What is Windows Kernel (OS Kernel)?

1. Download Restoro PC Repair Tool that comes with Patented Technologies (patent available here).
2. Click Start Scan to find Windows issues that could be causing PC problems.
3. Click Repair All to fix issues affecting your computer’s security and performance

• Restoro has been downloaded by 0 readers this month.

Windows, as an operating system, relies on a key program called kernel that controls all the processes running on the system. The Windows kernel is the link between all the hardware and software components of your computer. The kernel usually loads after the bootloader and then controls and coordinates all the other start-up processes.You can think of the kernel connects as being your computer’s translator as it takes requests from software and then converts them into instructions for the CPU.

Here are some examples of tasks overseen by the kernel: the tool manages internal and external hardware devices, launches and ends processes, allocates memory, and more.

As long as the kernel works properly, your computer works as expected as well. However, when the kernel is affected by various technical issues, your computer becomes practically unusable and it displays various BSOD error codes.

What is a Kernel in OS? What are the types of Kernel?

Every operating system- whether it is Windows, Mac, Linux, or Android, has a core program called a Kernel which acts as the ‘boss’ for the whole system. It is the heart of the OS! The Kernel is nothing but a computer program which controls everything else. Anything that happens on the computer goes through it. In this post, we will discuss what is a Kernel in an OS, and the different types of Kernels.

What is a Kernel in OS

Now that we know that its a core program in the OS, one should also know it is also the first program that loads after the bootloader. It then does all the talking between the hardware and the software or applications. So if you launch a program, the user interface sends a request to Kernel. The Kernel then sends a request to CPU, Memory to assign processing power, memory, and other things so the application can run smoothly in the front end.

You can imagine Kernel as a translator. It converts input/output requests from software into an instruction set for the CPU and GPU. In simple words, its a layer between the software and the hardware which makes everything possible. The kernel manages the following:

1. CPU/GPU
2. Memory
3. Input/Output or IO devices
4. Resource management
5. Memory management
6. Device management
7. System calls.

User processes can access kernel-space only through the use of system calls. If a program tries to access directly, it will result in a fault.

Kernel Security & Protection

The kernel also protects the hardware. If there is no protection, any program will be able to carry out any task on the computer, including crashing your computer, corrupting data, etc.

In modern-day computers, security is implemented on the hardware level. For example, Windows will not load drivers which are not from a trusted source and certified using signature. Secure Boot and Trusted Boot are classic examples.

Secure Boot: It is a security standard developed by members of the PC industry. It helps you protect your system from malicious programs by not allowing any unauthorized applications to run during the system start-up process. The feature makes sure that your PC boots using only software that is trusted by the PC manufacturer. So, whenever your PC starts, the firmware checks the signature of each piece of boot software, including firmware drivers (Option ROMs) and the operating system. If the signatures are verified, the PC boots and the firmware gives control to the operating system.

Trusted Boot: It uses the Virtual Trusted Platform Module (VTPM) to verify the digital signature of the Windows 10 kernel before loading it. In turn, it confirms every other component of the Windows startup process, including the boot drivers, startup files, and ELAM. If a file has been altered or changed to any extent, the bootloader detects it and refuses to load it by recognizing it as the corrupted component. In short, it provides a chain of trust for all the elements during boot.

What are the types of Kernel

The Kernel can also talk to hardware on a secure line. So companies can develop a Kernel which can talk to their hardware through a set of buttons. Take the washing machine for an example. Depending on the knobs you move, and time you set – a basic level of Kernel should be enough. That said, Kernel themselves grow complicated with time, which results in types of Kernel.

1. Monolithic Kernel: Here, the OS and Kernel both run in the same memory space and suitable where security is not a significant concern. It results in faster access, but if there is a bug in the device driver, the entire system crashes.
2. Microkernel: Its a stripped-down version of Monolithic Kernel where the Kernel itself can do most of the job done, and there is no need of an extra GUI. They should be used where security and the crashing system isn’t or will not happen.
3. Hybrid Kernel: This Kernel is what we see most. Windows, Apple’s macOS. They are a mix of Monolithic Kernel and Microkernel. It moves out drivers but keeps system services inside the Kernel – similar to how drivers are loaded when Windows Starts the bootup process.
4. Nano Kernel: If you need to have a kernel, but its majority of function is set up outside, then this comes into the picture.
5. Exo Kernel: This kernel only offers process protection and resource handling. However it is mostly used when you are testing out an inhouse project, and you upgrade to a better Kernel type.

There is a lot more to a Kernel than what we have talked about. As you dig deeper, the definition of Kernel gets broader and more profound.

We hope the post was easy to understand and helps you get through the basic.

Kernel Objects

Kernel object handles are process specific. That is, a process must either create the object or open an existing object to obtain a kernel object handle. The per-process limit on kernel handles is 2^24. However, handles are stored in the paged pool, so the actual number of handles you can create is based on available memory. The number of handles that you can create on 32-bit Windows is significantly lower than 2^24.

Any process can create a new handle to an existing kernel object (even one created by another process), provided that the process knows the name of the object and has security access to the object. Kernel object handles include access rights that indicate the actions that can be granted or denied to a process. An application specifies access rights when it creates an object or obtains an existing object handle. Each type of kernel object supports its own set of access rights. For example, event handles can have set or wait access (or both), file handles can have read or write access (or both), and so on. For more information, see Securable Objects.

In the following illustration, an application creates an event object. The CreateEvent function creates the event object and returns an object handle.

After the event object has been created, the application can use the event handle to set or wait on the event. The handle remains valid until the application closes the handle or terminates.

Most kernel objects support multiple handles to a single object. For example, the application in the preceding illustration could obtain additional event object handles by using the OpenEvent function, as shown in the following illustration.

This method enables an application to have handles with different access rights. For example, Handle 1 might have set and wait access to the event, and Handle 2 might have only wait access.

If another process knows the event name and has security access to the object, it can create its own event object handle by using OpenEvent. The creating application could also duplicate one of its handles into the same process or into another process by using the DuplicateHandle function.

An object remains in memory as long as at least one object handle exists. In the following illustration, the applications use the CloseHandle function to close their event object handles. When there are no event handles, the system removes the object from memory, as shown in the following illustration.

The system manages file objects somewhat differently from other kernel objects. File objects contain the file pointer — the pointer to the next byte to be read or written in a file. Whenever an application creates a new file handle, the system creates a new file object. Therefore, more than one file object can refer to a single file on disk, as shown in the next illustration.

Only through duplication or inheritance can more than one file handle refer to the same file object, as shown in the following illustration.

The following table lists each of the kernel objects, along with each object’s creator and destroyer functions. The creator functions either create the object and an object handle or create a new existing object handle. The destroyer functions close the object handle. When an application closes the last handle to a kernel object, the system removes the object from memory.

What kind of kernel does MS Windows have?

I saw a question on Linux Kernel. While reading that I had this doubt.

3 Answers 3

The Windows NT branch of windows has a Hybrid Kernel. It’s neither a monolithic kernel where all services run in kernel mode or a Micro kernel where everything runs in user space. This provides a balance between the protection gained from a microkernel and the performance that can be seen in a monolithis kernel (as there are fewer user/kernel mode context switches).

As an example, device drivers and the Hardware Abstraction layer run in kernel node but the Workstation service runs in user mode. The wikipedia article on Hybrid Kernels has a good overview.

The Windows Internals book gives an explanation for the hybrid approach

. The Carnegie Mellon University Mach operating system, a contemporary example of a microkernel architecture, implements a minimal kernel that comprises thread scheduling, message passing, virtual memory, and device drivers. Everything else, including various APIs, file systems, and networking, runs in user mode. However, commercial implementations of the Mach microkernel operating system typically run at least all file system, networking, and memory management code in kernel mode. The reason is simple: the pure microkernel design is commercially impractical because it’s too inefficient.

What is an OS kernel ? How does it differ from an operating system? [closed]

Want to improve this question? Update the question so it’s on-topic for Stack Overflow.

Closed 8 years ago .

I am not able to understand the difference between a kernel and an operating system. I do not see any difference between them. Is the kernel an operating system?

11 Answers 11

The technical definition of an operating system is «a platform that consists of specific set of libraries and infrastructure for applications to be built upon and interact with each other». A kernel is an operating system in that sense.

The end-user definition is usually something around «a software package that provides a desktop, shortcuts to applications, a web browser and a media player». A kernel doesn’t match that definition.

So for an end-user a Linux distribution (say Ubuntu) is an Operating System while for a programmer the Linux kernel itself is a perfectly valid OS depending on what you’re trying to achieve. For instance embedded systems are mostly just kernel with very small number of specialized processes running on top of them. In that case the kernel itself becomes the OS itself.

I think you can draw the line at what the majority of the applications running on top of that OS do require. If most of them require only kernel, the kernel is the OS, if most of them require X Window System running, then your OS becomes X + kernel.