<h1 id="namespace">Namespace<a aria-hidden="true" class="anchor-heading icon-link" href="#namespace"></a></h1>
<h1 id="kernal-space-user-space">kernal space, user space<a aria-hidden="true" class="anchor-heading icon-link" href="#kernal-space-user-space"></a></h1>
<p>为什么Kernel和User Space 分开（因为安全啊）。为什么Kernel不能只检查User 是否有call system function的权限（因为还要检查user 是否还要touch合法的地址，参数类型等，反例是buffer overflow） </p>
<p>Kernel space is where the kernel (i.e., the core of the operating system) executes (i.e., runs) and provides its services.</p>
<p>User space is that set of memory locations in which user processes (i.e., everything other than the kernel) run. A process is an executing instance of a program. One of the roles of the kernel is to manage individual user processes within this space and to prevent them from interfering with each other.</p>
<p>Processors typically provide this capability with a mode: bit in some control register that characterizes the privileges that the process currently enjoys. When the mode bit is set, the process is running in kernel mode (sometimes called supervisor mode). A process running in kernel mode can execute any instruction in the instruction and access any memory location in the system.</p>
<h2 id="namespaces">namespaces<a aria-hidden="true" class="anchor-heading icon-link" href="#namespaces"></a></h2>