User space and kernel space

The term user space (or userland) refers to all code that runs outside the operating system's kernel. User space usually refers to the various programs and libraries that the operating system uses to interact with the kernel: software that performs input/output, manipulates file system objects, application software, etc. Each user space process usually runs in its own virtual memory space, and, unless explicitly allowed, cannot access the memory of other processes. This is the basis for memory protection in today's mainstream operating systems, and a building block for privilege separation. A separate user mode can also be used to build efficient virtual machines – see Popek and Goldberg's virtualization requirements. With enough privileges, processes can request the kernel to map part of another process's memory space to their own, as is the case for debuggers. Programs can also request shared memory regions with other processes, although other techniques are also available to allow inter-process communication. == Implementation ==

The most common way of implementing a user mode separate from kernel mode involves operating system protection rings. Protection rings, in turn, are implemented using CPU modes. Typically, kernel space programs run in kernel mode, also called supervisor mode; standard applications in user space run in user mode. Some operating systems are single address space operating systems—with a single address space for all user-mode code. (The kernel-mode code may be in the same address space, or it may be in a second address space). Other operating systems have per-process address spaces, with a separate address space for each user-mode process. == See also ==