Windows and Linux are our two most common operating systems.

Windows largely dominated the PC era and was commercially successful, but it was not open source, so to access the source code you had to join the Windows development team.

The operating system used for the server is basically Linux, and the kernel source is open source, anyone can download, and add their own changes or functions, the biggest charm of Linux is that there are a lot of technical masters all over the world to contribute code for it.

The two operating systems have their own strengths and weaknesses.

The core of the operating system is the kernel. This time we will look at the difference between the Linux kernel and the Windows kernel.

The kernel

What is the kernel?

A computer is made up of various external hardware devices, such as memory, CPU, hard disk, etc., if each application to docking communication protocol and the hardware equipment, that it is too tired, so the broker is responsible for by the kernel, let bridge of the kernel as an application connection hardware equipment, applications need to concern with the kernel interactions, need not care about the details of the hardware.

What are the capabilities of the kernel?

In modern operating systems, the kernel typically provides four basic capabilities:

  • The ability to manage processes and threads and determine which processes and threads use the CPU, i.e. process scheduling;
  • The ability to manage memory, to allocate and reclaim memory, is the ability to manage memory;
  • Manage hardware devices to provide communication capabilities between processes and hardware devices, that is, hardware communication capabilities;
  • Provides system calls, which are interfaces between user programs and the operating system, if the application is to run services with higher privileges.

How does the kernel work?

The kernel has very high permissions to control hardware such as CPU, memory, and hard disk, while applications have very low permissions. Therefore, most operating systems divide memory into two regions:

  • Kernel space, which is accessible only to kernel programs;
  • User space, which is the memory space reserved for application use;

User-space code can access only a partial memory space, while kernel-space code can access all memory space. Therefore, when a program uses user space, it is often said that the program executes in user mode, and when a program makes kernel-space, the program executes in kernel-mode.

If an application needs to enter the kernel space, it needs to make a system call. Here’s how the system call works:

Kernel programs execute in kernel mode, and user programs execute in user mode. When an application uses a system call, an interrupt is generated. After an interrupt occurs, the CPU interrupts the currently executing user program and switches to the interrupt handler, which begins execution of the kernel program. After processing, the kernel actively triggers an interrupt, handing the CPU execution permission back to the user program, and returning to the user state to continue working.

The design of the Linux

The founding father of Linux was Linus Torvalds, a Finnish boy who wrote the first version of the Linux operating system in C in 1991 at the age of 22.

After completing the first version of Linux, Linux Torvalds released the source code of the Linux kernel on the Web for everyone to download and use for free.

The design philosophy of the Linux kernel mainly includes the following points:

  • MutiTask, multitasking
  • SMPSymmetric multiprocessing
  • ELFExecutable file link format
  • Monolithic Kernel, macro kernel
MutiTask

MutiTask means multitasking and stands for Linux as a multitasking operating system.

Multitasking means that more than one task can be executed at the same time, where “simultaneous” can be concurrent or parallel:

  • With a single-core CPU, you can allow each task to execute for a short period of time, and then switch to another task. From a macro perspective, multiple tasks are executed at a time, which is called concurrency.
  • With multicore cpus, multiple tasks can be executed simultaneously by cpus with different cores, which is called parallelism.

SMP

SMP stands for symmetric multi-processing. It means that each CPU has the same status and the same resource usage permissions. Multiple cpus share the same memory and each CPU can access the complete memory and hardware resources.

This feature determines that the Linux operating system does not have a single CPU serving applications or kernel programs, but each program can be allocated to be executed on any CPU.

ELF

ELF stands for Executable File Link Format and is the storage format for executable files in Linux. You can see its structure below:

ELF divides files into sections, and each section has its own function. I won’t elaborate on the function of each section here, but if you are interested, you can check out the book “Programmer self-cultivation: Linking, Loading, and Libraries”.

In addition, ELF files have two kinds of indexes, the Program Header table records the segments required for “runtime”, and the Section Header table records the “beginning address of each segment” in the binary file.

So how are ELF files generated?

The code we write is first compiled into assembly code through the “compiler”, and then into object code through the “assembler”, namely the object file. Finally, through the “linker”, multiple object files and various function libraries are linked together to form an executable file, namely the ELF file.

How are ELF files executed?

When the ELF file is executed, the ELF file is loaded into memory through the “loader”, the CPU reads the instructions and data in memory, and the program is executed.

Monolithic Kernel

Monolithic Kernel means macro Kernel, and the Linux Kernel architecture is the macro Kernel, which means that the Linux Kernel is a complete executable program with the highest permissions.

The feature of the macro kernel is that all the modules of the system kernel, such as process scheduling, memory management, file system, device driver, etc., all run in kernel mode.

However, Linux has also realized the function of dynamically loading kernel modules. For example, most device drivers exist in the form of loadable modules, decoupling with other kernel modules, making driver development and driver loading more convenient and flexible.

In contrast to the macro kernel, the microkernel architecture preserves only the most basic capabilities, such as process scheduling, virtual machine memory, interrupts, and so on, putting some applications into user space, such as drivers, file systems, and so on. In this way, services are isolated from each other. When a single service fails or is attacked completely, the entire OPERATING system does not fail, improving the stability and reliability of the operating system.

The micro kernel kernel has few functions and high portability. Compared with the macro kernel, it has a disadvantage that the driver is not in the kernel, and the driver often calls the underlying capabilities, so the interaction between the driver and the hardware device needs to be frequently switched to the kernel state, which will bring performance loss. The kernel architecture of Huawei’s Hongmeng operating system is the microkernel.

And a kernel called hybrid type core, its architecture is a bit like micro kernel, the kernel inside there will be a minimum version of the kernel, and other modules will be constructed on the basis of this, and then will be similar to macro kernel implementation, the whole kernel is to make a complete program, most of the services in the kernel, it is like a macro wrapped in a microkernel kernel.

Windows design

Today, Windows 7 and Windows 10 use a kernel called Windows NT, which stands for New Technology.

Here is the structure of Windows NT:

Windows supports MutiTask and SMP as well as Linux, but the Windows kernel is designed to be a hybrid kernel. In the image above, you can see the MicroKernel module in the kernel. This is the smallest version of the kernel. The entire kernel implementation is a complete program, containing many modules.

Windows executables are also formatted differently from Linux executables, so the two systems’ executables cannot run on each other.

The Windows executable file format is called PE, called portable executable file, and the extension is usually.exe,.dll,.sys, etc.

The PE structure, as you can see from the figure below, is a bit similar to the ELF structure.

conclusion

There are three types of kernel architectures:

  • Macro kernel, containing multiple modules, the whole kernel like a complete program;
  • Microkernels, which have a minimal kernel and some modules and services managed by users;
  • Hybrid kernel is a combination of macro kernel and micro kernel. The concept of micro kernel is abstracted from the kernel, that is, there will be a small kernel in the kernel, and other modules will be built on this basis. The whole kernel is a complete program.

The kernel design of Linux uses a macro kernel, while the kernel design of Windows uses a hybrid kernel.

The two operating systems also have different executable file formats, the Linux executable file format called ELF and the Windows executable file format called PE.

Shoulders of giants
  1. En.wikipedia.org/wiki/Monoli…
  2. En.wikipedia.org/wiki/Execut…
  3. En.wikipedia.org/wiki/Window…