现在除了线程内核对象外。
事件内核对象是一种同步多线程的内核对象。
Event kernel object is a kind of kernel objects to synchronize threads.
这个新的命名约定可以帮助将这些内核对象(LKM)与标准对象区分开来。
The new naming convention helps to distinguish kernel objects (LKMs) from standard objects.
您可以在LKM 上使用标准对象工具(在 2.6版本中,内核对象带有后缀 .ko,)。
You can use standard object tools on LKMs (which for version 2.6 have the suffix .ko, for kernel object).
很多现代的UNIX操作系统实现了一个多对一的模型,用来映射用户空间的线程到系统内核对象。
Many modern UNIX operating systems implement a many-to-few model when mapping user-level threads to kernel entities.
因为进程是内核对象,实际上是最“重”的一种对象,所以至少需要再内核创建和连接数相等的进程。
Because processes are kernel entities (and are in fact the heaviest ones), the number of kernel entities will be at least as large as the number of concurrent sessions.
文章介绍了内核对象内联挂接技术,延伸了现有的代码重定向技术,通过对内核对象调用路径的内联挂接,实现隐藏。
This paper introduces a technique named kernel object inline hooking, which extends existing technique of code redirection, hides tracks through inline hooking of kernel objects dispatch routines.
每一个重要的内核对象,比如每个文件系统对象和每个进程,都有一个关联到它们的“安全上下文(security context)”。
Every critical kernel object, such as every filesystem object and every process, has a "security context" associated with them.
每一个重要的内核对象,比如每个文件系统对象和每个进程,都有一个关联到它们的“安全上下文(security context)”。
Every critical kernel object, such as every filesystem object and every process, has a "security context" associated with them.
应用推荐