NT System Services are basically the same as
system calls
on UNIX or UNIX compatible operating systems. It is the basic interface
of the internals of the OS. These functions include file access, process
management, memory management, network or hardware access, and so on.
To use the above functions, user-mode programs must use the NT
System Services. For example, every open attempt to a file will
eventually call the NT System Service,
NtCreateFile.
The original function used by the user-mode programs code could have
been a POSIX compatible
open or
Win32 API
CreateFile. Both
of them are merely a wrapper function for
NtCreateFile.
Although NT System Services and system calls are similar, there are
a few differences. First of all, the number differs greatly. System calls
range up to approximately 300. In contrast, there are almost 1000
NT System Services (on WindowsXP). This implies that the NT System
Services offer more functionality than system calls. One striking
difference is that the NT System Service for Windows XP and later
offer GDI functions (prefixed with NtGdi) which are functions
for the graphical user interfaces. After all, Windows is a GUI
based OS.
Secondly, and the largest one which daunted me is that there are no
official documents for NT System Services. The reason for this
may be because Microsoft does not want programmers to use the
NT System Services directly and just use the upper (wrapper)
functions. This way, Microsoft can change the functionality of
NT System Services around and still keep consistency for the
user-mode programs to work. In fact, the NT System Services
have changed at each update of Windows. For example, a new
NT System Serivce was added for Windows XP SP2 but Microsoft
has never annouced this.