Shulou(Shulou.com)06/01 Report--

This article introduces the relevant knowledge of "how to understand Linux user mode and kernel mode". In the actual case operation process, many people will encounter such difficulties. Next, let Xiaobian lead you to learn how to deal with these situations! I hope you can read carefully and learn something!

Linux overall architecture diagram

Let's first look at a Linux architecture diagram.

system call

The smallest functional unit of an operating system at system call time. Depending on the application scenario, the number of system calls provided by different Linux distributions varies, ranging from 240 to 350. These system calls form the basic interface between user mode and kernel mode. For example, if user mode wants to apply for a 20K dynamic memory, it needs brk system call to offset the pointer of data segment downward. What if user mode applies for 20K dynamic memory in multiple places and releases it at the same time? This memory management becomes very complicated.

library function

Library functions are shielding these complex low-level implementation details, reducing the burden on programmers, and thus paying more attention to the upper logic implementation. It encapsulates system calls and provides a simple basic interface to the user, which enhances the flexibility of the program. Of course, for simple interfaces, system calls can also be used to access resources directly, such as open(), write(), read(), etc. Library functions are also available in different versions depending on the standard, e.g. glibc library, posix library, etc.

Shell

Shell, as its name implies, means outer shell. It's like a shell around the core. It is a special application, commonly known as the command line. In order to facilitate user interaction with the system, generally a Shell corresponds to a terminal and is presented to the user interaction window. Of course, Shell is also programmed, it has a standard shell syntax, and the text that conforms to its syntax is called Shell script. Many people will use Shell scripts to implement some common functions, which can improve work efficiency.

Why distinguish between user state and kernel state?

Among all the CPU instructions, there are some instructions that are very dangerous and, if misused, will cause the entire system to crash. For example: clear memory, set the clock, etc. If all programs can use these instructions, it's not surprising that your system crashes N times a day. Therefore, the CPU divides instructions into privileged instructions and non-privileged instructions. For those dangerous instructions, only the operating system and its related modules are allowed to use them. Ordinary applications can only use those instructions that do not cause disasters. Intel's CPU divides privilege levels into four levels: RING0, RING1, RING2, and RING3.

When a task (process) executes a system call and gets stuck in kernel code execution, we say the process is in kernel runtime (or simply kernel state). At this point the processor is executing in kernel code with the highest privilege level (class 0).

When a process is in kernel state, kernel code executed uses the kernel stack of the current process. Each process has its own kernel stack.

A process is said to be in user runtime (user mode) when it is executing user code. That is, the processor is running in user code with the lowest privilege level (level 3).

The user program may also be symbolically said to be in kernel state when it is suddenly interrupted by an interrupt program while executing. Linux uses Ring3 to run user mode, Ring0 as kernel mode, and Ring1 and Ring2 are not used. Ring3 states cannot access Ring0's address space, including code and data. The 4GB address space of the Linux process, the 3G-4G part is shared by everyone, is the kernel-state address space, where the code and all kernel modules stored in the entire kernel, as well as the data maintained by the kernel. The user runs a program, the process created by the program starts running in user mode, if you want to perform file operations, network data transmission and other operations, you must use write, send and other system calls, these system calls will call the code in the kernel to complete the operation, at this time, you must switch to Ring0, and then enter the kernel address space in 3GB-4GB to execute these codes to complete the operation, after completion, switch back to Ring3, back to user mode.

In this way, user-mode programs cannot operate the kernel address space at will, and have certain security protection effects.

The processor is always in one of the following states:

1. Kernel state, running in process context, kernel represents process running in kernel space;

2. Kernel state, running in interrupt context, kernel represents hardware running in kernel space;

3. User mode, running in user space.

How to switch from user mode to kernel mode?

There are three ways to switch from user mode to kernel mode:

** System call: ** This is a way for a user-mode process to actively request to switch to kernel mode. The user-mode process requests to use the service program provided by the operating system to complete the work through the system call. For example, fork() in the previous example is actually executing a system call to create a new process. The core of the system call mechanism is implemented using an interrupt that the operating system is particularly open to users, such as Linux's int 80h interrupt.

** Exception: ** When the CPU executes a program running in user mode, some unknown exception occurs in advance, which triggers a switch from the current running process to the kernel-related program that handles this exception, and it also goes to kernel mode, such as page missing exception.

** Peripheral interrupt: ** When the peripheral device completes the operation requested by the user, it will send a corresponding interrupt signal to the CPU. At this time, the CPU will suspend the execution of the next instruction to be executed and instead execute the processing program corresponding to the interrupt signal. If the previously executed instruction is a program in user mode, then this conversion process naturally occurs. Switching from user mode to kernel mode. For example, when the hard disk read and write operation is completed, the system will switch to the interrupt handler for hard disk read and write to perform subsequent operations.

These three ways are the most important ways for the system to transfer from user mode to kernel mode at runtime, in which system calls can be considered as initiated by user processes actively, exceptions and peripheral device interrupts are passive.

"Linux user state and kernel state how to understand" the content of the introduction here, thank you for reading. If you want to know more about industry-related knowledge, you can pay attention to the website. Xiaobian will output more high-quality practical articles for everyone!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.