Kernel Mode Vs User Mode
104/11/23 Kernel Mode and User Mode
What is the Kernal?
204/11/23
What is the Kernal?
• The kernel is the "core" of any computer
system.
• It is the "software" which allows users to
share computer resources.
• The kernel can be thought as the main
software of the OS (Operating System),
which may also include graphics
management.3
04/11/23
Contd.,
• For example, under Linux (like other Unix-
like OSs), the XWindow environment doesn't
belong to the Linux Kernel, because it
manages only graphical operations (it uses
user mode I/O to access video card devices).
• By contrast, Windows environments (Win9x,
WinME, WinNT, Win2K, WinXP, and so on)
are a mix between a graphical environment
and kernel. 404/11/23
Contd.,
• Interacts with the hardware
• First program to get loaded when the system starts and
runs till the session gets terminated
• Different from BIOS which is hardware dependent.
• Kernel is software dependent
• LINUX: In hard disk, it is represented by the file /vmlinuz.
504/11/23
• Resource Management• Xwindow- Graphical User Interface• Sudo followed by command name – Super user
do – file extraction not allowed inside the file system.
04/11/23 6
04/11/23 7
04/11/23 8
Kernel types
• Monolithic
o All OS related code are stuffed in a single module
o Available as a single file
o Advantage : Faster functioning
• Micro
o OS components are isolated and run in their own address
space
o Device drivers, programs and system services run
outside kernel memory space.Only a few functions such
as process scheduling, and interprocess communication
are included into the microkernel
o Supports modularity & Lesser in size904/11/23
1004/11/23
Kernel Mode(Privileged Mode)
• Kernel mode, also referred to as system
mode.
• two distinct modes of operation of the CPU
(central processing unit) in Linux
oKernal mode and user mode.
User mode -non-privileged mode for user
programs.
Kernel Mode - Mainly for Restriction/
Protection from unauthorized user
application program.
1104/11/23
• When the CPU is in kernel mode, it is assumed to be
executing trusted software, and thus it can execute
any instructions and reference any memory addresses
(i.e., locations in memory).
• all other programs(user applications) are considered
untrusted software.
• Thus, all user mode software must request use of the
kernel by means of a system callin order to perform
privileged instructions, such as process creation or
input/output operations.
1204/11/23
• A good example of this would be device
drivers.
• A device driver must tell the kernel exactly
how to interact with a piece of hardware, so it
must be run in kernel mode.
• Because of this close interaction with the
kernel, the kernel is also a lot more vulnerable
to programs running in this mode, so it
becomes highly crucial that drivers are
properly debugged before being released to
the public.
1304/11/23
System Call
• A system call is a request to the kernel in a Unix operating
system by an active process for a service performed by the
kernel.
• A process is an executing instance of a program. An active
process is a process that is currently advancing in the CPU
(while other processes are waiting in memory for their
turns to use the CPU).
• Input/output (I/O) is any program, operation or device that
transfers data to or from the CPU and to or from a
peripheral device (such as disk drives, keyboards, mice and
printers).1404/11/23
USER MODE• It is a non-privileged mode in which each process (i.e., a running
instance of a program) starts out.
• It is non-privileged in that it is forbidden for processes in this
mode to access those portions of memory (i.e., RAM) that have
been allocated to the kernel or to other programs.
• When a user mode process (i.e., a process currently in user mode)
wants to use a service that is provided by the kernel (i.e., access
system resources other than the limited memory space that is
allocated to the user program), it must switch temporarily into
kernel mode, which has root (i.e., administrative) privileges,
including root access permissions (i.e., permission to access any
memory space or other resources on the system). When the kernel
has satisfied the process's request, it restores the process to user
mode.
• The standard procedure to switch from user mode to kernel mode
is to call the 0x80 software interrupt.
1504/11/23
USER MODE(non –privileged Mode)
• User mode is the normal mode of operating for programs.
Web browsers, calculators, etc. will all be in user mode.
• They don't interact directly with the kernel, instead, they just
give instructions on what needs to be done, and the kernel
takes care of the rest.
• Code running in user mode must delegate to system APIs to
access hardware or memory.
• Due to the protection afforded by this sort of isolation,
crashes in user mode are always recoverable.
• Most of the code running on your computer will execute in
user mode.
• When in User Mode, some parts of RAM cannot be addressed, some
instructions can’t be executed, and I/O ports can’t be accessed04/11/23 16UNIT-I 1604/11/23
What is the difference between User Mode and Kernel ModeOverview when computers were as big as a room, users ran
their applications with much difficulty and, sometimes, their applications crashed the computer.
Operative modesTo avoid having applications that constantly crashed,
newer OSs were designed with 2 different operative modes:
Kernel Mode: the machine operates with critical data structure, direct hardware (IN/OUT or memory mapped), direct memory, IRQ, DMA, and so on.
User Mode: users can run applications.
1704/11/23
Switching from User Mode to Kernel Mode When do we switch?Once we understand that there are 2 different
modes, we have to know when we switch from one to the other.
Typically, there are 2 points of switching:
When calling a System Call: after calling a System Call, the task voluntary calls pieces of code living in Kernel Mode
When an IRQ (or exception) comes: after the IRQ an IRQ handler (or exception handler) is called, then control returns back to the task that was interrupted like nothing was happened.
1804/11/23
SWITCHING FROM USER MODE TO KERNEL MODE
• The only way an user space application can explicitly initiate a
switch to kernel mode during normal operation is by making an
system call such as open, read, write etc.
• Whenever a user application calls these system call APIs with
appropriate parameters, a software interrupt/exception(SWI) is
triggered.
• As a result of this SWI, the control of the code execution jumps
from the user application to a predefined location in the
Interrupt Vector Table [IVT] provided by the OS.
• This IVT contains an address for the SWI exception handler
routine, which performs all the necessary steps required to switch
the user application to kernel mode and start executing kernel
instructions on behalf of user process.04/11/23 19UNIT-I 1904/11/23
Switch User Mode to Kernel Mode
04/11/23 20
IVT do the necessary steps
Kernel Mode
Interrupt
• An interrupt is a signal to the operating system
that an event has occurred, and it results in
changes in the sequence of instructions that is
executed by the CPU. In the case of a hardware
interrupt, the signal originates from a hardware
device such as a keyboard (e.g., when a user
presses a key), mouse or system clock (a circuit
that generates pulses at precise intervals that are
used to coordinate the computer's activities). A
software interrupt is an interrupt that originates
in software, usually by a program in user mode. 2104/11/23
Contd.,
USER Mode
Kernel Mode
Computer Hardware
Implementation
2204/11/23
Kernel Mode "prevents" User Mode applications from damaging the system or its features.
Modern microprocessors implement in hardware at least 2 different states. For example under Intel, 4 states determine the PL (Privilege Level). It is possible to use 0,1,2,3 states, with 0 used in Kernel Mode.
Unix OS requires only 2 privilege levels, and we will use such a paradigm as point of reference.
2304/11/23
System Calls
System calls are like special functions that manage OS routines which live in Kernel Mode.
A system call can be called when we: access an I/O device or a file (like read or write)need to access privileged information (like
pid(process identifier, changing scheduling policy or other information)
need to change execution context (like forking or executing some other application)
need to execute a particular command (like ''chdir'', ''kill", ''brk'', or ''signal'')
2404/11/23
ShellProgram that interacts with kernel
Bridge between kernel and the user
Command interpreter
User can type command and the command is
conveyed to the kernel and it will be executed
25 04/11/23
Types of Shell
Sh – simple shell
BASH – Bourne Again Shell
KSH – Korne Shell
CSH – C Shell
SSH – Secure Shell
To use a particular shell type the shell name at the command prompt.
Eg $csh – will switch the current shell to c shell
To view the current shell that is being used, type echo $SHELL at the
command prompt
26 04/11/23
2704/11/23
2804/11/23
2904/11/23
3004/11/23
3104/11/23
3204/11/23
3304/11/23
3404/11/23
3504/11/23
3604/11/23
3704/11/23
3804/11/23
3904/11/23