Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is the difference between kernel stack and user stack?

What is the need of using two different stacks in same program? How does trap change the current stack of program from user stack to kernel stack? How does it come back to user stack after completing system call?

Does every process have a kernel and user stack?

like image 220
user609306 Avatar asked Feb 09 '11 06:02

user609306


People also ask

What is the difference between kernel and user mode?

In kernel mode, the program has direct and unrestricted access to system resources. In user mode, the application program executes and starts. In user mode, a single process fails if an interrupt occurs. Kernel mode is also known as the master mode, privileged mode, or system mode.

What is kernel stack used for?

The kernel stack is also used for interrupt handler execution, for the interrupts that occur while a particular thread is running. As we have talked about already, the interrupts are almost always doing something for another, blocked process/thread.

Why do we switch from the user's stack to a kernel stack?

When a process enters kernel mode as the result of a system call, the stack is switched from the user mode stack to the kernel stack. This is done to preserve the integrity of the kernel, otherwise the process (another thread, for example) could do some nasty things to the stack.

What is the difference between user and kernel space?

Kernel space is strictly reserved for running a privileged operating system kernel, kernel extensions, and most device drivers. In contrast, user space is the memory area where application software and some drivers execute.


1 Answers

There is (basically) one "kernel stack" per CPU. There is one "user stack" for each process, though each thread has its own stack, including both user and kernel threads.

How "trapping changes the stack" is actually fairly simple.

The CPU changes processes or "modes", as a result of an interrupt. The interrupt can occur for many different reasons - a fault occurs, (like an error, or page-fault), or a physical hardware interrupt (like from a device) - or a timer interrupt (which occurs for example when a process has used all of it's allotted CPU time").

Either way - when this interrupt is called, the CPU registers are saved on the stack - all the registers - including the stack pointer itself.

Typically then a "scheduler" would be called. The scheduler then chooses another process to be run - restoring all of its saved registers including the stack pointer, and continues execution from where it left off (stored in the return-address pointer).

This is called a "Context Switch".

I'm simplifying a few things - like how memory management context are saved and restored, but that's the idea. It's just saving and restoring registers in response to an interrupt - including the "stack pointer" register.

So each program or thread has it's own ("user mode") stack (i.e. a multi-threaded program would have multiple stacks) - and the context switch switches between these.

More specially, "Kernel Mode" stacks exist for when the machine (or a specific CPU) is running in the kernel. The exact handing is a OS specific - for example Linux will have one interrupt (kernel) stack per CPU (which would be generally used for interrupts, including page-faults and syscalls, which inherently includes nearly everything - like device drivers and the scheduler). Like user-space threads, Linux kernel also has separate stacks for kernel threads. (Windows Kernel does something different).

like image 112
Brad Avatar answered Oct 18 '22 03:10

Brad