The kernel is the collection of software that
- Provides a consistent interface to managed devices
- Protects the hardware from users of the computer
- Protects important software from users
- Protects users from each other
In order to carry out these functions, the kernel software runs with special privileges. It hides the actual interface to devices, such as disk drives, the keyboard, video displays, etc. Instead of direct access, the kernel provides special calls that allow users to more safely and easily access the devices that are connected to their system.
The kernel provides protection by controlling what parts of memory each program that is run on the computer can access. It also manages hardware protection levels so that users can't bypass the memory layout that the kernel is managing.
Special hardware, managed by the kernel, presents each program run on the computer with its own, ideal memory space. This ideal memory space does not have access to the various devices on the system - unless the user has permission and requests that devices be made available.
Programs run by different users are generally not allowed to access the memory of programs run by other users on the same system. In fact, by default, programs run by a user do not have access to the memory run by other users on the computer.
Most computers have one or a few (perhaps four or eight) processors. Each processor executes a single instruction at a time, in theory (if you know how this isn't true you probably don't need to read this Newbie guide...). In order for the computer to appear to be doing hundreds of things at once, the kernel quickly switches back and forth between the different programs that are running.
It might seem like the computer would be too slow if it is switching back and forth so much, but most modern processors spend most of their time waiting for more work. Most programs must wait on information to be read from disk drives or for human interaction.
The kernel manages the switching back and forth so that each user, and each user's programs get a fair portion of the system - while also optimizing the user of the system itself.
The Linux kernel provides these overall parts:
- process management - which controls which program
gets to run and what resources it gets to use.
- memory management - which controls what part of
real, physical memory each program gets to access and what parts of memory are used by the kernel itself to improve access to disks and other such devices.
- device management - which controls the supported
devices on the system and presents more usable interfaces to programs run on the computer.
These parts together provide a usable interface and provide the protection needed on a modern system so that application programs can focus on the tasks that users want done.
Pseudo-History
Long, long ago each person who ran a program on a computer had to include the code that knew how to talk to the disk drive and how to output results to the printer. This code actually had the low level instructions that, for example, sent one character to the printer and then waited, checking the printer status until the character had been printed, and then it did the next character.
If someone's program had a problem, then the whole computer (which at that time was a million dollar plus system) would have to be reset, after important values were saved so the programmer could hope to find out what the problem was.
If the program ran correctly, then the last thing each person's program did was set up the computer to read the next person's program.
Some bright person (anyone know who?) had the idea of writing software that would watch the program and if it got stuck, or died would automatically save its information and then start the next program.
From this early step of monitoring a program and running the next one, hardware developers added support for this kind of program and more sophisticated "monitors" grew.
Today's operating system kernels represent over 50 years of development from these early monitors.