Brief description:
To preventProgramFor any resource access, most CPU architectures support the kernel mode and user mode. When the CPU runs in the kernel mode, the task can execute privileged-level commands, have full access to any I/O device, and can access any virtual address and control the virtual memory hardware; this mode corresponds to the ring0 layer of X86. The core part of the operating system, including the device drivers, is running in this mode. When the CPU runs in user mode, the hardware prevents the execution of privileged commands and checks the access operations in the memory and I/O space.CodeYou cannot enter the kernel mode because the operating system does not have a door mechanism. This mode corresponds to the ring3 layer of X86, the user interface of the operating system and all user applications run at this level.
Details:
From: blog-love fight to win-Benjamin Superman http://www.cnblogs.com/BenjaminYao/
This is a note on the Operating System (OS). Here I will use Linux kernel as an example to explain the concept of kernel/user mode in OS. The author is not familiar with it, if you have any mistakes, please correct them. Thank you.
In the hardware architecture of many computers, in order not to allow programs to access any resources (such as random access to Memory RAM), most CPU architectures support kernel mode and user mode, of course, this mode also takes effect only when the OS has actual cooperation. For example, DOS has no separate kernel/user mode, and all programs executed in DOS can execute any behavior on any resource, therefore, DOS viruses can be so arrogant that hard disks can be formatted without moving.
Generally, an application executes a program in user mode. Common numerical calculations or variable assignments can be completed in this mode, however, if you want to execute commands that compromise system security (such as writing data to a disk), these commands are not allowed to be executed in user mode, to execute these special commands, the system will only give you an error message. The application must call some OS-defined functions to implement those functions, such as printf (), the functions defined by these operating systems are called system call ).
When the application executes the system call, it is not silly to let the application do what it wants, first, they will strictly check the permissions of the called application and the content of the operation (whether to read files that do not belong to their own storage range and whether to read or write files that do not have the permission to read and write, do you want to send the information to the wrong device ......), if there are any errors, the system call will stop the execution and return an error code so that the application can know where the error is. On the contrary, the system call will notify the CPU to enter the kernel mode and execute the privileged command according to the parameters sent by the application. After the privileged command is executed, the system
Call will notify the CPU to return the user mode and return to the application.
The kernel/user mode architecture is a very common execution mode. You can see this architecture on almost any machine, from the computer to the machine box, card flushing machine and other electronic products, to protect some special commands from being confused by program developers, OS developers usually define system call to tell developers which actions must be filtered by OS before execution.
Of course, developers of Open Source kernel such as Linux can customize and increase the number of system calls to enrich the communication interfaces between the OS and the application. However, such modifications have been carefully planned and tested, if the Program executed in the system call is incorrect, the entire OS may crash (crash )! For example, many drivers without open source (display cards such as xvidia and ATX) have no way of knowing the presentation of those drivers.AlgorithmTherefore, it cannot be guaranteed that the drivers will cause the kernel to be executed in half.
In fact, all third-party drivers will have this problem. Windows is often scolded and sometimes it is innocent. Everything is because the third-party companies that write drivers are so hard to do, writing down low-quality drivers causes windows to break down, and the Microsoft Windows team is also full of suffering (here it does not mean to guard Microsoft, just to state the facts ).
Explanation:
User mode code
User mode code is just about everything that you will see running on your computer. programs Written in user mode utilize the standard Win32 API, and do not interact with the kernel, the memory, or the hardware directly. this is the safest mode of operation,
Because user-mode is heavily monitored and restricted by the system. programs Running in user mode may not be able to perform all the same tasks as kernel mode code can (not directly, anyway ), but user mode programs have a limited ability to hurt or "crash"
The system.
Kernel mode code
Code operating in kernel mode has fewer restrictions than user-mode code, but with the greater freedom comes a much larger risk of damaging the system. for instance, a poorly constructed device driver can crash the system, and since it runs outside of user
Control, there will be no good way to fix it! It is important, then, that kernel mode code be written only when absolutely necessary, and that kernel mode code is extensively tested and debugged before shipping it to the user.
Context switching
All processes begin execution in user mode, and they switch to kernel mode only when obtaining a service provided by the kernel. this change in mode is termed a mode switch, not to be confused with a context switch (although it sometimes is), which is the switching
Of the CPU from one process to another.