• Uncategorized

About linux : kernel-stack-and-user-space-stack

Question Detail

What’s the difference between kernel stack and user stack? Why kernel stack is used? If a local variable is declared in an ISR, where it will be stored? Does each process has its own kernel stack? Then how the process coordinates between both these stacks?

Question Answer

  1. What’s the difference between kernel stack and user stack ?

In short, nothing – apart from using a different location in memory (and hence a different value for the stack pointer register), and usually different memory access protections. I.e. when executing in user mode, kernel memory (part of which is the kernel stack) will not be accessible even if mapped. Vice versa, without explicitly being requested by the kernel code (in Linux, through functions like copy_from_user()), user memory (including the user stack) is not usually directly accessible.

  1. Why is [ a separate ] kernel stack used ?

Separation of privileges and security. For one, user space programs can make their stack (pointer) anything they want, and there is usually no architectural requirement to even have a valid one. The kernel therefore cannot trust the user space stack pointer to be valid nor usable, and therefore will require one set under its own control. Different CPU architectures implement this in different ways; x86 CPUs automatically switch stack pointers when privilege mode switches occur, and the values to be used for different privilege levels are configurable – by privileged code (i.e. only the kernel).

  1. If a local variable is declared in an ISR, where will it be stored ?

On the kernel stack. The kernel (Linux kernel, that is) does not hook ISRs directly to the x86 architecture’s interrupt gates but instead delegates the interrupt dispatch to a common kernel interrupt entry/exit mechanism which saves pre-interrupt register state before calling the registered handler(s). The CPU itself when dispatching an interrupt might execute a privilege and/or stack switch, and this is used/set up by the kernel so that the common interrupt entry code can already rely on a kernel stack being present.
That said, interrupts that occur while executing kernel code will simply (continue to) use the kernel stack in place at that point. This can, if interrupt handlers have deeply nested call paths, lead to stack overflows (if a deep kernel call path is interrupted and the handler causes another deep path; in Linux, filesystem / software RAID code being interrupted by network code with iptables active is known to trigger such in untuned older kernels … solution is to increase kernel stack sizes for such workloads).

  1. Does each process have its own kernel stack ?

Not just each process – each thread has its own kernel stack (and, in fact, its own user stack as well). Remember the only difference between processes and threads (to Linux) is the fact that multiple threads can share an address space (forming a process).

  1. How does the process coordinate between both these stacks ?

Not at all – it doesn’t need to. Scheduling (how / when different threads are being run, how their state is saved and restored) is the operating system’s task and processes don’t need to concern themselves with this. As threads are created (and each process must have at least one thread), the kernel creates kernel stacks for them, while user space stacks are either explicitly created/provided by whichever mechanism is used to create a thread (functions like makecontext() or pthread_create() allow the caller to specify a memory region to be used for the “child” thread’s stack), or inherited (by on-access memory cloning, usually called “copy on write” / COW, when creating a new process).
That said, the process can influence scheduling of its threads and/or influence the context (state, amongst that is the thread’s stack pointer). There are multiple ways for this: UNIX signals, setcontext(), pthread_yield() / pthread_cancel(), … – but this is digressing a bit from the original question.

My answer is collected from other SO questions with my stuffs.

What's the difference between kernel stack and user stack?

As a kernel programmer, you know that the kernel should be restricted from erroneous user programs. Suppose you keep same stack for both kernel & user space, then simple segfault in user application crashes kernel and needs restart.

There is one “kernel stack” per CPU like ISR Stack and one “kernel stack” per Process. There is one “user stack” for each process, though each thread has its own stack, including both user and kernel threads.


Why kernel stack is used?

So when we are in kernel mode, stack kind of mechanism is necessary for dealing with function calls, local variables similar to user space.


If a local variable is declared in an ISR, where it will be stored?

It will be stored in ISR stack(IRQSTACKSIZE). The ISR runs on a separate interrupt stack only if the hardware supports it. Otherwise, the ISR stack frames are pushed onto the stack of the interrupted thread.

The user space does not know and frankly does not care about whether the interrupt is served in current process’s kernel stack or a separate ISR stack. As interrupts comes per cpu, therefore ISR stack has to be per cpu.

 Does each process has its own kernel stack ?

Yes. Each process has its own kernel stack.

 Then how the process coordinates between both these stacks?

@FrankH’s answer looks great to me.

  1. What’s the difference between kernel stack and user stack

Taking reference from Robert Love’s Linux Kernel Development, the main difference is the size:

User-space can get away with statically allocating many variables on the stack, including
huge structures and thousand-element arrays.
This behavior is legal because user-space has
a large stack that can dynamically grow.
The kernel stack is neither large nor dynamic; it is small and fixed in size.
The exact size of the kernel’s stack varies by architecture.
On x86, the stack size is configurable at
compile-time and can be either 4KB or 8KB.
Historically, the kernel stack is two pages,
which generally implies that it is 8KB on 32-bit architectures and 16KB on 64-bit architectures—this
size is fixed and absolute.
Each process receives its own stack.

Also the kernel stack contains a pointer to the thread_info struct holding information about the thread.

You may also like...

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.