Linux kernel space and user space

In this paper, we introduce 32-bit systems as an example of kernel space (kernel spaces) and user space.

kernel space and user space

For a 32-bit operating system, its addressing space (virtual address space, or called linear address space) is 4G (2 of 32). This means that the maximum address space for a process is 4G. The core of the operating system is the kernel (kernel), which is independent of the normal application, has access to protected memory space, and has all the permissions to access the underlying hardware device. In order to ensure the security of the kernel, the current operating system generally forces the user process cannot directly manipulate the kernel. The specific implementation is basically by the operating system to divide the virtual address space into two parts, part of the kernel space, and the other part of the user space. For Linux operating systems, the highest 1G bytes (from virtual addresses 0xC0000000 to 0xFFFFFFFF) are used by the kernel, known as kernel space. The lower 3G bytes (from the virtual address 0x00000000 to 0xBFFFFFFF) are used by each process, called user space.
We can understand this part of the above:
In the 4G address space of each process, the maximum 1G is the same, that is, kernel space. Only the remaining 3G will be used by the process itself.
In other words, the kernel space of up to 1G is shared by all processes!
Describes the allocation of 4G address space per process (this figure is from the Internet):

Why you need to differentiate between kernel space and user space

In all instructions of the CPU, some instructions are very dangerous, and if used incorrectly, it will cause the system to crash, such as clearing memory, setting the clock, etc. If all programs are allowed to use these instructions, then the probability of a system crash is greatly increased.
Therefore, the CPU divides the instruction into privileged and non-privileged instructions, and for those dangerous instructions, only the operating system and its associated modules are allowed, and ordinary applications can only use instructions that do not cause disaster. For example, Intel's CPU divides the privilege level into 4 levels: Ring0~ring3.
In fact, the Linux system uses only the RING0 and Ring3 two runlevel (the same for Windows systems). When a process runs at the Ring3 level, it is called running in the user state, while running at the RING0 level is called running in the kernel state.

Kernel State and User state

Okay, now we need to explain again what is the kernel state, the user state:
When a process runs in kernel space, it is in the kernel state, and the process is in user state when it is running in user space.
In the kernel state, the process runs in the kernel address space, at which time the CPU can execute any instruction. The code is also free to access any valid address, or to access the port directly, without any restrictions.
In the user state, the process runs in the user address space, the executed code is subject to a lot of CPU checks, they can only access the virtual address of the page table entry that maps its address space, and only the I/O license bitmap in the task status segment (TSS) (I/O Permission BITMAP) provides direct access to the accessible ports specified in the

For previous DOS operating systems, there was no concept of kernel space, user space, or kernel State or user state. You can assume that all the code is running in the kernel state, so the user-written application code can easily crash the operating system.
For Linux, by differentiating between the design of kernel space and user space, the operating system code is isolated (the operating system code is much more robust than the code of the application) and the application code. Even a single application error does not affect the stability of the operating system, so that other programs can run normally (Linux is a multitasking system!). )。

Therefore, the distinction between kernel space and user space is essentially to improve the stability and usability of the operating system.

How to enter kernel space from user space

In fact, all system resource management is done in kernel space. such as reading and writing disk files, allocating reclaimed memory, reading and writing data from the network interface, and so on. It is not possible for our application to do such an operation directly. But we can do this with the interface provided by the kernel.
For example, to read a file on a disk, the application can launch a "system call" to the kernel to tell the kernel: "I want to read a file on a disk." In fact, it is through a special instruction to let the process from the user state into the kernel state (to the kernel space), in the kernel space, the CPU can execute any instruction, of course, also includes reading data from disk. The process is to first read the data into the kernel space, and then copy the data to the user space and switch from the kernel state to the user state. At this point the application has returned from the system call and has obtained the desired data, you can happily go down execution.
The simple thing is that applications outsource high-tech things (read files from disk) to the system kernel, and the system kernel does these things professionally and efficiently.

For a process, the process is complicated by entering the kernel space from the user space and eventually returning to the user space. For example, the concept of "stack", which we often touch, actually has a stack of processes in both the kernel state and the user state. While running in user space, the process uses a stack in user space, while running in kernel space, the process uses a stack in kernel space. So there are two stacks for each process in Linux, one for the user state and the other for the kernel state.

A concise description of the transition between the user state and the kernel State:

Now that the user-state process must switch to the kernel to use the system's resources, let's look at how many different ways the process can go from the user state to the kernel state. In summary, there are three ways: system calls, soft interrupts, and hardware interrupts . Each of these three ways involves a lot of operating system knowledge, so do not expand here.

Overall structure

Next we look at the structure of the entire Linux system from the perspective of kernel space and user space. It can be broadly divided into three parts, from bottom to top: hardware---Kernel space--user space. As shown (this figure is from the Internet):

On top of the hardware, the code in the kernel space controls the use of the hardware resources, and the code in the user space is only available to the hardware resources in the system by means of the system call Interface that the kernel exposes. In fact, not only the Linux,windows operating system design is similar.

Summary

Most modern operating systems protect the security and stability of the operating system through the design of kernel space and user space. So when we read about the operating system, we often encounter kernel space, user space and kernel State, user state and other concepts, I hope this article can help you understand these basic concepts.

Reference:

User space and kernel space, process context and interrupt context [summary]
Detailed!!!!! of the kernel state and User Configuration

Linux kernel space and user space