Frequently Asked Question

What is the difference between kernel space and user space?

The CPU has privilege levels. On x86 they're called rings 0–3; on ARM they're called EL0–EL3. The kernel runs in the most privileged level and can execute every CPU instruction, touch every page of physical memory, and program every hardware register. User programs run in the least privileged level: they can only access pages the kernel has mapped for them, can't talk to hardware directly, and trap on privileged instructions.

Every time a user program needs something only the kernel can do, read a file, send a packet, fork a process, it issues a system call. The CPU switches into kernel mode, the kernel does the work, and control returns to the program in user mode. This boundary is what stops a buggy or malicious process from crashing the whole machine.