Shulou(Shulou.com)06/01 Report--

This article mainly introduces the example analysis of kernel space and user space in Linux, which has a certain reference value, and interested friends can refer to it. I hope you will gain a lot after reading this article.

Kernel space and user space

For a 32-bit operating system, its address space (virtual address space, or linear address space) is 4G (2 to the 32th power). In other words, the maximum address space of a process is 4G. The core of the operating system is the kernel, which is independent of ordinary applications and can access protected memory space as well as all permissions to the underlying hardware devices. In order to ensure the security of the kernel, the current operating system generally forces user processes not to operate the kernel directly. The specific implementation is basically by the operating system to divide the virtual address space into two parts, one is the kernel space, the other is the user space. For the Linux operating system, the highest 1G bytes (from the virtual address 0xC0000000 to 0xFFFFFFFF) are used by the kernel and are called kernel space. The lower 3G bytes (from the virtual address 0x00000000 to 0xBFFFFFFF) are used by individual processes and are called user space.

We can understand the above paragraph as follows:

In the 4G address space of each process, the highest 1G is the same, that is, the kernel space. Only the remaining 3G is used by the process itself.

In other words, up to 1G of kernel space is shared by all processes!

The following figure depicts the allocation of 4G address space for each process (this figure is from the Internet):

Why do you need to distinguish between kernel space and user space

Of all the instructions in CPU, some are very dangerous and will cause the system to crash if misused, such as clearing memory, setting the clock, and so on. If all programs are allowed to use these instructions, the probability of system crash will be greatly increased.

Therefore, CPU divides instructions into privileged instructions and unprivileged instructions. For those dangerous instructions, only the operating system and its related modules are allowed to use, and ordinary applications can only use those instructions that will not cause disaster. For example, Intel's CPU divides the privilege level into four levels: Ring0~Ring3.

In fact, the Linux system only uses two runtime levels, Ring0 and Ring3 (the same is true for Windows systems). When a process is running at the Ring3 level, it is called running in the user mode, while running at the Ring0 level is called the running kernel state.

Kernel state and user state

Okay, now we need to explain what kernel state and user mode are:

The process is in kernel state when it is running in kernel space, and in user state when it is running in user space.

In kernel mode, the process runs in the kernel address space, and CPU can execute any instruction. The running code is not subject to any restrictions, and you can freely access any valid address or directly access the port.

In the user mode, the process runs in the user address space, and the executed code is subject to many checks by CPU. They can only access the virtual address of the page that can be accessed in the user mode specified in the page table entry that maps its address space, and can only access the accessible port specified in the Icano Permission Bitmap in the task status segment (TSS).

For the previous DOS operating system, there are no concepts of kernel space, user space, kernel state and user state. It can be considered that all the code is running in kernel mode, so the application code written by the user can easily crash the operating system.

For Linux, it separates the operating system code (which is much more robust than the application code) from the application code by distinguishing the design of kernel space from user space. Even errors in a single application will not affect the stability of the operating system, so that other programs can run normally (Linux is a multitasking system!) .

Therefore, the essence of distinguishing kernel space from user space is to improve the stability and availability of the operating system.

How to enter kernel space from user space

In fact, all system resource management is done in kernel space. Such as reading and writing disk files, allocating reclaimed memory, reading and writing data from network interfaces, and so on. It is impossible for our application to do this directly. But we can do this through the interfaces provided by the kernel.

For example, if an application wants to read a file on disk, it can make a "system call" to the kernel and tell the kernel, "I want to read the so-and-so file on disk." In fact, through a special instruction to let the process from the user state to the kernel state (to the kernel space), in the kernel space, CPU can execute any instruction, including reading data from the disk. The specific process is to read the data into the kernel space, and then copy the data to the user space and switch from the kernel state to the user state. At this point, the application has returned from the system call and got the desired data, and can happily proceed.

To put it simply, the application outsources high-tech things (reading files from disk) to the system kernel, which does these things professionally and efficiently.

For a process, the process of entering kernel space from user space and eventually returning to user space is very complex. For example, for example, the concept "stack" that we often come into contact with, in fact, the process has a stack in kernel state and a stack in user state. When running in user space, the process uses the stack in user space, while when running in kernel space, the process uses the stack in kernel space. So, each process in Linux has two stacks, one for user mode and the other for kernel state.

The following figure briefly describes the transition between user state and kernel state:

Since the process in user mode must be switched to kernel mode in order to use the resources of the system, let's take a look at how many ways the process can enter kernel state from user mode. In a nutshell, there are three ways: system call, soft interrupt, and hardware interrupt. Each of these three ways involves a great deal of knowledge of the operating system, so we will not expand it here.

Whole structure

Next, let's look at the structure of the entire Linux system from the perspective of kernel space and user space. It can be divided into three parts, from bottom to top: hardware-> kernel space-- > user space. As shown in the following figure (this figure is from the Internet):

On the hardware, the code in the kernel space controls the right to use the hardware resources, and the code in the user space can only use the hardware resources in the system through the system call interface (System Call Interface) exposed by the kernel. In fact, not only the design of the Linux,Windows operating system is more or less the same.

Thank you for reading this article carefully. I hope the article "sample Analysis of Kernel Space and user Space in Linux" shared by the editor will be helpful to you. At the same time, I also hope that you will support and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.