The kernel is the core, or the ‘nucleus’ of the operatingsystem, and every OS has one.
The kernel is responsible for managing access tosystem resources such as the CPU, RAM, and input/output for peripheral devices.Without the kernel, only the shell of the operating system would be present.The CPU is responsible for executing tasks, however to dothis the kernel must allocate processor time for these tasks to make use ofsystem resources. RAM (random access memory) is a volatile form of memorywhich is used to store instructions and/or data for the session. It is the job of the kernel to allocate an amount of memoryto store these instructions, or to create space in memory which allows forstorage where there may be a lack thereof. For I/O requests to peripheral devices, the kernel mustprocess requests to access and interact with such peripherals and provide amethod to use this device.
(LINFO, Kernel, 2017)The different kernel structures provide different approachesto handling the previously mentioned tasks, as the kernel must provideprotocols (methods of communication) to allow for effective running of thesystem. It is these structures which determine how the systemhandles such requests. The latest Linux kernel (versions 4.x.x) have amonolithic structure, which means that they contain all of the servicesrequired within, and the OS therefore functions as a single large process whichruns in its entirety in a single address space. As a result of this, the kernelcan use system calls to manage system resources.
Alternatively, the Windows NTkernel requires the use of device drivers to provide a way for tasks to expresstheir requests to the kernel using protocols which will be understood. This isdone via layers of abstraction which simplify the instructions to that whichcan be understood by the kernel and processor.System calls play a prominent role in the regular functionof the kernel. A system call can fall under one of six categories which are:process management, memory management, inter-process communication, filesystem, initialisation and other. These system calls are signals sent when anapplication without access to the permissions of the kernel wishes toaccomplish a task requiring the attention of the kernel; in order for this taskto occur, the application must be temporarily granted kernel-level access whichis why the system call can also sometimes be referred to as a kernel-call.
(LINFO, System Call, 2017) Windows 10 – WindowsNT kernel:The Windows NT kernel is a hybrid kernel which can be storedon both the x64 processor and the x86 which are the available processorarchitectures in the latest version of the Windows OS (Windows 10). The WindowsNT kernel is the kernel on which the architecture of newer Windows phones (8,8.1, 10 Mobile) are based. This kernel replaced the previous monolithic kernelseen in Windows CE architecture. (Unknown, 2017) (Holwerda, 2012)There are two modes in which the processor can run: usermode and kernel mode – this is what makes the hybrid kernel processorindependent- the architecture of the OS is built with only the core processingunit within.
By providing the processor with the ability to switch between usermode and kernel mode, the system is more secure by only allowing the mosttrusted functions to access kernel mode – this enhances security of the system,as crashes in kernel mode can crash the entire OS. As previously mentioned, the kernel mode only allows themost trusted functions to access it. However, the structure of kernel modemeans that all code shares a single virtual address space, and unlike usermode, applications do not get a private process which isolates it from otherprocesses. Thus providing a security risk present in monolithic kernels – akernel mode driver is capable of writing to the wrong address and potentiallydamaging the entire system.One of the microkernel features of the hybrid NT is the wayin which user mode handles applications. When an application is run at userlevel, Windows creates a private process for that application which means itcannot be interfered with by other processes which is reflective of themicrokernel structure which is generally praised its stability by isolatingprocessors (known as servers). As a result of the isolation, if one processcrashes, only that process suffers, and the rest of the OS remains functioning.Furthermore, the virtual address space (the space in memory in which theprocess runs) is limited so that it cannot damage or alter important OS data.
(Microsoft, 2017)Memory management in Windows NT kernels uses virtual addressspaces to store processes. These processes cannot be interfered with by otherprocesses, as each is allocated its own virtual address space. The virtualaddress spaces used to store processes do not correspond to a physical addressin the memory, but instead refers to an internal data structure (page table)which can translate virtual addresses to the appropriate physical address. Thisprocess allows the system to handle processes using more memory than isavailable via paging. Paging allows for more efficient memory handling, so thatif more space is required paging can be used to temporarily move pages to andfrom a file on the disk. (Microsoft, 2017)The Windows NT kernel makes use of device drivers tointeract with peripherals. The Windows I/O manager is responsible forcommunication between application and peripheral.
This communication is donevia IRPs (I/O request packet) which is essentially a signal sent to aperipheral to tell the device what it needs to do.Due to the hybrid nature of the Windows NT kernel, it seeksto combine the stability of the microkernel with the efficiency and reliabilityof the monolithic kernel. The use of kernel and user modes effectivelyeliminates issues in that when processes are isolated in user mode, they cannotdirectly damage or alter the entire system as not every process has allprivileges. Linux dist. Ubuntu –Linux kernel version 4.xThe Linux kernel used in Ubuntu is a monolithic kernelwhich, in Ubuntu runs on the i386 or x86_64 processor architectures, howeverunlike traditional monolithic kernels, this kernel allows for device drivers tobe configured as loadable kernel modules.
This ability to configure devicedrivers as kernel modules means that the kernel can easily be extended andadapted for new hardware or system calls. Due to the open-source nature ofLinux, the Linux kernel (various versions) are present in newer Androidoperating systems which are used on popular smartphones such as HTC and Samsung,however these versions use a variety of different versions of the kernel, i.e3.18 or 4.4( (Wikipedia, 2017).In the x86 processor architecture on which the newer versionof the kernel runs, there is a mode referred to as protected mode.
Thisprotected mode provides security by allowing more control over applications bythe OS. In this protected mode, there are levels of privilege which aspects ofthe system are able to access, with level 0 being the most privileged – thekernel. This allows for a higher level of security by only allowing some devicedrivers and the OS to access this level. Applications generally run in ring 3which is the least privileged, and thus means that key elements of the systemare isolated from potential harm. However, whilst most operating systems usingthe x86 processor architecture use the levels of privilege to maintain systemsecurity, the Windows NT kernel does not fully reap the benefits of this ringprotection method.
The monolithic Linux kernel uses kernel space and user spaceto keep volatile memory (RAM) separate from applications running. Applicationsrun in user space, and therefore have lower levels of privilege – in order toaccess kernel space, the user mode must perform a system call so that it can changeinto kernel mode to complete the required task by accessing a higher level ofprivilege than before and utilise the kernel capabilities. (LINFO, Kernel Space, 2017)File management in the Linux kernel is similar to that ofthe Unix kernel. The kernel is concerned with the structure of the file, thestructure which falls under one of three file types. The file types are asfollows: Ordinary (user-entered data, application program or utility program),Directory (file names. These files have special privileges which only allowfile system to write-to them) and Special (used to access peripheral devices).
(William Stallings, 2001)Within the Linux kernel, paging and segmentation are keymethodologies in memory management. The use of segmentation in the Linux kernelallows blocks of data to be kept isolated from each other. Paging is used toadd abstraction to virtual memory addressing by not directly translating theaddress to a physical location, thus allowing for the system to use more memorythan exists – this approach is similar to that of memory management in WindowsNT kernels.
Device management in the Linux kernel differs vastly to thatof Windows NT as devices are located as special files in the dev directory –this is part of the file system, as they need to be available to the operatingsystem during the booting process.A traditional issue of monolithic kernels is the lack ofportability between processor architectures. Generally, these must be rewrittenfor new processor architectures, however Linux has not suffered greatly fromthis issue.
In addition to this, the kernel is able to load modules at run-timemeaning the kernel itself can be much smaller and thus take up less systemspace. The ability to interact directly with the hardware means that monolithicsystems are generally more efficient in terms of accessing resources – despitethe potential risk of being less stable due to the wider access to higherpriority levels within the OS and crashes possibly damaging the entire system. (LINFO, Kernel, 2017)