Sahithyan's S3 — Operating Systems

Kernel

The one program running at all times on the computer. Core of an OS.

System Daemon

A background process that is launched during system startup or after the kernel is loaded. Runs independently of user sessions. Provide essential services required for the operating system to function smoothly.

Examples are processes that handle logging, scheduling tasks, managing network connections, and responding to hardware events.

Names of system daemons are usually suffixed by “d”, such as sshd, cron, or systemd.

Different architectures

Monolithic

The entire operating system runs in kernel space. All system services, device drivers, file systems, and memory management operate at the privileged kernel level.

Pros:

Better performance due to direct function calls between components
Simpler design conceptually
No message passing overhead between components
Direct hardware access for all system components

Cons:

Less stability - a bug in any driver can crash the entire system
Larger memory footprint
More complex codebase to maintain
Security concerns because of full privileges for the whole code
More difficult to extend without recompilation

Examples:

Linux
Traditional UNIX systems
MS-DOS

Microkernel

Only the most basic services run in kernel space, while most system services operate in user space as separate processes. The kernel handles only essential functions like inter-process communication (IPC), basic memory management, and CPU scheduling.

Pros:

Better stability - a driver crash doesn’t bring down the entire system
More secure because less code runs with full privileges
Easier to extend and maintain
More modular design
Better isolation between components

Cons:

Performance overhead due to frequent context switching
More complex design from a communication perspective
Message passing between components adds latency
May be more difficult to implement efficiently
Potential for higher resource usage due to multiple processes

Examples:

MINIX
QNX
L4 kernel family

Hybrid Kernel

Combines elements of both monolithic and microkernel designs. Some services run in kernel space for performance. Others run in user space for better stability and security. This approach attempts to balance the advantages of both architectures.

Pros:

Better performance than pure microkernels
More stable than pure monolithic kernels
Flexibility in determining what runs in kernel vs user space
Good compromise between security and performance
Can be tailored to specific system requirements

Cons:

More complex design decisions about what belongs in kernel space
May still suffer from some stability issues with kernel components
Potential inconsistency in system architecture
Can be harder to maintain clear boundaries between subsystems
May inherit drawbacks from both approaches if poorly implemented

Example:

Windows (NT kernel is technically a hybrid but leans heavily monolithic)

Layered

Operating system is split into $N$ layers. Bottom layer (layer 0) is the hardware. Top layer (layer $N-1$ ) is the user interface. Each layer is designed to use only the layer below it.

Loadable Kernel Module

A piece of code that can be loaded into the kernel at runtime, rather than being compiled into the kernel binary itself. LKMs allow the operating system to extend or modify kernel functionality without rebooting or recompiling the entire kernel. This modular approach makes it easier to add support for new hardware, filesystems, or other features as needed.

LKMs are commonly used for:

Device drivers: Adding support for new hardware devices (e.g., network cards, USB devices) without changing the core kernel.
Filesystem modules: Supporting new or experimental filesystems (e.g., ext4, NTFS, XFS) by loading the appropriate module.
Network protocols: Adding new networking capabilities or protocols.
Security modules: Implementing additional security features, such as SELinux or AppArmor.

Examples:

On Linux, device drivers for graphics cards (such as NVIDIA or AMD) are often distributed as LKMs, allowing users to install or update drivers without recompiling the kernel.
The aufs and overlayfs filesystems are provided as LKMs to enable advanced container storage features.
The ip_tables module in Linux provides firewall functionality and can be loaded or unloaded as needed.
On FreeBSD, filesystems like ZFS are implemented as loadable kernel modules.
In Windows, many drivers (such as those for printers, USB devices, or network adapters) are loaded as kernel modules (called “kernel-mode drivers”) at runtime.

Procedure Call

A procedure is a named sequence of instructions that performs a specific operation and can be invoked from another point in a program.

Function Call

Calling a procedure defined inside the current program. Handled entirely in user space. Control stays inside the program. It’s just normal code calling another piece of code using the process’s own stack and instructions.

System Call

Aka. syscall. An interface for user-level programs to request services from the kernel. Platform-specific. Runs in kernel mode. Required for maintaining security and stability of the system.

When a user program performs a system call, it places the system call arguments in predefined registers (or sometimes the user stack), then executes a special instruction (like syscall or int 0x80) to switch to kernel mode. The kernel then copies the arguments to the kernel stack as needed.

Usually a number is associated with a syscall.

Types:

Process Control
create, terminate, load, execute, wait, memory allocation.
File Management
open, read, write, close, delete.
Device Management
Request/release device, read/write device.
Information Maintenance
Get/set time, system data, attributes.
Communication
Message passing, shared memory, connect/disconnect.
Protection
Set permissions, access control.

Programs use APIs (Win32, POSIX, Java API). API internally triggers system calls.

Parameter-Passing Mechanisms

Syscalls need parameters in most cases. 3 common methods are used.

Using Registers

Parameters are loaded into limited number (usually less than 6) of special registers. Kernel reads from those registers.

Fast because of no memory access. Only limited number of arguments can be passed.

Using Parameter Table

All parameters are stored in a memory block (struct/array). A pointer to this block is placed in a register. Kernel reads the block after switching to kernel mode.

Allows a hgue number of parameters. Cleaner for complex system calls. Slightly slower due to memory access.

Used when when there are many parameters or they are large compared to available registers.

Using Stack

Parameters are pushed onto the user stack. Kernel retrieves them using the saved user stack pointer (USP).

Flexible, simple. Slower because stack memory must be accessed.

Used in older systems. Not used nowadays due to security and performance concerns.

Application Binary Interface

Aka. ABI. Defines how a compiled code must look and interact with an OS and hardware at the binary level. A software-level contract on top of an ISA. Specific for an OS and ISA.

Ensures that compiled programs can run correctly on a given system, regardless of the compiler used, as long as they target the same ABI.

Defines:

how procedure calls are made
how arguments are passed register usage
stack layout
data types
alignment and padding of data structures
how values are returned
binary format of executables

ABIs are why programs compiled for a CPUsand an OS cannot run on another.

Data Structures

kernels use various data structures to efficiently manage resources, processes, memory, and hardware interactions.

Linked lists
Can be singly, doubly, circular.
Trees
Examples: Binary search tree, red-black tree.
Hash maps
Bitmaps
String of $n$ binary digits representing a boolean status of $n$ items.