[翻译]Windows 虚拟桌面 VS Sysinternals Desktops
原文地址:Windows 10 Desktops vs. Sysinternals Desktops – Pavel Yosifovich (scorpiosoftware.net)
Win10 对用户感知较明显的新功能之一就是支持额外的桌面。也就是可以创建一个平面,可以在这个平面上创建、管理 Window。这也不是一个新东西,一个用户可以用4个桌面这种机制 Linux 已经用了很多年了(比如 KDE、Gnome)。这个功能可以避免杂乱,比如,一个桌面用浏览器,另一个桌面用来开发,还有个桌面可以用来使用其他的社交、工作应用。
One of the new Windows 10 features visible to users is the support for additional “Desktops”. It’s now possible to create additional surfaces on which windows can be used. This idea is not new – it has been around in the Linux world for many years (e.g. KDE, Gnome), where users have 4 virtual desktops they can use. The idea is that to prevent clutter, one desktop can be used for web browsing, for example, and another desktop can be used for all dev work, and yet a third desktop could be used for all social / work apps (outlook, WhatsApp, Facebook, whatever).
要想在 Win10 上创建虚拟桌面,可以先打开任务视图(Task View),然后点击【新建桌面】的加号。
To create an additional virtual desktop on Windows 10, click on the Task View button on the task bar, and then click the “New Desktop” button marked with a plus sign.
创建完之后,就可以在不同的桌面之间切换,并且正常使用 App 了。甚至可以将应用从一个桌面移动到另外一个桌面,或者设置一个应用在所有桌面上可见。
Now you can switch between desktops by clicking the appropriate desktop button and then launch apps as usual. It’s even possible (by clicking Task View again) to move windows from desktop to desktop, or to request that a window be visible on all desktops.
Sysinternals 工具集里面也有一个叫 “Desktops” 的工具,它也可以允许用户创建多达4个虚拟桌面并且在桌面中运行应用。那问题来了,这个 Desktops 工具跟 Window 10 的虚拟桌面是一样的吗?---不尽然
The Sysinternals tools had a tool called “Desktops” for many years now. It too allows for creation of up to 4 desktops where applications can be launched. The question is – is this Desktops tool the same as the Windows 10 virtual desktops feature? Not quite.
首先,有一些背景信息。在会话下的内核对象,有 window stations,desktops 以及其他对象。下面的图表总结了这种树形的关系:
First, some background information. In the kernel object hierarchy under a session object, there are window stations, desktops and other objects. Here’s a diagram summarizing this tree-like relationship:
从上图可以看到,一个 session 中包含一系列的 Window Station。Window station 是可以交互的,也就是说,它可以接受用户的输入。它的名字一直叫 winsta0 。如果还有其他的 window station,他们是不能交互的。(也就是说只有 winsta0 能交互,能交互的那个 window station 叫 winsta0)
As can be seen in the diagram, a session contains a set of Window Stations. One window station can be interactive, meaning it can receive user input, and is always called winsta0. If there are other window stations, they are non-interactive.
每一个 window station 中会包含一系列的桌面,其中的桌面都可以容纳窗口(window)。所以用户可以与在 winsta0 下的单个桌面交互。登录后,一个叫 “Default” 的桌面被创建出来,并且所以正常出现的窗口都将出现在这个桌面上。如果你按下 Ctrl + Alt + Del,你就会切换到一个被 winlogon 进程创建的叫 "Winlogon" 的桌面。 这就是正常桌面消失的原因:你已经切换到另一个桌面,其中可能存在不同的窗口。这个功能通过 SwitchDesktop function (winuser.h) - Win32 apps | Microsoft Learn 的功能来实现。
Each window station contains a set of desktops. Each of these desktops can hold windows. So at any given moment, an interactive user can interact with a single desktop under winsta0. Upon logging in, a desktop called “Default” is created and this is where all the normal windows appear. If you click Ctrl+Alt+Del for example, you’ll be transferred to another desktop, called “Winlogon”, that was created by the winlogon process. That’s why your normal windows “disappear” – you have been switched to another desktop where different windows may exist. This switching is done by a documented function – SwitchDesktop.
以下是 Windows 10 虚拟桌面和 Desktops 工具的区别。Desktops 工具实际上是使用 CreateDesktopW function (winuser.h) - Win32 apps | Microsoft Learn 来创建桌面对象。在这个桌面上,它通过运行 Explorer.exe 来创建 taskbar(初始状态下,什么都没有)。桌面是如何启动默认在多个桌面上创建窗口的进程的呢?应该是调用 CreateProcessW function (processthreadsapi.h) - Win32 apps | Microsoft Learn 并通过 STARTUPINFO 中的 lpDesktop 来指定桌面的名称。桌面名称格式为 windowstation\desktop.我要怎么知道 Sysinternals Desktops 创建的桌面名呢?可以通过EnumDesktopsW function (winuser.h) - Win32 apps | Microsoft Learn 来枚举当前桌面对象。我写了个小工具(zodiacon/winsta: Show Window Stations, Desktops and top level windows (github.com)),它可以枚举出当前会话中的所有 window station 和 desktop。这里有个通过 Desktops 创建的桌面的样例:
And here lies the difference between the Windows 10 virtual desktops and the Sysinternals desktops tool. The desktops tool actually creates desktop objects using the CreateDesktop API. In that desktop, it launches Explorer.exe so that a taskbar is created on that desktop – initially the desktop has nothing on it. How can desktops launch a process that by default creates windows in a different desktop? This is possible to do with the normal CreateProcess function by specifying the desktop name in the STARTUPINFO structure’s lpDesktop member. The format is “windowstation\desktop”. So in the desktops tool case, that’s something like “winsta0\Sysinternals Desktop 1”. How do I know the name of the Sysinternals desktop objects? Desktops can be enumerated with the EnumDesktops API. I’ve written a small tool, that enumerates window stations and desktops in the current session. Here’s a sample output when one additional desktop has been created with “desktops”:
对于 Windows 10 虚拟桌面,不会创建任何新的 Desktop。Win32k.sys 只会操作桌面的可见性,仅此而已。你能猜到 Window 10 为什么不在他的虚拟桌面中使用 CreateDesktop/SwitchDesktop 吗?
In the Windows 10 virtual desktops feature, no new desktops are ever created. Win32k.sys just manipulates the visibility of windows and that’s it. Can you guess why? Why doesn’t Window 10 use the CreateDesktop/SwitchDesktop APIs for its virtual desktop feature?
原因主要与桌面对象的一些限制有关。首先,绑定到一个桌面的窗口(技术上是线程)不能切换到另一个桌面上;换句话说,没办法把一个窗口从当前桌面切换到另一个桌面。这是故意这样设计的,因为这是桌面提供的保护之一。例如, SetWindowsHookEx 只能设置在当前桌面的 Window,所以不会影响其它桌面的窗口。另一个例子就是 Winlogon 桌面,Winlogon 桌面会有非常严格的安全描述符(security descriptor),可以阻止非系统级别用户访问桌面。否则,桌面就可能会被篡改。
The reason has to do with some limitations that exist on desktop objects. For one, a window (technically a thread) that is bound to a desktop cannot be switched to another; in other words, there is no way to transfer a windows from one desktop to another. This is intentional, because desktops provide some protection. For example, hooks set with SetWindowsHookEx can only be set on the current desktop, so cannot affect other windows in other desktops. The Winlogon desktop, as another example, has a strict security descriptor that prevents non system-level users from accessing that desktop. Otherwise, that desktop could have been tampered with.
Windows 10 上的虚拟桌面首先考虑的是灵活性和便利性,并不是为了安全而设计的(安全跟便利性相矛盾)。这就是为什么它可以将窗口从一个桌面移动到另一个桌面。因为它就没有真正的移动,对于内核对象来说,都是在一个对象上操作。
The virtual desktops in Windows 10 is not intended for security purposes, but for flexibility and convenience (security always “contradicts” convenience). That’s why it’s possible to move windows between desktops, because there is no real “moving” going on at all. From the kernel’s perspective, everything is still on the same “Default” desktop.
