初始化活动的进程列表。

#076 /* Initialize the Active Process List */

#077 InitializeListHead(&PsActiveProcessHead);

#078 KeInitializeGuardedMutex(&PspActiveProcessMutex);

#079

获取空闲的进程列表。在Reactos里，系统初始化进程，最终就是一个空闲进程。因此，只需要获取当前进程就行了。

#080 /* Get the idle process */

#081 PsIdleProcess = PsGetCurrentProcess();

#082

设置空闲进程锁。

#083 /* Setup the locks */

#084 PsIdleProcess->ProcessLock.Value = 0;

#085 ExInitializeRundownProtection(&PsIdleProcess->RundownProtect);

#086

初始化空闲进程列表。

#087 /* Initialize the thread list */

#088 InitializeListHead(&PsIdleProcess->ThreadListHead);

#089

清空空闲进程的内核使用时间。

#090 /* Clear kernel time */

#091 PsIdleProcess->Pcb.KernelTime = 0;

#092

下面这段，就是初始化与进程有关的对象。

#093 /* Initialize Object Initializer */

#094 RtlZeroMemory(&ObjectTypeInitializer,sizeof(ObjectTypeInitializer));

#095 ObjectTypeInitializer.Length = sizeof(ObjectTypeInitializer);

#096 ObjectTypeInitializer.InvalidAttributes = OBJ_OPENLINK |

#097 OBJ_PERMANENT |

#098 OBJ_EXCLUSIVE |

#099 OBJ_OPENIF;

#100 ObjectTypeInitializer.PoolType = NonPagedPool;

#101 ObjectTypeInitializer.Securityrequired = TRUE;

#102

初始化进程类型对象。

#103 /* Initialize the Process type */

#104 RtlInitUnicodeString(&Name,L"Process");

#105 ObjectTypeInitializer.DefaultNonPagedPoolCharge = sizeof(EPROCESS);

进程映射过程。

#106 ObjectTypeInitializer.GenericMapping = PspProcessMapping;

#107 ObjectTypeInitializer.ValidAccessMask = PROCESS_ALL_ACCESS;

进程删除过程。

#108 ObjectTypeInitializer.DeleteProcedure = PspDeleteProcess;

创建进程类型对象。

#109 ObCreateObjectType(&Name,&ObjectTypeInitializer,NULL,&PsProcesstype);

#110

初始化线程类型对象。

#111 /* Initialize the Thread type */

#112 RtlInitUnicodeString(&Name,L"Thread");

#113 ObjectTypeInitializer.Length = sizeof(ObjectTypeInitializer);

#114 ObjectTypeInitializer.DefaultNonPagedPoolCharge = sizeof(ETHREAD);

#115 ObjectTypeInitializer.GenericMapping = PspThreadMapping;

#116 ObjectTypeInitializer.ValidAccessMask = THREAD_ALL_ACCESS;

#117 ObjectTypeInitializer.DeleteProcedure = PspDeleteThread;

#118 ObCreateObjectType(&Name,&PsThreadType);

#119

初始化工作集对象类型。

#120 /* Initialize the Job type */

#121 RtlInitUnicodeString(&Name,L"Job");

#122 ObjectTypeInitializer.Length = sizeof(ObjectTypeInitializer);

#123 ObjectTypeInitializer.DefaultNonPagedPoolCharge = sizeof(EJOB);

#124 ObjectTypeInitializer.GenericMapping = PspJobMapping;

#125 ObjectTypeInitializer.ValidAccessMask = JOB_OBJECT_ALL_ACCESS;

#126 ObjectTypeInitializer.DeleteProcedure = PspDeleteJob;

#127 ObCreateObjectType(&Name,&PsJobType);

#128

初始化工作集结构。

#129 /* Initialize job structures external to this file */

#130 PspInitializeJobStructures();

#131

#132 /* Initialize the Working Set data */

#133 InitializeListHead(&PspWorkingSetChangeHead.List);

#134 KeInitializeGuardedMutex(&PspWorkingSetChangeHead.Lock);

#135

初始化CID的句柄表，主要用来保存所有进程的句柄。

#136 /* Create the CID Handle table */

#137 PspCidTable = ExCreateHandleTable(NULL);

#138 if (!PspCidTable) return FALSE;

#139

#140 /* FIXME: Initialize LDT/VDM support */

#141

建立回收列表。

#142 /* Setup the reaper */

#143 ExInitializeWorkItem(&PspReaperWorkItem,PspReapRoutine,NULL);

#144

设置引导访问控制标志。

#145 /* Set the boot access token */

#146 PspBootAccesstoken = (PTOKEN)(PsIdleProcess->Token.Value & ~MAX_FAST_REFS);

#147

#148 /* Setup default object attributes */

#149 InitializeObjectAttributes(&ObjectAttributes,

#150 NULL,

#151 0,

#152 NULL,

#153 NULL);

#154

创建初始化系统进程。

#155 /* Create the Initial System Process */

#156 Status = PspCreateProcess(&PspInitialSystemProcessHandle,

#157 PROCESS_ALL_ACCESS,

#158 &ObjectAttributes,

#159 0,

#160 FALSE,

#161 0,

#162 0,

#163 0,

#164 FALSE);

#165 if (!NT_SUCCESS(Status)) return FALSE;

#166

设置系统进程与对象关系。

#167 /* Get a reference to it */

#168 ObReferenceObjectByHandle(PspInitialSystemProcessHandle,

#169 0,

#170 PsProcesstype,

#171 KernelMode,

#172 (PVOID*)&PsInitialSystemProcess,

#173 NULL);

#174

设置系统两个进程的名称。

#175 /* copy the process names */

#176 strcpy(PsIdleProcess->ImageFileName,"Idle");

#177 strcpy(PsInitialSystemProcess->ImageFileName,"System");

#178

设置系统初始化进程的文件名称。

#179 /* Allocate a structure for the audit name */

#180 PsInitialSystemProcess->SeAuditProcessCreationInfo.ImageFileName =

#181 ExAllocatePoolWithTag(PagedPool,

#182 sizeof(OBJECT_NAME_informatION),

#183 TAG_SEPA);

#184 if (!PsInitialSystemProcess->SeAuditProcessCreationInfo.ImageFileName)

#185 {

#186 /* Allocation Failed */

#187 return FALSE;

#188 }

#189

#190 /* Zero it */

#191 RtlZeroMemory(PsInitialSystemProcess->

#192 SeAuditProcessCreationInfo.ImageFileName,

#193 sizeof(OBJECT_NAME_informatION));

#194

创建系统初始进程的工作线程。并且设置线程运行函数Phase1Initialization，这个线程就开始进入系统第1阶段初始化。

#195 /* Setup the system initialization thread */

#196 Status = PsCreateSystemThread(&SysThreadHandle,

#197 THREAD_ALL_ACCESS,

#198 &ObjectAttributes,

#199 0,

#200 NULL,

#201 Phase1Initialization,

#202 LoaderBlock);

#203 if (!NT_SUCCESS(Status)) return FALSE;

#204

创建一个对象与线程句柄关联在一起。

#205 /* Create a handle to it */

#206 ObReferenceObjectByHandle(SysThreadHandle,

#207 0,

#208 PsThreadType,

#209 KernelMode,

#210 (PVOID*)&SysThread,

#211 NULL);

#212 ZwClose(SysThreadHandle);

设置系统初始化进程已经准备好。

#213 SysThreadCreated = TRUE;

#214

#215 /* Return success */

#216 return TRUE;

#217 }

通过这个函数把进程的数据结构全部初始化，为最后创建初始化进程准备好了条件，这样当系统下一次任务调度时，就会进入系统第1阶段初始化，这样就系统就有两个进程在运行，第一个进程是引导进程，最终变为空闲进程。第二个进程是系统初始化进程。

现在就来分析第二阶段的进程管理器初始化函数PspInitPhase0，如下：

#001 BOOLEAN

#002 NTAPI

#003 PspInitPhase1()

#004 {

#005 /* Initialize the System DLL and return status of operation */

#006 if (!NT_SUCCESS(PspInitializeSystemDll())) return FALSE;

#007 return TRUE;

#008 }

第二阶段主要就是初始化系统的动态连接库，并且返回执行的操作结果。