The environment created by operating systems in which normal processes run. In user space a process can only access its own virtual memory. In order to do anything else it has to make a system call and let the kernel handle special requests.

The distinction between user space and kernel space allows several processes run in a multitasking environment without accidently crashing the system or accessing other processes' memory regions. Also, the existence of a well defined API between the kernel and user space improves portability.

User space refers to the portion of a computer which is running user applications and tools; the user space/kernel space distinction is one of the broadest ways to differentiate the types of code running on a modern operating system.

On Intel x86 CPUs, there are 4 'rings', numbered 0 through 3. Code running in ring 0 is fully privileged; it can talk directly to hardware and so on. The rings go increasingly more isolated from the physical hardware the further 'out' you go; most operating systems put all application code into ring 3. In this ring, certain operations which can affect I/O devices or the CPU internal state are disabled. Rings 1 and 2 are rarely used. This is partially for portability reasons, as other CPUs only have a user/supervisor distinction, with no intermediate levels. But primarily because they are not that useful; the x86 ISA doesn't really support the inner rings that well, especially in combination with modern operating system constructs like virtual memory in a flat address space. Code in ring 3 could be considered user space, with a handful of exceptions.

User space does not have quite the same meaning as user mode, though this is a fairly fine semantic difference which many people will not know (or not care) about. A specific case where the difference matters is microkernels and exokernels; in these operating system designs, most of what is generally considered an operating system, such as hardware drivers, filesystems, and so on, run in user mode, but would not really be considered user space.

Generally, good design practices would suggest that, since we have already broken the code in the system into two groups, we should define a clear API between these two sides to simplify communication between them. Generally the operating system will provide a set of system calls, RPC entry points, or some other public API which allows code in user space to talk to code in kernel space. With rare exceptions, kernel space will not call out to anything living in user space; all communications are initiated by the user space code. One of these exceptions, in Unix, is that the kernel will create the primordial process init after boot; init will then proceed to startup the rest of the system. In some systems the kernel space/user space distinction is not so strong; on MS Windows, portions of IIS (Microsoft's web/FTP/etc server) actually run in ring 0! Linux had some experimental code that did the same (khttpd, and then, later on, Tux), but, to be honest, having something like that be mandatory freaks me out a little bit. Maybe I'm too much of a microkernel geek for my own good.

In summary. User space: it's where the fun stuff happens. Or something...


†: I suppose I should say, I would not consider an IDE driver running in ring 3 in a microkernel to really be user space.

Log in or register to write something here or to contact authors.