Windows API Reference

Overview

Kernel objects are fundamental building blocks used by the Windows operating system to manage resources and synchronization. They provide a unified programming model for handling processes, threads, synchronization primitives, I/O, and more.

Common Kernel Object Types

• Process – Represents an executing program.
• Thread – Unit of execution within a process.
• Mutex – Provides exclusive ownership for synchronization.
• Event – Signaling mechanism for thread coordination.
• Semaphore – Controls access to a resource pool.
• File – Represents I/O objects like files, pipes, and devices.
• Timer – Generates notifications at specified intervals.

Creating Kernel Objects

Most kernel objects are created through dedicated WinAPI functions. Below is a quick reference for the most commonly used creation functions.

HANDLE hProcess  = CreateProcess(...);
HANDLE hThread   = CreateThread(...);
HANDLE hMutex    = CreateMutex(...);
HANDLE hEvent    = CreateEvent(...);
HANDLE hSemaphore= CreateSemaphore(...);
HANDLE hFile     = CreateFile(...);
HANDLE hTimer    = CreateWaitableTimer(...);

Security & Access Control

Kernel objects support Discretionary Access Control Lists (DACLs) to define who can interact with them. Use SetSecurityInfo or InitializeSecurityDescriptor to configure permissions.

SECURITY_ATTRIBUTES sa = { sizeof(SECURITY_ATTRIBUTES), pSD, FALSE };
HANDLE hMutex = CreateMutex(&sa, FALSE, L"MyMutex");

Cleaning Up

Always close handles when they are no longer needed to avoid resource leaks.

CloseHandle(hProcess);
CloseHandle(hThread);
CloseHandle(hMutex);
CloseHandle(hEvent);
CloseHandle(hSemaphore);
CloseHandle(hFile);
CloseHandle(hTimer);

API Reference

• Process Functions
• Thread Functions
• Mutex Functions
• Event Functions
• Semaphore Functions
• File Functions
• Timer Functions