Windows NT 2000 Native API Reference by Gary Nebbett
Under the hood, how does Windows 2000 really work? Windows NT/2000 Native API Reference provides a thorough listing of all available internal or "native" API calls, many of them undocumented. For any advanced C/C++ programmer who writes Win32 device drivers or system utilities, this is an indispensable resource to some truly impossible-to-find information.
The book first explains what native APIs are and what they are good for. Native APIs (which all begin with the "Nt" or "Zw" prefixes) run closer to the operating system (in kernel mode), so they are perfect for those who write device drivers, debuggers, profilers, or other system utilities.
This book lists several hundred native APIs, the C structures they use, and the Win32 calls that invoke them. As a reference, this text is a model of clarity, with each function clearly documented and explained. APIs are grouped by functionality, from finding system information to processes and threads, memory management, file I/O, and other categories. One standout here is the sample code that polls the system for low-level information, which mimics developer utilities that let you view process and thread information. Other short examples include techniques for accessing debugging, profiling, and exception information.
For programmers who write device drivers, this title also includes the plug-and-play and power management APIs used by today's Windows. Interesting appendices include a guide to the way the Win32 NTFS file system organizes data on disks, along with sample code to access--and even decompress--this information.
Whether you want to write device drivers or system utilities, or you just want to learn more about the operating system, this comprehensive guide takes the lid off Windows 2000 and looks inside at its internal functions. --Richard Dragan
Topics covered: Native API overview, native API vs. Win32 API, system information and control, APIs for objects, object directories and symbolic links, virtual memory, sections for memory-mapped files, threads, processes, building ToolHelp utilities with native APIs, Windows 2000 API for jobs, tokens, working with synchronization objects, execution profiling, ports and local procedure calls (LPCs), debugging support with LPCs, opening, reading and writing files, NTFS disk structures, Registry keys, security and auditing, plug-and-play and power management, miscellaneous native APIs, exception and debugging.
Product Description Windows NT/2000 Native API Reference is absolutely unique. Currently, documentation on WIndows NT's native APIs can only be found through access to the source code or occasionally Web sites where people have chosen to share bits of insight gained through reverse engineering. This book provides the first complete reference to the API functions native to Windows NT and covers the set of services that are offered by Windows NT to both kernel- and user-mode programs. Ideal for the intermediate and advanced level user- and kernel-mode developers of Windows systems, this books is devoted to the NT native API and consists of documentation of the 210 routines included in the API. Also included are all the functions added in Windows 2000.