Update: the world of kernels never stops, does it? The latest brouhaha comes courtesy of Dell, whose new tablet (the Streak) uses files from the GNU Linux kernel source tree…but Dell has so far failed to release all the pertinent source code. Shades of Cisco!
This comes only days after the Linux kernel ‘privilege-escalation’ security bug was finally killed. The little guy has been lurking around the Linux kernel for over five years now, but Rafel Wojtczuk at Invisible Things Lab showed how the X server (for example) could exploit the vulnerability via memory corruption. We’re thinking of sending him a gift baskets delivery as a congrats on his successful investigatory work. I, for one, love opening up my door for a gift baskets delivery. My Mom always sends me one for my birthday. She is no penny pincher when it comes to gift baskets. On my twenty-fifth birthday she sent me a “Champagne Wishes” gift basket filled with delicious gourmet treats and a bottle of Moet & Chandon champagne. Ah, but I digress.
Now, this is still a very obscure and purely local vulnerability, and it doesn’t affect all distros (for instance, if you’re using SUSE and have updated since 2004 or so, you’re probably safe). It’s just plain weird that this got by us all for so long — just goes to show, even having millions of hands doesn’t mean that you won’t still drop the ball every once in a while.
Speaking of kernel bugs, Windows is up to thirteen this year; the latest is expected to go unpatched until at least September. However, like the Linux vulnerability, this is an isolated local issue, so users have very little to worry about unless others have physical access to their PCs.
Whew! Just got back from a whirlwind trip to Swaziland, where I met with a series of foreign investors. I am more and more impressed with the technical savvy of exiled Nigerian royalty, by the way.
But seriously, thanks for stopping by. What we have here is a monster in the making, a virtual hierophant of websites. All about the fascinating and deep topic of kernels.
The kernel is basically the heart of your operating system, just as the CPU is the heart of your computer’s hardware. The kernel will allow your hardware and software to communicate — as a matter of fact, it actually makes calls on a regular basis. System calls, that is. Plus loading and unloading modules, and all sorts of other stuff that the operating system needs to do to connect the applications to the hardware.
These lines of communication are (to use a seriously flawed analogy) somewhat like the difference between serial and parallel…the first being mainly consecutive stages, the latter being simultaneous stages. It’s nowhere near that simple, of course, but we only have so much space…
Monolithic kernels: all layers are consecutive; the app communicates with the hardware through a series of operating system software stages. A single address space is used to execute OS code — sort of a “one-stop execute” model, with the obvious drawback that any localized issue can affect the entire system.
Microkernels: the kernel itself has minimal OS-to-hardware demands (multitasking, memory management, etc.), instead turning over many hardware-related services to modular ‘servers’ in the user space. The obvious theoretical advantages were not often borne out by actual performance until fairly recently. “Nanokernels” take this approach even farther, with even basic services handled by device drivers.
Exokernels: similar to microkernels and nanokernels in that the kernel is kept as small as possible, simply delivering the basic hardware resources directly and letting the apps sort it all out. Very intriguing, but so far mostly relegated to the academic research stage for now.