Windows NT Kernel Mode
is also known as the priveledged processor mode
. The Kernel
Mode is the inner core
of the Windows NT operating system.
Kernel Mode has execution priority over all user items, and the execution cannot be swapped. The Kernel Mode handles all requests from user applications and returns all the resulting data.
There are three modules that make up the Kernel Mode:
The NT Executive is the interface between the Kernel and the Environmental Subsystems. It performs the following functions:
- Object Manager
Provides rules for retention, naming and security of objects.
- Security Reference
Provides monitor for the logon process.
- Process Manager
Creates and deletes processes, tracks threads and processes objects.
- Local Procedure Call Facility
Provides client/server relations between the environmental subsystems and the user applications.
- Virtual Memory Manager
Maps virtual to physical memory, provides efficient usage of flat memory model.
- I/O Manager
Handles all I/O calls and routes requests to drivers.
- Hardware Device Drivers
Enables specific hardware device to communicate with the NT operating system.
- Win32k Windows Manager and GDI
Functions that control the display of graphics on a monitor or used in a print device.
- Graphics Device Drivers
Enables the graphics hardware to communicate with Windows NT.
The Kernel schedules all system activities and threads for optimum performance. There are 32 levels of thread priority, and they cannot be paged.
Not the crazy computer from 2001, HAL is the Hardware Abstraction Layer. The HAL provides code portability and handles specific system calls to allow the code to be used on several hardware architectures. Between Intel and DEC Alpha, Windows NT is almost identical. The HALs are different, as they are the hardware architecture specific information on the installed machine.