Windows Kernal Overview

Simple Overview About Windows Kernel

Please Read this First :) ,,  http://7shad01.blogspot.com/2012/11/kernal-in-brief.html

Windows has a monolithic kernel  Because Core Of Operating System and Device Drivers Share The Same Memory Address space  ,, running at the highest possible privilege level.

 

Kernel Executive , I thinks we must pay attention to this component as implements the basic OS functions: processes, threads, virtual memory, interrupt and trap handling,exception management, cache management, I/O management, asynchronous procedure calls, the Registry, object management, events and many other low  level interfaces..... it implemented in Ntoskrnl.exe Whose Binary is in the C:\WINDOWS \SYSTEM32\ directory path.


Also , There is separation between  uniprocessor and multiprocessor versions of the kernel still exist Like 32 Bit systems in Which there are different kernels based on Physical Address Extension (PAE ) asTable :

 

 Another Component in Kernel , Hardware Abstraction Layer (HAL) which is responsible for device driver and Kernel Executive isolation from platform-specific hardware differences.

HAL is implemented within hal.dll module ,, also There are different versions of the HAL with regard to the Kernel Executive, depending on whether one is on a uniprocessor or a multiprocessor system.

The remaining components are loaded as kernel drivers (or as modules) into the running kernel Like win32k.sys implements the kernel side of the Windows subsystem and the GUI of the operating system, while tcpip.sys implements most of the TCP/IP networking stack.