4.4 User Mode and Kernel Mode
PAE Versus 4GT Versus AWE
PAE is a feature of Intel hardware that allows a 32-bit processor to work with
a physical address space that exceeds 4 GB. Operating systems like Windows
7 don't really use PAE for very much other than facilitating DEP.
4GT is a Windows-specific feature. It re-slices the 4-GB pie called the linear
address space so that user applications get a bigger piece. 4GT doesn't
require PAE to be enabled. If a user application wants more real estate than
3 GB, it will need to leverage AWE. When an applicadon using AWE needs
to allocate more than 4 GB of physical memory, PAE will also need to be
enabled.
4.4 User Mode and Kernel Mode_
In the previous section, we saw how the linear address space of each process
is broken into user space and kernel space. User space is like the kid's table at
a dinner party. Everyone is given plastic silverware. User space contains code
that executes in a restricted fashion known as user mode. Code running in
user mode can't access anything in kernel space, directly communicate with
hardware, or invoke privileged machine instructions.
Kernel space is used to store the operating system and its device drivers.
Code in kernel space executes in a privileged manner known as kernel mode,
where it can do everything that user-mode code cannot. Instructions running
in kernel mode basically have free reign over the machine.
How Versus Where
User mode and kernel mode define the manner in which an application's
instructions are allowed to execute. In so many words, "mode" decides how
code runs and "space" indicates location. Furthermore, the two concepts are
related by a one-to-one mapping. Code located in user space executes in user
mode. Code located in kernel space executes in kernel mode.
Note: This mapping is not necessarily absolute. It's just how things are set up to work
under normal circumstances, As we'll see later on in the book, research has demonĀ¬
strated that it's possible to manipulate the GDT so that code in user space is able to
execute with Ring 0 privileges, effectively allowing a user-space application to execute
with kernel-mode superpowers.
Parti I 137