Linux Kernel vs Windows Kernel

Windows and Linux are two of the most common operating systems.

Windows has essentially dominated the PC market and has achieved significant commercial success, but it is not open source, so to access the source code, one must join the Windows development team.

Most server operating systems are based on Linux, and the kernel source code is open source, allowing anyone to download it and make their own modifications or features. The greatest appeal of Linux lies in the fact that many technical experts around the world contribute code to it.

Both operating systems have their strengths and weaknesses, and neither can be said to be superior to the other.

The core of an operating system is its kernel, and this time we will look at the differences between the Linux kernel and the Windows kernel.

Kernel

What is a kernel?

A computer is composed of various external hardware devices, such as memory, CPU, hard drives, etc. If each application had to interface with these hardware devices directly, it would be cumbersome.

Therefore, the kernel acts as an intermediary, serving as a bridge between applications and hardware devices. Applications only need to interact with the kernel and do not have to concern themselves with hardware details.

Linux Kernel vs Windows Kernel
Kernel

What capabilities does the kernel have?

Modern operating systems generally provide four basic capabilities:

  • Managing processes and threads, determining which process or thread uses the CPU, which is the capability of process scheduling;

  • Managing memory, determining memory allocation and reclamation, which is the capability of memory management;

  • Managing hardware devices, providing communication capabilities between processes and hardware devices, which is the capability of hardware communication;

  • Providing system calls; if an application needs to run services with higher privileges, it requires system calls, which serve as the interface between user programs and the operating system.

How does the kernel work?

The kernel has high privileges and can control hardware such as the CPU, memory, and hard drives, while applications have very limited privileges. Therefore, most operating systems divide memory into two areas:

  • Kernel space, which can only be accessed by kernel programs;

  • User space, which is exclusively for application use;

Code in user space can only access a local memory space, while code in kernel space can access all memory spaces.

Thus, when a program operates in user space, we often say that the program is executing in user mode, while when a program operates in kernel space, it is executing in kernel mode.

If an application needs to enter kernel space, it must do so through a “system call”. Let’s take a look at the process of a system call:

Linux Kernel vs Windows Kernel

Kernel programs execute in kernel mode, while user programs execute in user mode. When an application uses a system call, an interrupt occurs. After the interrupt, the CPU interrupts the currently executing user program and jumps to the interrupt handler, which begins executing the kernel program.Once the kernel has finished processing, it triggers an interrupt to return CPU execution privileges to the user program, allowing it to continue working in user mode.

Design of Linux

The originator of Linux is a Finnish young man named Linus Torvalds, who wrote the first version of the Linux operating system in C language in 1991 when he was 22 years old.

After completing the first version of Linux, Linus Torvalds released the source code of the Linux kernel online, allowing everyone to download and use it for free.

The design philosophy of the Linux kernel mainly includes the following points:

  • MutiTask, multitasking

  • SMP, symmetric multiprocessing

  • ELF, Executable and Linkable Format

  • Monolithic Kernel, monolithic kernel

MutiTask

MutiTask means multitasking, indicating that Linux is a multitasking operating system.

Multitasking means that multiple tasks can be executed simultaneously; here, “simultaneously” can refer to either concurrency or parallelism:

  • For a single-core CPU, each task can execute for a short period, and when the time is up, it switches to another task. From a macro perspective, multiple tasks are executed within a certain time frame, which is called concurrency.

  • For multi-core CPUs, multiple tasks can be executed simultaneously by different CPU cores, which is called parallelism.

SMP

SMP stands for symmetric multiprocessing, indicating that each CPU has equal status and the same permissions for resource usage. Multiple CPUs share the same memory, and each CPU can access the entire memory and hardware resources.

This characteristic ensures that no single CPU exclusively serves application programs or kernel programs; instead, each program can be assigned to any CPU for execution.

ELF

ELF stands for Executable and Linkable Format, which is the storage format for executable files in the Linux operating system. You can see its structure in the following image:

Linux Kernel vs Windows Kernel
ELF File Format

ELF divides files into segments, each with its own function. I won’t go into detail about the specific functions of each segment here; interested readers can refer to the book “The Programmer’s Self-Improvement: Linking, Loading, and Libraries”.

Additionally, ELF files have two types of headers: the Program Header Table records the segments needed at “runtime”, while the Section Header Table records the starting addresses of each segment in the binary file.

How is an ELF file generated?

The code we write is first compiled into assembly code by a “compiler”, then transformed into object code (object file) by an “assembler”, and finally linked together with various function libraries by a “linker” to form an executable file, which is the ELF file.

How is an ELF file executed?

When executing an ELF file, a “loader” loads the ELF file into memory, and the CPU reads the instructions and data from memory, thus executing the program.

Monolithic Kernel

Monolithic Kernel means monolithic kernel. The architecture of the Linux kernel is a monolithic kernel, meaning that the Linux kernel is a complete executable program with the highest privileges.

The characteristic of a monolithic kernel is that all modules of the system kernel, such as process scheduling, memory management, file systems, device drivers, etc., run in kernel mode.

However, Linux also implements the functionality of dynamically loading kernel modules; for example, most device drivers exist as loadable modules, decoupling them from other kernel modules, making driver development and loading more convenient and flexible.

Linux Kernel vs Windows Kernel
Structures of Monolithic Kernel, Microkernel, and Hybrid Kernel Operating Systems

In contrast to the monolithic kernel is the microkernel. The architecture of a microkernel retains only the most basic capabilities, such as process scheduling, virtual memory, and interrupts, while some applications are managed in user space, such as drivers and file systems. This isolation between services means that if a single service fails or is attacked, it will not cause the entire operating system to crash, thus improving the stability and reliability of the operating system.

Microkernels have fewer functions and higher portability, but compared to monolithic kernels, they have a downside: since drivers are not in the kernel and typically make frequent calls to low-level capabilities, interaction between drivers and hardware devices requires frequent switching to kernel mode, which can lead to performance loss. Huawei’s HarmonyOS kernel architecture is a microkernel.

There is also a type of kernel called hybrid kernel, which has an architecture somewhat like a microkernel. It contains a minimal version of the kernel, and other modules are built on this foundation. When implemented, it resembles a monolithic kernel, meaning that the entire kernel is made into a complete program, with most services residing in the kernel, similar to a monolithic kernel wrapped around a microkernel.

Windows Design

Today, the Windows 7 and Windows 10 operating systems use a kernel called Windows NT, where NT stands for New Technology.

The following image shows the structure of Windows NT:

Linux Kernel vs Windows Kernel
Structure of Windows NT

Like Linux, Windows also supports MutiTask and SMP, but the difference is that Windows’ kernel design is a hybrid kernel. In the image above, you can see a MicroKernel module within the kernel, which is the minimal version of the kernel, while the entire kernel implementation is a complete program containing many modules.

The executable file format of Windows is also different from that of Linux, so executable files from these two systems cannot run on each other.

The executable file format of Windows is called PE, which stands for Portable Executable, and its extensions are usually .exe, .dll, .sys, etc.

You can see the structure of PE in the following image, which is somewhat similar to the ELF structure.

Linux Kernel vs Windows Kernel
PE File Structure

Conclusion

There are generally three types of kernel architectures:

  • Monolithic kernel, which contains multiple modules, and the entire kernel functions as a complete program;

  • Microkernel, which has a minimal version of the kernel, with some modules and services managed by user space;

  • Hybrid kernel, which is a combination of monolithic and microkernel, abstracting the concept of a microkernel within the kernel, meaning that there is a small kernel within the kernel, and other modules are built on this foundation, making the entire kernel a complete program;

The Linux kernel design adopts a monolithic kernel, while Windows adopts a hybrid kernel design.

The executable file formats of these two operating systems are also different; the Linux executable file format is called ELF, while the Windows executable file format is called PE.

References

  1. https://en.wikipedia.org/wiki/Monolithic_kernel

  2. https://en.wikipedia.org/wiki/Executable_and_Linkable_Format

  3. https://en.wikipedia.org/wiki/Windows_NT

Related posts

  1. Exploring the Rust Compiler: GCC vs LLVM
  2. A 10-Year Operations Veteran’s Linux Command Arsenal
  3. Efficient Combination of mmap and Socket in Embedded Linux
  4. Essential 60 Practical Linux Commands Revealed (Part 2)
  5. After 10 Years of Using Windows, I Finally Switched to Linux
  6. Exploring the Wonderful World of Linux: Fun Terminal Easter Eggs
  7. Introduction to Makefile
  8. Memory Debugging with Valgrind on Linux
  9. How to Set Up Linux System Services
  10. Linux Perf: A Powerful Tool for System Performance Monitoring and Analysis
  11. Ultimate Guide to Linux Permissions: From Beginner to Expert
  12. Fixing Special Characters in Linux Scripts
  13. Practical Guide to High-Risk Port Control Strategies and Firewall Configuration in Linux
  14. Linux Responds to the US Entity List: Can Huawei, ZTE, and Others Breathe a Sigh of Relief?
  15. Detailed Explanation of the RedHat nmcli Tool in Linux IP
  16. Understanding Computer Operating Systems
  17. Why I Use Makefile for Processes
  18. A Beginner’s Guide to ROS Development
  19. Why Choose Golang Over Rust for Desktop App Development?

Leave a Comment