"Reprint" The difference between LINUX and the WINDOWS kernel

Source: Internet
Author: User
Tags apc

The difference between LINUX and the WINDOWS kernel

[Disclaimer: Welcome reprint, reprint please specify from CU accessory http://linux.chinaunix.net/bbs/thread-1153868-1-1.html]


There are a lot of saliva stations on Linux and Windows. This paper attempts to compare the similarities and differences of the 2 mainstream operating systems from a technical point of view. Focus on the kernel part.

First, Motive:

I was first in the WINDOWS camp. The driver was written under windows for more than 2 years. Later, due to learning needs, switching to Linux, Flash also nearly 2 years. During the period of experience a lot of twists and turns, but also learned a lot of things. Because of the lack of experience and knowledge when it comes to developing Windows drivers, I now feel more familiar with Linux.

Of course, every 2 years of study can only be said to have entered the door. Each operating system is very profound, and is constantly evolving. So I just from a personal point of view to compare, inevitably there are shortcomings, welcome everyone to correct.

I am writing this article in the hope of helping those who are also transferred from the window camp and would like to help people who are going from Linux to Windows (such as the Boss's request) and those who are interested in 2.

Overall, I think 2 operating systems have strengths. I like the freedom of Linux, open, also like Windows Unified, compatible. Below you will compare the similarities and differences of the next 2 operating systems.

BTW: With regard to the operating system version, the Windows kernel has not changed much since win 2K. I am more familiar with is Win2K, WIN XP. The Linux kernel in this article is 2.6. Or, more specifically, 2.6.18. Because I am most familiar with this version. But now the newest seems to have been 2.6.31. In addition about 2.6.18, citing this version T-bagwell classmate's paragraph: "2.6.18 seems to be relatively stable large version, like 2.4.18, relatively stable, many enterprises, embedded are used." The CentOS 5 I use is based on 2.6.18.


Two, the difference:

I think the biggest difference between the two is that Windows is a commercial software, and Linux is open source software. The advantage of commercial software is that it can concentrate a large number of human resources to do one thing. Easy to unify, compatible (because of customer needs). The advantage of open source is flexibility and openness.


In the following comparison, I usually first introduced the windows, and then introduced the Linux.

1. Concept: Business VS Open Source

Windows is a commercial software, its source code is confidential. Of course, other non-Ms people also have the opportunity to see the source code. If you sign an NDA (NON Disclosure Agreement) with MS, you may also get the Windows code.

But for the vast majority of poor students, and even Visual Studio in the use of pirated cheap companies, and Ms signed an NDA is almost unthinkable. So in the Windows world, it's hard to understand the specifics of the window kernel. It can only be leaked by DDK (DRIVER Development Kit) and WinDbg (kernel Debugging tools). Then there is reverse ENGINEERING (reverse engineering, which can be simply understood as disassembly, which is actually more complex).

This also caused the <windows internals> a book super hot reason. Because it is licensed by Microsoft and publishes a lot of internal details. Another book about the kernel is <undocumented WINDOWS 2K Secrets&gt, although a bit old, but a lot of insider. The 2 words about windows, undocumented and secrets are definitely the words that can be likened to "super beauties". Because these things can not be seen at ordinary times.

In this correspondence, in the Linux world, a common word is rtfs. That is, read the fxxxxxx SOURCE CODE (which is said to be the first out of Linus Torvalds, the father of Linux). That means "read the damn code." The implication, I gave you the code to you, what else do you want? This is like a man to his gf/lp/ld said, I have all the bank account password to you, what else do you want?

In fact, he does not know (or know) women still need your time, energy to accompany her. It's as if Linux programmers are not aware of the document and it's important. Of course, Linux programmers should also be aware of the importance of documentation, but one is that maintenance costs are too high, and the Linux kernel changes too fast. So the Linux documentation feels almost as much as MSDN.

Say that that year win 2K source code leaks out some, I also can't wait to download a copy. Although I have not seen it, but to get the windows source of the feeling, absolutely no better than to marry a beautiful beauty poor. (Of course, really want to marry a wife or look inside).

By contrast, LINUX is open source and the code is readily visible. I was very shocked to have just turned from the Windows world. Although I have always known this fact, but when you find that you need to use a variety of methods before you can get a few words of information is now fully present in front of you, you can really realize that open source is really a great project.

After looking at the Linux source, I finally found out that the kernel was mostly C (not a compilation of what was previously imagined). At the same time the kernel seems to be like that, not as mysterious as previously imagined. The original compiled kernel is a little more troublesome than compiling a common program, and it takes a long time. The original compiled kernel with the ordinary C compiler can. The original kernel is also an ordinary executable file. PS: I suspect that Ms also uses VS to compile windows. I also know that the Windows kernel is an executable file.) The original replacement of the kernel is so simple.

Finally, the kernel can be changed by me casually. Whoa, haha, huh!

Words regulation Dhamma, I think business is also good. For example, compatibility is good, I used to write a driver in WDM, up to the compiler option can be in Win 98, Win 2K, Win XP run. Very convenient. And if you switch to Linux, you have to pray that the different kernel versions do not change between the header files you use, the function interfaces. Otherwise it's going to change the code.

At the same time, the benefits of open source are suitable for learning, very flexible. I think Linux is very suitable for schools, students. Because open source, when you find that you do not understand the place, you can directly to see the source (remember Rtfs? : Wink:). Do not understand can also go to the forum to ask. And for Windows, you want to learn about its internals and have Google, and then pray. One of the better resources is a magazine under MSDN, with a theme called Under the HOOD, or search Bugslayer. Matt Pietrek and John Robbins, the authors of the 2 themes, are both of the characters of the Bull class.

By the way under the HOOD the name itself. I've never understood it before, because if you look it up in a dictionary, HOOD means a lid. So what's under the lid? Why do you look under the lid?

After coming to the United States, I gradually understood. HOOD should be understood here as the hood of the car. In the United States, cars are very common. If you drive, but never open the hood, then you can only use it without knowing the inside of the car. So what if you open the lid and look at it? Can see a lot of internal details, such as the engine what.

In the automotive Kingdom of the United States, many software terms are related to cars because people are familiar with cars in their daily lives. For example, the word "engine", used to play 3D games, often see the introduction that the game uses the latest 3D engine. What do you mean? Is the most important part of the game (car engine) has been upgraded. Not only changed the image of the outside.

In addition, open source software often uses cars to analogy. Open source accidentally after you buy a car (software), you can get a repair shop to repair. That is, anyone can change, as long as he understands. and copy right software, you buy a car, but the engine lid is locked, broken can only go to the manufacturer repair, other people can not repair. What if the manufacturer does not want to repair or repair it? Then you'll have to resign yourself to it.

It's a little far, stop.


1.1, Release: 2 binary VS source

The main discussion here is about the different forms and concepts that Windows and Linux use in the publishing process, which are linked to the underlying concepts of business or open source.

In the Windows world, almost all of the installers are published in binary form. That is, the user downloaded a program, and then double-click, all the way to Next,next,next. This method is suitable for beginners. There are similar mechanisms in the Linux world, such as Yum, Apt-get, and so on. But Yum and Apt-get are both relatively late, and before that, installing programs in the Linux world is more cumbersome.

In some cases, the Linux yum, Apt-get is not enough. For example, some people write a small software, not put in these large public libraries. At this point, you will find that they generally provide one or a bunch of source files, and then need users to download, "compile", install. This is the Linux World common source code release form.

At first, it was very unaccustomed to this form of publishing for Linux. Used to the Windows double-click installation, always feel that the installation of Linux is very troublesome, but also their own./configure, make, make install. In case the software relies on other libraries, then you have to find those libraries yourself, in case those libraries depend on other libraries ... In addition, the version of the various libraries is also a problem, in case of incompatibility, then you have to find a compatible.

Why is the Linux world so many source code released? Why is the Windows World popular with 2 binary files released instead of source code? The latter, well explained, because many of the source code in Windows is a trade secret, is not public. At the same time, the libraries used by Windows programs are installed in the general system. So 2 binary release is feasible and very convenient.

On the previous issue, I think one of the benefits of source code publishing is that you can make some optimizations and settings at compile time. For example, the same code, the 32 or 64-bit platform can be compiled under the appropriate optimization. In addition, users can set some switches at compile time, so that optimizations during compilation are generally better than run-time optimizations.

However, one disadvantage of source code publishing is that it requires a higher level of user requirements. If running the Configue,make command goes well, okay. If the case is not smooth, you have to change your head file What, no doubt the general users can not do. In addition, the dependency between the library is very troublesome if the person handles it manually. Fortunately, the Linux world later had a package management system like Yum Apt-get. Most of the software is easy to install.


2. Process and its creation CreateProcess VS FORK+EXECV

In the Windows world, the most common win API for creating processes is CreateProcess and related functions. This function requires a bunch of parameters (features of the WINDOWS API), but many parameters can be expressed simply by using NULL, TRUE OR false. In addition, you directly tell it which file to execute.

To the Linux world, I vaguely know that fork is used to create a new process. But when I look at the function description of the fork, I'm stuck. Because fork does not require any parameters. Accustomed to the CreateProcess of the 10 parameters, suddenly replaced by a function without any parameters, it feels wonderful. On the one hand, it seems that things are a lot easier to do without having to figure out the meaning of each of the 10 parameters. On the other hand, I'm wondering, how do I tell it I'm going to execute a file?

Later, the meaning of the process in Linux is not the same as in Windows. The processes in Linux can be executed on their own. In Windows, a process simply represents the ownership of a resource and cannot be executed. To do this, a thread must be required. This also partly explains why CreateProcess must pass in the name of the file to be executed.

The meaning of fork is to clone a new one out of the process itself. That is, after fork, both the parent and child processes execute the same piece of code. If you want to differentiate, you can differentiate it by the return value of the fork. Note Referring to a fork:

On success, the PID of the child process was returned in the parent's thread of execution, and a 0 is returned in the ' s thread of execution.

At the same time in the Linux program, the common wording is as follows:

intPid;
Pid=Fork();
Switch (Pid)
{
Case0: //i am the Child

;
Case -1: //failed.

;
default: //i am the Parent


}



Why design it like this? Because one of the design goals of Linux is to apply to the server. In this case, a service may start many processes (threads) to serve a different client. So fork is designed to replicate the parent process quickly. The child process uses the father's address space directly, creating its own address space only when the child process loads a new executable file.

This saves the huge overhead of creating the address space, making the process of creating Linux very fast. In fact, though, the process here is relative to the threads in windows, so the overhead should be about the same as the thread creation in Windows.

So how do you get the new process to load an executable file, then use EXECV and related functions. So the function in Linux instead of CreateProcess () is FORK+EXECV


3. File format PE VS ELF

The executable file format in Windows is PE. When it comes to Linux, it becomes elf. 2 have similar places, for example, are divided into sections, including code snippets, data segments and so on. But 2 of them are not the same. Makes it possible for a person to move from one to another to learn again. A bit like the people who have been accustomed to the car in the country, to Hong Kong or Britain to drive, although also 4 wheels a steering wheel, but one on the left, one on the right. It always takes some time to get used to it.

So why can't Linux use the same file format as Windows? I think there are several possible reasons. First of all, it could be that 2 are almost simultaneously designed and don't know each other's existence. So there is no way to overwhelm one side. Another possible reason is that the PE format is initially confidential (later MS exposes the PE spec), so even if Linux does not want to use PE directly.

By the way, MS OFFICE's document format was previously confidential and was not published until recently (as if it were 2008). Hopefully, this will make open office a lot smoother to develop.


4. Kernel API: Fixed VS non-fixed

The Windows kernel has a fixed set of APIs and is backwards compatible. This makes it easy for Windows-driven developers to migrate between different versions. For example, I use WDM (WINDOWS DEVICE MODEL) to develop a driver, up to the compiler option can be used in Win 98, 2K, XP, 2003. VISTA I think maybe all can.

Linux does not have a fixed kernel API. The 2.4 version of kernel modules in 2.6 is almost too large to be compatible. To migrate, it is not just a compilation option, but a bunch of header files and implementation files. The trouble is that even though they are all 2.6 cores, there are some differences between the different small versions. If your kernel module just uses the changed parts, then you have to re-learn, and then change your own header files or implementation files.

The advantage of fixed kernel API is good compatibility, the disadvantage is the burden is larger, have to support the old, perhaps outdated interface. For example, the Windows kernel has WDM set of APIs, but there are network adapters dedicated NDIS set of APIs. In fact, many of the 2 sets of API design goals are coincident. So why are there 2 of them? Because NDIS is first out, for compatibility, be sure to support. and NDIS only for the network card, so again out of WDM.

The disadvantage of the non-fixed API is that the upgrade is cumbersome, peripheral kernel module maintainers are very hard. The advantage is that newer designs can be used at any time.


5. Comparison of interrupt handling in Windows and Linux

5.1 Differences:

In Windows, there is a IRQL (note is not an IRQ) concept. At the earliest, I thought it was the CPU design that included this stuff. Later looking at the Intel CPU manual, it seems that no. I've seen it again recently. Windows Interals 4TH. Feel this thing should be included in Pic OR APIC (about APIC, can see my previous post). For x86-32, the relationship between the IRQ of the hardware device and IRQL is: irql= 27-IRQ. The motive for introducing IRQL seems to be this: When the CPU is running low IRQL, if a high IRQL corresponding interrupt is coming, then the low interrupt ISR will be robbed by the high ISR. This means that the lower ISR is interrupted by a more advanced ISR. The benefit is that a high-priority ISR can get a quicker response.

In addition, in the concrete implementation, because the operation pic OR APCI Change IRQL is relatively time-consuming, so Windows is to try not to directly manipulate the hardware, but wait until the last resort to change.

In Linux, there seems to be no concept like IRQL. In terms of the books and code I have read, the ISR in Linux or Kernle is the interrupt flag bit (IF) on the CPU that is operating on or off at most. In other words, either break full open or all.

From this point of view, Linux is simpler than windows in this part of the design.


5.2 Similarities:

Both Windows and Linux seem to have broken the interrupts into 2 parts. Is it called an ISR (or something else) in Linux? ) and bottom half. In Winodws, DPC (Deferred Procedure Calls) and APC (asynchronous Procedure Calls) are very similar to bottom half. The motive for dividing the break into two parts is similar. It's all about making the ISR as fast as possible. Linux, in the ISR general shut down, so the time is too long, other interrupts will not be responded to. In Windows, the ISR runs in a very high IRQL, which also blocks other IRQL tasks.

The bottom half in Linux can be divided into Tasklet and SOFIRQ. The main differences between the two are complexity and concurrency (CONCURRENCY). Copy from <understanding LINUX NETWORK internals> below.
Tasklet:only one instance of each Tasklet can run at any time. Different Tasklets can run concurrently on Different CPUs.
Softirq:only one instance of each SOFTIRQ can run at the same time on a CPU. However, the same SOFTIRQ can run on different CPUs concurrentlyonly one instance of all SOFTIRQ can run at the same time On a CPU. However, the same SOFTIRQ can run on different CPUs concurrently.

The DPC in Windows is somewhat similar to Tasklet and SOFTIRQ. DPC is system-wide and runs on DPC IRQL. is an environment similar to the interrupt context (INTERRUPT context). The difference between APC and DPC is that the APC IRQL is running at a lower level. In addition, APC is for each thread. Executes in a thread environment. The main purpose is to put a part of things to be done later. APC is also divided into kernel APC and user APC. Does the idea of APC seem to be similar in Linux? At least I didn't think of it.

5.3 References:
1. WINDOWS interals 4TH
2. Understanding LINUX NETWORK Internals, 2005



UNICODE VS ASCII
KERNEL 4m/4k MIXED page VS 4K page
FS SEGMENT VS NO FS
GDI VS Xwindows
IRP VS FUNCTION POINTER
Registry VS Normal Files


Three, the same place

Windows and Linux are very similar in many places. I think there are 2 basic reasons. One is that 2 of them continue to be part of the UNIX stuff. The other is that 2 are mainly based on the X86 architecture. Of course 2 of them also support many other architectures, especially Linux.

I'm mainly talking about the same place under the X86 system.


1. Concept
Files together.

2, Kernel mapping: 2g:2g, 1g:3g. Linear mapping

3. SOCKET

4. DEVICE DRIVER or KERNEL MODULE

5. System call, interrupt
 


From for notes (Wiz)



"Reprint" The difference between LINUX and the WINDOWS kernel

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.