前缀

文字都是从Programming WDM中摘出来的，所以算转载了吧

I/O管理器(Io前缀) 包含许多驱动程序可以使用的服务函数，

进程结构模块(Ps前缀) 创建并管理内核模式线程。普通的WDM驱动程序应使用一个独立的线程来循检无中断生成能力的设备。

内存管理器(Mm前缀) 控制页表，页表定义了虚拟内存到物理内存之间的映射。

executive (Ex前缀) 提供堆管理和同步服务。

对象管理器(Ob前缀) 集中控制Windows NT中的各种数据对象。WDM驱动程序仅需要对象管理器维护对象的参考计数，以防止对象被意外删除。

安全参考监视器(Se前缀) 使文件系统驱动程序执行安全检测。I/O请求到达WDM驱动程序前已经做完了安全检测，所以本书不讨论这些函数。

运行时间库部件(Rtl前缀) 包含工具例程，例如列表和串管理例程，内核模式驱动程序可以用这些例程来替代常规的ANSI标准例程。大部分例程可以从其名字上直接看出它的功能。

Win32子系统存在于用户模式中，所以用户模式中的应用程序可以容易地调用其例程。为了方便，Windows NT在内核模式中实现了一些有Zw前缀名的函数，这些函数可以使驱动程序调用Win32子系统例程。Windows 2000 DDK中仅暴露一少部分这样的函数给驱动程序使用，包括访问文件和注册表的函数。我将在本章讨论这些函数。

Windows NT内核(Ke前缀) 所有多线程和多处理器的低级同步活动都发生在内核中（第一版，驱网翻译）

The I/O Manager (prefix Io) contains many service functions that drivers use,The Process Structure module (prefix Ps) creates and manages kernel-mode threads. An ordinary WDM driver might use an independent thread to repeatedly poll a device incapable of generating interrupts, and for other purposes.

The Memory Manager (prefix Mm) controls the page tables that define the mapping of virtual addresses onto physical memory.

The executive (prefix Ex) supplies heap management and synchronization services.

The Object Manager (prefix Ob) provides centralized control over the many data objects with which Windows XP works. WDM drivers rely on the Object Manager for keeping a reference count that prevents an object from disappearing while someone is still using it and to convert object handles to pointers to the objects the handles represent.

The Security Reference Monitor (prefix Se) allows file system drivers to perform security checks. Someone else has usually dealt with security concerns by the time an I/O request reaches a WDM driver, so I won’t be discussing these functions in this book.

The so-called run-time library component (prefix Rtl) contains utility routines, such as list and string-management routines, that kernel-mode drivers can use instead of regular ANSI-standard library routines. For the most part, the operation of these functions is obvious from their names, and you would pretty much know how to use them in a program if you just were aware of them.

Windows XP implements the native API for kernel-mode callers using routine names that begin with the prefix Zw. The DDK documents just a few of the ZwXxx functions, namely the ones that pertain to registry and file access. I’ll discuss those functions in this chapter.

The Windows XP kernel (prefix Ke) is where all the low-level synchronization of activities between threads and processors occurs.（第二版，En）