How does windows console subsystem work?

▼魔方 西西 提交于 2019-12-04 22:05:42

This question is too vague to really answer in a detailed fashion but I'll give it a shot.

There are at least 3 different implementations of the console in 32-bit Windows:

  • MS-DOS box in Windows 95/98/ME
  • CSRSS owned console windows on NT4/2000/XP/2003/Vista
  • ConHost owned console windows on 7 and later

The NT based consoles use IPC to communicate between the client application and the console owner process. The ReadFile and WriteFile functions have a special hack and also communicate with the console owner when given a console handle (instead of calling into the kernel like they do with a "normal" handle).

The console window is a normal HWND and for the most part uses normal GDI.

The older console also supports native hardware full screen mode where it probably uses BIOS/VGA stuff directly. In windowed mode I believe it uses the undocumented GdiConsoleTextOut function. Because CSRSS is a core process they might be calling some undocumented NT functions to avoid loading higher level DLLs but there is nothing really special about the actual drawing code.

In newer versions of Windows the full screen mode was removed because of the DWM and a unprivileged process (ConHost.exe) owns the console window to prevent shatter attacks against CSRSS. ConHost.exe imports PolyTextOutW so I assume that is what it uses to draw the text.

The NT consoles also support a undocumented bitmap graphics mode and I assume that also uses plain GDI.

All of this is of course undocumented implementation details and could change at any time. The closest you will get to official documentation is probably this blog post where they also reveal that the IPC method used is the undocumented LPC feature.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!