BB%9F%E8%B0%83%E7%94%A8/ Mon, 16 Jan 2023 00:00:00 +0000 https://nesl42.github.io/posts/2023-1-winkernel%E7%B3%BB%E7%BB%9F%E8%B0%83%E7%94%A8/ Technology <p>[toc]</p> <p>本文是windows内核系列的第三部分，本来应该是放到第二部分后面的，但是第二部分会用到这部分的相关内容 ，就先放第三部分了。</p> <h2 class="heading-element" id="001api函数的调用过程3环部分"><span>001.API函数的调用过程(3环部分)</span> <a href="#001api%e5%87%bd%e6%95%b0%e7%9a%84%e8%b0%83%e7%94%a8%e8%bf%87%e7%a8%8b3%e7%8e%af%e9%83%a8%e5%88%86" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h2><p>主要是存放在 C:\WINDOWS\system32 下面所有的dll</p> https://nesl42.github.io/posts/2022-9-wincode1/ Mon, 10 Oct 2022 00:00:00 +0000 https://nesl42.github.io/posts/2022-9-wincode1/ Technology <p>[toc]</p> <p>准备开个系列，就叫“Windows Program Learn”，记录《Windows黑客编程技术详解》书的代码和笔记。</p> <blockquote> <p><a href="https://github.com/jash-git/Windows-Hack-Programming-backup" target="_blank" rel="external nofollow noopener noreferrer">https://github.com/jash-git/Windows-Hack-Programming-backup</a></p> </blockquote> <h2 class="heading-element" id="基础"><span>基础</span> <a href="#%e5%9f%ba%e7%a1%80" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h2><p>最开始是环境的搭建，这里就不搞了，好像也没啥。</p> https://nesl42.github.io/posts/2022-9-winkernel%E4%BF%9D%E6%8A%A4%E6%A8%A1%E5%BC%8F/ Mon, 26 Sep 2022 00:00:00 +0000 https://nesl42.github.io/posts/2022-9-winkernel%E4%BF%9D%E6%8A%A4%E6%A8%A1%E5%BC%8F/ Technology <p>[toc]</p> <h2 class="heading-element" id="001保护模式"><span>001.保护模式</span> <a href="#001%e4%bf%9d%e6%8a%a4%e6%a8%a1%e5%bc%8f" class="heading-mark"> <svg class="octicon octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg> </a> </h2><p>x86CPU三个模式：实模式， 保护模式，虚拟8086模式</p>