search
HomeSystem TutorialLINUXWhat are Linux kernel space and user space?
What are Linux kernel space and user space?Feb 05, 2024 pm 12:57 PM
linuxlinux tutoriallinux systemLinux operating systemlinux commandshell scriptembeddedlinuxgood promiseGetting started with linuxlinux learning

Kernel space and user space

For a 32-bit operating system, its addressing space (also called virtual address space or linear address space) size is 4G (that is, 2 to the 32nd power). This means that a process can have a maximum address space of 4G.

The core of the operating system is the kernel, which is separated from ordinary applications and has permission to access protected memory space and underlying hardware devices. In order to ensure the security of the kernel, modern operating systems usually restrict user processes from directly operating the kernel.

Typically, this is achieved by dividing the virtual address space into two parts, kernel space and user space. As far as the Linux operating system is concerned, the highest 1G bytes (from virtual address 0xC0000000 to 0xFFFFFFFF) are used by the kernel and are called kernel space. The lower 3G bytes (from virtual address 0x00000000 to 0xBFFFFFFF) are used by individual processes and are called user space.

In other words, among the 4G address space of each process, the highest 1G is the same, that is, the kernel space. Only the remaining 3G is the available space for the process itself.

It can be understood like this: "The maximum 1G kernel space is shared among all processes!" The following figure shows the allocation of 4G address space for each process (picture comes from the Internet):

What are Linux kernel space and user space?

Why do we need to distinguish between kernel space and user space

Among all the instructions of the CPU, some are very dangerous and will cause the system to crash if used incorrectly, such as clearing memory, setting the clock, etc. If all programs are allowed to use these instructions, the probability of a system crash will be greatly increased.

So, the CPU divides instructions into privileged instructions and non-privileged instructions. For those dangerous instructions, only the operating system and its related modules are allowed to use them, and ordinary applications can only use those instructions that will not cause disaster.

For example, Intel's CPU divides the privilege level into 4 levels: Ring0~Ring3. In fact, Linux systems only use two run levels, Ring0 and Ring3 (the same is true for Windows systems).

When a process is running at Ring3 level, it is said to be running in user mode, and when it is running at Ring0 level, it is said to be running in kernel mode.

Kernel state and user state

Okay, now we need to explain what kernel mode and user mode are: "When a process runs in kernel space, it is in kernel mode, and when a process runs in user space, it is in user mode."

In kernel mode, the process runs in the kernel address space, and the CPU can execute any instructions at this time. The running code is not subject to any restrictions and can freely access any valid address or directly access the port.

In user mode, the process runs in the user address space. The executed code is subject to many checks by the CPU. They can only access pages that are accessible in user mode as specified in the page table entries mapping their address space. Virtual address, and can only directly access the accessible ports specified in the I/O Permission Bitmap in the Task Status Segment (TSS).

For the previous DOS operating system, there was no concept of kernel space, user space, kernel mode, and user mode. It can be considered that all code runs in the kernel mode, so user-written application code can easily crash the operating system.

For Linux, the design of distinguishing kernel space and user space isolates operating system code (operating system code is much more robust than application code) and application code.

Even if an error occurs in a single application, it will not affect the stability of the operating system, so that other programs can still run normally (Linux is a multi-tasking system!).

"So, distinguishing between kernel space and user space is essentially to improve the stability and availability of the operating system."

How to enter kernel space from user space

In fact, all system resource management is completed in the kernel space. For example, reading and writing disk files, allocating and recycling memory, reading and writing data from network interfaces, etc.

Our application cannot directly perform such operations. But we can accomplish such tasks through the interface provided by the kernel.

For example, if an application wants to read a file on the disk, it can initiate a "system call" to the kernel and tell the kernel: "I want to read a certain file on the disk."

In fact, a special instruction is used to allow the process to enter the kernel state (to the kernel space) from the user state. In the kernel space, the CPU can execute any instructions, including reading data from the disk. The specific process is to first read the data into the kernel space, then copy the data to the user space and switch from the kernel mode to the user mode.

At this point, the application has returned from the system call and obtained the desired data, and can happily continue execution. To put it simply, the application outsources high-tech things (reading files from disk) to the system kernel, and the system kernel does these things professionally and efficiently.

For a process, the process of entering kernel space from user space and finally returning to user space is very complicated. For example, the concept "stack" that we often come into contact with actually has a stack in the kernel mode and user mode.

When running in user space, the process uses the stack in user space, and when running in kernel space, the process uses the stack in kernel space. Therefore, each process in Linux has two stacks, one for user mode and one for kernel mode.

The following figure briefly describes the conversion between user mode and kernel mode:

What are Linux kernel space and user space?

Since the user mode process must switch to the kernel mode in order to use the system resources, let's take a look at how many ways the process can enter from the user mode to the kernel mode.

In summary, there are three ways: system call, software interrupt and hardware interrupt. Each of these three methods involves a lot of operating system knowledge, so they will not be expanded upon here.

the whole frame

Next, let’s take a look at the structure of the entire Linux system from the perspective of kernel space and user space. It can be roughly divided into three parts, from bottom to top: hardware -> kernel space -> user space. As shown in the picture below (this picture comes from the Internet):

What are Linux kernel space and user space?

On top of the hardware, the code in the kernel space controls the use of hardware resources. The code in the user space can only use the hardware resources in the system through the system call interface (System Call Interface) exposed by the kernel. . In fact, not only Linux, but also the design of Windows operating systems is similar.

In fact we can summarize the activity of each processor at any given point in time as one of the following three:

  • Runs in user space and executes user processes.
  • Runs in the kernel space, in the process context, and executes on behalf of a specific process.
  • Runs in kernel space, is in interrupt context, has nothing to do with any process, and handles a specific interrupt.

The above three points include almost all situations. For example, when the CPU is idle, the kernel runs an empty process, which is in the process context but runs in the kernel space.

Note: The interrupt service routines of Linux systems are not executed in the context of the process. They are executed in a specialized interrupt context that is independent of all processes.

The reason why there is a special execution environment is to ensure that the interrupt service program can respond to and handle the interrupt request as soon as possible, and then exit quickly.

Подведем итог

Большинство современных операционных систем защищают безопасность и стабильность самой операционной системы за счет проектирования пространства ядра и пользовательского пространства. Поэтому, когда мы читаем информацию об операционных системах, мы часто сталкиваемся с такими понятиями, как пространство ядра, пространство пользователя, режим ядра и режим пользователя.Я надеюсь, что эта статья поможет вам понять эти основные понятия.

The above is the detailed content of What are Linux kernel space and user space?. For more information, please follow other related articles on the PHP Chinese website!

Statement
This article is reproduced at:良许Linux教程网. If there is any infringement, please contact admin@php.cn delete
什么是linux设备节点什么是linux设备节点Apr 18, 2022 pm 08:10 PM

linux设备节点是应用程序和设备驱动程序沟通的一个桥梁;设备节点被创建在“/dev”,是连接内核与用户层的枢纽,相当于硬盘的inode一样的东西,记录了硬件设备的位置和信息。设备节点使用户可以与内核进行硬件的沟通,读写设备以及其他的操作。

Linux中open和fopen的区别有哪些Linux中open和fopen的区别有哪些Apr 29, 2022 pm 06:57 PM

区别:1、open是UNIX系统调用函数,而fopen是ANSIC标准中的C语言库函数;2、open的移植性没fopen好;3、fopen只能操纵普通正规文件,而open可以操作普通文件、网络套接字等;4、open无缓冲,fopen有缓冲。

linux中什么叫端口映射linux中什么叫端口映射May 09, 2022 pm 01:49 PM

端口映射又称端口转发,是指将外部主机的IP地址的端口映射到Intranet中的一台计算机,当用户访问外网IP的这个端口时,服务器自动将请求映射到对应局域网内部的机器上;可以通过使用动态或固定的公共网络IP路由ADSL宽带路由器来实现。

linux中eof是什么linux中eof是什么May 07, 2022 pm 04:26 PM

在linux中,eof是自定义终止符,是“END Of File”的缩写;因为是自定义的终止符,所以eof就不是固定的,可以随意的设置别名,linux中按“ctrl+d”就代表eof,eof一般会配合cat命令用于多行文本输出,指文件末尾。

linux怎么判断pcre是否安装linux怎么判断pcre是否安装May 09, 2022 pm 04:14 PM

在linux中,可以利用“rpm -qa pcre”命令判断pcre是否安装;rpm命令专门用于管理各项套件,使用该命令后,若结果中出现pcre的版本信息,则表示pcre已经安装,若没有出现版本信息,则表示没有安装pcre。

linux怎么查询mac地址linux怎么查询mac地址Apr 24, 2022 pm 08:01 PM

linux查询mac地址的方法:1、打开系统,在桌面中点击鼠标右键,选择“打开终端”;2、在终端中,执行“ifconfig”命令,查看输出结果,在输出信息第四行中紧跟“ether”单词后的字符串就是mac地址。

linux中rpc是什么意思linux中rpc是什么意思May 07, 2022 pm 04:48 PM

在linux中,rpc是远程过程调用的意思,是Reomote Procedure Call的缩写,特指一种隐藏了过程调用时实际通信细节的IPC方法;linux中通过RPC可以充分利用非共享内存的多处理器环境,提高系统资源的利用率。

手机远程linux工具有哪些手机远程linux工具有哪些Apr 29, 2022 pm 05:30 PM

手机远程linux工具有:1、JuiceSSH,是一款功能强大的安卓SSH客户端应用,可直接对linux服务进行管理;2、Termius,可以利用手机来连接Linux服务器;3、Termux,一个强大的远程终端工具;4、向日葵远程控制等等。

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. Best Graphic Settings
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. How to Fix Audio if You Can't Hear Anyone
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Atom editor mac version download

Atom editor mac version download

The most popular open source editor

DVWA

DVWA

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software

VSCode Windows 64-bit Download

VSCode Windows 64-bit Download

A free and powerful IDE editor launched by Microsoft

SecLists

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.

SAP NetWeaver Server Adapter for Eclipse

SAP NetWeaver Server Adapter for Eclipse

Integrate Eclipse with SAP NetWeaver application server.