Introduction to Kernel Processes

Edit online

A kernel process (kproc) exists only in the kernel protection domain and differs from a user process in the ways listed in this section.

  • It is created using the creatp and initp kernel services.
  • It executes only within the kernel protection domain and has all security privileges.
  • It can call a restricted set of system calls and all applicable kernel services. For more information, see System Calls Available to Kernel Extensions.
  • It has access to the global kernel address space (including the kernel pinned and pageable heaps), kernel code, and static data areas.
  • It must poll for signals and can choose to ignore any signal delivered, including a kill signal.
  • Its text and data areas come from the global kernel heap.
  • It cannot use application libraries.
  • It has a process-private region containing only the u-block (user block) structure and possibly the kernel stack.
  • Its parent process is the process that issued the creatp kernel service to create the process.
  • It can change its parent process to the init process and can use interrupt disable functions for serialization.
  • It can use locking to serialize process-time access to critical data structures.
  • It can only be a 64–bit process in the 64–bit kernel.

A kernel process controls directly the kernel threads. Because kernel processes are always in the kernel protection domain, threads within a kernel process are kernel-only threads. For more information on kernel threads, see Understanding Kernel Threads.

A kernel process inherits the environment of its parent process (the one calling the creatp kernel service to create it), but with some exceptions. The kernel process does not have a root directory or a current directory when initialized. All uses of the file system functions must specify absolute path names.

Kernel processes created during phase 1 of system boot must not keep any long-term opens on files until phase 2 of system boot or run time has been reached. This is because Base Operating System changes root file systems between phase 1 and phase 2 of system boot. As a result, the system crashes if any files are open at root file system transition time.