How processes work with user and kernel mode in Windows OS?
I have been trying to learn the Windows architecture but I am still struggling to piece all of the parts together and I think it is especially hard because I don't have any programming knowledge.
One of my pain areas is the kernel and user mode. Could anyone help me with a good example to understand how processes that run in user mode access the kernel ? And where do handles and objects come into the picture?
From what I read the kernel and user mode are just two different processor modes on Windows. User mode is used for applications, system processes, services etc. while the kernel mode is for Windows Executive, device and file-system drivers, HAL, kernel code itself, GDI etc. The processor running on Windows switches between these two modes depending on the code it is executing.
In user mode, the executing code has no ability to directly access hardware and has only limited access to system data. It would have to use handles to access kernel mode resources which are objects.
In kernel mode, the executing code has complete and unrestricted access to the underlying hardware and system data.
This isolation allows for better system stability and security. Crashes in the user mode only affect the application as each process runs in its own private virtual memory space called heap, while crashes in the kernel mode causes bug checks because the kernel mode shares the virtual memory space known as pool.
To show my understanding so far let us take the example of MS Paint. If I launch paint and then try to open an image by keying in the filename, a thread in the mspaint.exe process is going to be switched into the kernel mode by the processor in order to access the file-system which is in the kernel mode that will allow it to view all the files present on the disk and locate the file that matches the filename. On locating the file, the mspaint thread is provided a handle to the file object in the kernel mode and then the thread is switched back to user mode by the processor.
Please correct me if I am wrong and if so a correct example with how it works would be very much appreciated.
windows operating-systems kernel
asked Feb 11 at 21:24
InchbyinchInchbyinch
11
add a comment |
I have been trying to learn the Windows architecture but I am still struggling to piece all of the parts together and I think it is especially hard because I don't have any programming knowledge.
One of my pain areas is the kernel and user mode. Could anyone help me with a good example to understand how processes that run in user mode access the kernel ? And where do handles and objects come into the picture?
From what I read the kernel and user mode are just two different processor modes on Windows. User mode is used for applications, system processes, services etc. while the kernel mode is for Windows Executive, device and file-system drivers, HAL, kernel code itself, GDI etc. The processor running on Windows switches between these two modes depending on the code it is executing.
In user mode, the executing code has no ability to directly access hardware and has only limited access to system data. It would have to use handles to access kernel mode resources which are objects.
In kernel mode, the executing code has complete and unrestricted access to the underlying hardware and system data.
This isolation allows for better system stability and security. Crashes in the user mode only affect the application as each process runs in its own private virtual memory space called heap, while crashes in the kernel mode causes bug checks because the kernel mode shares the virtual memory space known as pool.
To show my understanding so far let us take the example of MS Paint. If I launch paint and then try to open an image by keying in the filename, a thread in the mspaint.exe process is going to be switched into the kernel mode by the processor in order to access the file-system which is in the kernel mode that will allow it to view all the files present on the disk and locate the file that matches the filename. On locating the file, the mspaint thread is provided a handle to the file object in the kernel mode and then the thread is switched back to user mode by the processor.
Please correct me if I am wrong and if so a correct example with how it works would be very much appreciated.
windows operating-systems kernel
asked Feb 11 at 21:24
InchbyinchInchbyinch
11
add a comment |
I have been trying to learn the Windows architecture but I am still struggling to piece all of the parts together and I think it is especially hard because I don't have any programming knowledge.
One of my pain areas is the kernel and user mode. Could anyone help me with a good example to understand how processes that run in user mode access the kernel ? And where do handles and objects come into the picture?
From what I read the kernel and user mode are just two different processor modes on Windows. User mode is used for applications, system processes, services etc. while the kernel mode is for Windows Executive, device and file-system drivers, HAL, kernel code itself, GDI etc. The processor running on Windows switches between these two modes depending on the code it is executing.
In user mode, the executing code has no ability to directly access hardware and has only limited access to system data. It would have to use handles to access kernel mode resources which are objects.
In kernel mode, the executing code has complete and unrestricted access to the underlying hardware and system data.
This isolation allows for better system stability and security. Crashes in the user mode only affect the application as each process runs in its own private virtual memory space called heap, while crashes in the kernel mode causes bug checks because the kernel mode shares the virtual memory space known as pool.
To show my understanding so far let us take the example of MS Paint. If I launch paint and then try to open an image by keying in the filename, a thread in the mspaint.exe process is going to be switched into the kernel mode by the processor in order to access the file-system which is in the kernel mode that will allow it to view all the files present on the disk and locate the file that matches the filename. On locating the file, the mspaint thread is provided a handle to the file object in the kernel mode and then the thread is switched back to user mode by the processor.
Please correct me if I am wrong and if so a correct example with how it works would be very much appreciated.
windows operating-systems kernel
asked Feb 11 at 21:24
InchbyinchInchbyinch
11
I have been trying to learn the Windows architecture but I am still struggling to piece all of the parts together and I think it is especially hard because I don't have any programming knowledge.
One of my pain areas is the kernel and user mode. Could anyone help me with a good example to understand how processes that run in user mode access the kernel ? And where do handles and objects come into the picture?
From what I read the kernel and user mode are just two different processor modes on Windows. User mode is used for applications, system processes, services etc. while the kernel mode is for Windows Executive, device and file-system drivers, HAL, kernel code itself, GDI etc. The processor running on Windows switches between these two modes depending on the code it is executing.
In user mode, the executing code has no ability to directly access hardware and has only limited access to system data. It would have to use handles to access kernel mode resources which are objects.
In kernel mode, the executing code has complete and unrestricted access to the underlying hardware and system data.
This isolation allows for better system stability and security. Crashes in the user mode only affect the application as each process runs in its own private virtual memory space called heap, while crashes in the kernel mode causes bug checks because the kernel mode shares the virtual memory space known as pool.
To show my understanding so far let us take the example of MS Paint. If I launch paint and then try to open an image by keying in the filename, a thread in the mspaint.exe process is going to be switched into the kernel mode by the processor in order to access the file-system which is in the kernel mode that will allow it to view all the files present on the disk and locate the file that matches the filename. On locating the file, the mspaint thread is provided a handle to the file object in the kernel mode and then the thread is switched back to user mode by the processor.
Please correct me if I am wrong and if so a correct example with how it works would be very much appreciated.
windows operating-systems kernel
windows operating-systems kernel
asked Feb 11 at 21:24
InchbyinchInchbyinch
11
asked Feb 11 at 21:24
InchbyinchInchbyinch
11
edited Feb 12 at 1:32
Inchbyinch
asked Feb 11 at 21:24
InchbyinchInchbyinch
11
asked Feb 11 at 21:24
InchbyinchInchbyinch
11
asked Feb 11 at 21:24
InchbyinchInchbyinch
11
11
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1404603%2fhow-processes-work-with-user-and-kernel-mode-in-windows-os%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1404603%2fhow-processes-work-with-user-and-kernel-mode-in-windows-os%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
