Windows Kernel ArchitectureKernel * The kernel is the main component of a computer operating systems. It is a bridge between applications and the actual data processing done at the hardware level. * It provides basic low-level operations such as scheduling threads or routing hardware interrupts. KERNEL MODE AND USER MODE ° * A processor in a computer running Windows has two different modes: user mode and kernel mode. ‘The processor switches b/w two modes depending on what type of code is running on the processor. ‘= Applications run in user mode, and core operating system components run in kernel mode. TYPES OF KERNEL, "Monolithic kernel * Microkernel = Hybrid (or modular) kernel * Nano kernel ul = Exo kernelTYPES OF KERNEL MONOLITHIC KERNEL * Monolithic kernel type has all required functionality inside Monolithic OS kernel the kernel, schedulers, device drivers, memory management etcall in a memory space owned by the kernel. + Monolithic kernels increased the performance of the OS as. all the functions were present inside the same module, but this also led to serious drawbacks like large size of the Kernel, very low reliability because even ifa single function of the Kernel failed ‘MICRO KERNEL Basic user services like device driver management, protocol stack management, File systern management and graphics control are present in the User space. * Rest functions ike Memory management, Process ‘management is present inside the Kernel space * Reduces the size of the Kernel, but the speed of executing processes and providing other services is much slower than the Monalithic Kernels. Lit MicrokernelWINDOWS KERNEL ARCHITECTURE USER MODE KERNEL MODE EXECUTIVE SERVICES Kernel Hardware Abstraction LayerWINDOWS KERNEL ARCHITECTURE (Contd..) EXECUTIVE SERVICES The Windows operating system uses the term executive layer to refer to kernel-mode components that provide a variety of services to device drivers, including Object management Memory management Process and thread management Security Reference Monitor Input/output management Configuration management oOoooco Memory manager + Manages physical memory (RAM ) forthe operating system. + Managing the allocation and de-allocation of memory virtually and dynamically. + Supporting the concepts of memory-mapped files and shared memory uitWINDOWS KERNEL ARCHITECTURE (Contd..) 1/0 Manager: + The Windows kernel mode /0 manager manages the communication between applications and the interfaces provided by device drivers. 4% Device drivers provide the software connection between the devices and the operating system. % |/0 request packets (IPs) are used to communicate between 0S and device drivers % The /0 manager has two subcomponents 1 Plugand Play manager Power manager, Power Manager: % The power manager is responsible for managing power usage for the system. 4 The power manager requests power operations by sending |RP_MI_POWER requests to drivers. A request can specify a new power state or can query whether a change in power state is feasible, Plug and Play Manager: ‘The Plug and Play (PnP) manager provides the support for PnP functionality following PnP-related tasks: 1 Device detection and enumeration while the system is booting Adding or removing devices while the system is running uu ae Windows and is responsible for theWINDOWS KERNEL ARCHITECTURE (Contd..) Object Manager: + Files, devices, synchronization mechanisms, registry keys, and so on, are all represented as objects in kernel mode. 4 Each object has @ header (containing information abou the object such as its name, type, and location), and a body (containing data in a format determined by each type of abject. 4 Windows has more than 25 types of objects (Files , devices , Processes , threads , registry keys...) + The object manager manages the objects in Windows by performing the following major tasks: Managing the creation and destruction of objects. G Keeping an object namespace database for tracking object information. Keeping track of resources assigned to each process. 1D Tracking access rights for specific objects to provide security. Managing the lifetime of an object and determining when an abject will be automatically destroyed to recycle resource space. Process and Thread Manager 4 A process isa software program that is currently running in Windows. A thread isan object that identifies ‘which part of the program is running. Both process and thread have an 1D, a number that identifies it. 4 Aprocess may have more than one thread. + Performs Scheduling and synchronization utWINDOWS KERNEL ARCHITECTURE (Contd..) Local procedural calls: 4 LPCisa high speed message based communication mechanism implemented in the NT kernel. ‘LPC can be used for communication between two user mode processes, between a user mode process and a kernel mode driver or between two kernel mode drivers. Itimplements transaction processing in kernel mode. KTMallows kernel mode components, such as drivers, to perform transactions. HARDWARE ABSTRACTION LAYER 4 Windows runs on many different configurations of the personal computer. Each configuration requires a layer of software that interacts between the hardware and the rest of the operatingsystem. This layer abstracts (hides) the low-level hardware details from drivers and the operating system, it is called the hardware abstraction layer (HAL). ‘The HAL includes hardware-specific code that controls /0 interfaces, interrupt controllers and multiple processors. Li