User space
Encyclopedia
A conventional computer operating system
usually segregates virtual memory
into kernel space and user space. Kernel space is strictly reserved for running the kernel, kernel extensions, and most device driver
s. In contrast, user space is the memory area where all user mode applications work and this memory can be swapped out when necessary.
Similarly, the term userland refers to all application software
that runs in user space. Userland usually refers to the various programs and libraries that the operating system uses to interact with the kernel: software that performs input/output
, manipulates file system
objects, etc.
Each user space process
normally runs in its own virtual memory
space, and, unless explicitly requested, cannot access the memory of other processes. This is the basis for memory protection
in today's mainstream operating systems, and a building block for privilege separation
. Depending on the privileges, processes can request the kernel to map part of another process's memory space to its own, as is the case for debugger
s. Programs can also request shared memory
regions with other processes.
Another approach taken in experimental operating systems is to have a single address space
for all software, and rely on the programming language's virtual machine
to make sure that arbitrary memory cannot be accessed — applications simply cannot acquire any reference
s to the objects that they are not allowed to access. This approach has been implemented in JXOS
, Unununium as well as Microsoft's Singularity
research project.
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
usually segregates virtual memory
Virtual memory
In computing, virtual memory is a memory management technique developed for multitasking kernels. This technique virtualizes a computer architecture's various forms of computer data storage , allowing a program to be designed as though there is only one kind of memory, "virtual" memory, which...
into kernel space and user space. Kernel space is strictly reserved for running the kernel, kernel extensions, and most device driver
Device driver
In computing, a device driver or software driver is a computer program allowing higher-level computer programs to interact with a hardware device....
s. In contrast, user space is the memory area where all user mode applications work and this memory can be swapped out when necessary.
Similarly, the term userland refers to all application software
Application software
Application software, also known as an application or an "app", is computer software designed to help the user to perform specific tasks. Examples include enterprise software, accounting software, office suites, graphics software and media players. Many application programs deal principally with...
that runs in user space. Userland usually refers to the various programs and libraries that the operating system uses to interact with the kernel: software that performs input/output
Input/output
In computing, input/output, or I/O, refers to the communication between an information processing system , and the outside world, possibly a human, or another information processing system. Inputs are the signals or data received by the system, and outputs are the signals or data sent from it...
, manipulates file system
File system
A file system is a means to organize data expected to be retained after a program terminates by providing procedures to store, retrieve and update data, as well as manage the available space on the device which contain it. A file system organizes data in an efficient manner and is tuned to the...
objects, etc.
Each user space process
Process (computing)
In computing, a process is an instance of a computer program that is being executed. It contains the program code and its current activity. Depending on the operating system , a process may be made up of multiple threads of execution that execute instructions concurrently.A computer program is a...
normally runs in its own virtual memory
Virtual memory
In computing, virtual memory is a memory management technique developed for multitasking kernels. This technique virtualizes a computer architecture's various forms of computer data storage , allowing a program to be designed as though there is only one kind of memory, "virtual" memory, which...
space, and, unless explicitly requested, cannot access the memory of other processes. This is the basis for memory protection
Memory protection
Memory protection is a way to control memory access rights on a computer, and is a part of most modern operating systems. The main purpose of memory protection is to prevent a process from accessing memory that has not been allocated to it. This prevents a bug within a process from affecting...
in today's mainstream operating systems, and a building block for privilege separation
Privilege separation
In computer programming and computer security, privilege separation is a technique in which a program is divided into parts which are limited to the specific privileges they require in order to perform a specific task...
. Depending on the privileges, processes can request the kernel to map part of another process's memory space to its own, as is the case for debugger
Debugger
A debugger or debugging tool is a computer program that is used to test and debug other programs . The code to be examined might alternatively be running on an instruction set simulator , a technique that allows great power in its ability to halt when specific conditions are encountered but which...
s. Programs can also request shared memory
Shared memory
In computing, shared memory is memory that may be simultaneously accessed by multiple programs with an intent to provide communication among them or avoid redundant copies. Depending on context, programs may run on a single processor or on multiple separate processors...
regions with other processes.
Another approach taken in experimental operating systems is to have a single address space
Address space
In computing, an address space defines a range of discrete addresses, each of which may correspond to a network host, peripheral device, disk sector, a memory cell or other logical or physical entity.- Overview :...
for all software, and rely on the programming language's virtual machine
Virtual machine
A virtual machine is a "completely isolated guest operating system installation within a normal host operating system". Modern virtual machines are implemented with either software emulation or hardware virtualization or both together.-VM Definitions:A virtual machine is a software...
to make sure that arbitrary memory cannot be accessed — applications simply cannot acquire any reference
Reference (computer science)
In computer science, a reference is a value that enables a program to indirectly access a particular data item, such as a variable or a record, in the computer's memory or in some other storage device. The reference is said to refer to the data item, and accessing those data is called...
s to the objects that they are not allowed to access. This approach has been implemented in JXOS
JX (operating system)
JX is a microkernel operating system with both the kernel and applications implemented using the Java programming language.- Overview :JX is implemented as an extended Java Virtual Machine , adding support to the Java system for necessary features such as protection domains and hardware access,...
, Unununium as well as Microsoft's Singularity
Singularity (operating system)
Singularity is an experimental operating system being built by Microsoft Research since 2003. It is intended as a highly-dependable OS in which the kernel, device drivers, and applications are all written in managed code.- Workings :...
research project.