Windows 控制台子系统如何工作? [英] How does windows console subsystem work?

问题描述

那么控制台子系统是如何工作的?我了解高级内容，例如 windows 自动为程序创建控制台窗口，然后为控制台窗口提供句柄，您可以使用 WriteConsole 和 ReadConsole 对其进行写入和读取，但是 window 本身是如何工作的?Windows 是否使用 GDI 将字符绘制到控制台?或者一些隐藏的内部功能?幕后会发生什么?

So how does console subsystem work ? I understand high level stuff such as windows automatically creates console window for programs and then gives handle to console window to which you can write and read with WriteConsole and ReadConsole, but how does window itself work ? does windows use GDI to draw characters into console ? or some hidden internal functions ? what happens behind the curtains ?

推荐答案

这个问题太模糊，无法详细回答，但我会试一试.

This question is too vague to really answer in a detailed fashion but I'll give it a shot.

在 32 位 Windows 中至少有 3 种不同的控制台实现:

There are at least 3 different implementations of the console in 32-bit Windows:

• Windows 95/98/ME 中的 MS-DOS 框
• CSRSS 在 NT4/2000/XP/2003/Vista 上拥有控制台窗口
• ConHost 在 7 及更高版本上拥有控制台窗口

• MS-DOS box in Windows 95/98/ME
• CSRSS owned console windows on NT4/2000/XP/2003/Vista
• ConHost owned console windows on 7 and later

基于 NT 的控制台使用 IPC 在客户端应用程序和控制台之间进行通信所有者进程.ReadFile 和 WriteFile 函数有一个特殊的技巧，并且在给定控制台句柄时还与控制台所有者通信(而不是像使用正常"句柄).

The NT based consoles use IPC to communicate between the client application and the console owner process. The ReadFile and WriteFile functions have a special hack and also communicate with the console owner when given a console handle (instead of calling into the kernel like they do with a "normal" handle).

控制台窗口是一个普通的 HWND，大部分使用普通的 GDI.

The console window is a normal HWND and for the most part uses normal GDI.

较旧的控制台还支持本机硬件全屏模式，它可能直接使用 BIOS/VGA 内容.在窗口模式下，我相信它使用未记录的 GdiConsoleTextOut 函数.因为 CSRSS 是一个核心进程，他们可能会调用一些未记录的 NT 函数来避免加载更高级别的 DLL，但实际绘制代码并没有什么特别之处.

The older console also supports native hardware full screen mode where it probably uses BIOS/VGA stuff directly. In windowed mode I believe it uses the undocumented GdiConsoleTextOut function. Because CSRSS is a core process they might be calling some undocumented NT functions to avoid loading higher level DLLs but there is nothing really special about the actual drawing code.

在较新版本的 Windows 中，由于 DWM 和一个非特权进程 (ConHost.exe) 拥有控制台窗口，以防止针对 CSRSS 的粉碎攻击.ConHost.exe 导入 PolyTextOutW 所以我假设它是用来绘制文本的.

In newer versions of Windows the full screen mode was removed because of the DWM and a unprivileged process (ConHost.exe) owns the console window to prevent shatter attacks against CSRSS. ConHost.exe imports PolyTextOutW so I assume that is what it uses to draw the text.

NT 控制台还支持未记录的位图图形模式，我假设它也使用普通 GDI.

The NT consoles also support a undocumented bitmap graphics mode and I assume that also uses plain GDI.

当然，所有这些都是未记录的实施细节，并且可能随时更改.最接近官方文档的可能是 这篇博文 他们还透露所使用的 IPC 方法是未记录的 LPC 功能.

All of this is of course undocumented implementation details and could change at any time. The closest you will get to official documentation is probably this blog post where they also reveal that the IPC method used is the undocumented LPC feature.

这篇关于Windows 控制台子系统如何工作?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！