Skip to content

How is the Windows Kernel and what are its differences with that of Linux

22 mayo, 2021

The Kernel or Core is a fundamental component of any operating system. It is responsible for the software and hardware of any computer to work together in the same system, for which it manages the memory of the programs and processes executed, the processor time used by the programs, or is responsible for allowing access and the correct operation of peripherals and other physical elements of the equipment.

GNU / Linux users are used to talking and hearing about its Kernel, which can be updated and manipulated in any distribution. However, in an operating system as user-centric and simple as Windows, your kernel is a great unknown. That is why today we are going to talk about it to tell you how it is developed and what are the fundamental differences with respect to Linux.

And we’re going to try to do it in a way that everyone can understand. Trying not to get too lost in technicalities so that any user without much knowledge can know where the shots are going.


Windows NT, a Kernel for more than two decades

Windows Nt By Gpolydoros D7k5mry

In the 1990s Microsoft was basing its operating systems on the Windows 9x kernels, where the basic code had many similarities to MS-DOS. In fact, she needed to turn to him in order to operate. In parallel, Microsoft was also developing another version of your system aimed at servers called Windows NT, which was born on July 26, 1993.

Both versions of Windows were developed separately. Windows NT was more of a long-term gamble, a technology to be developed for the Windows of tomorrow, and in the year 2000 they took a new step in that direction. They called version 5.0 of NT Windows 2000, and it became an interesting player in the business sector.

After seeing the good reception it had, Microsoft decided to bring NT to the rest of the users so that both branches would converge. They did so in October 2001 with version 5.1 of Windows NT, which hit the market under the name Windows XP. Therefore, this version marked a before and after not only because of its great impact on the market, but because it was the beginning of the adventure of the Windows NT Kernel in the world of ordinary users.

Since that day, all versions of Windows have been based on this kernel with more than 20 years of age. Version 5.1.2600 was Windows XP, 6.0.6002 was Windows Vista, and 6.1.7601 Windows 7. Before there were other Windows Server 2008 and 2003, and later came the versions of NT 6.2.9200 called Windows 8, 6.3 .9600 or Windows 8, and finally NT 10.0, also known as Windows 10.


The main characteristic of the Windows NT Kernel is that it is quite modular, and is based on two main layers, the user and the kernel. The system uses each one for different types of program. For example, applications run in user mode, and major components of the operating system in kernel mode. Meanwhile, most drivers tend to use kernel mode, although with exceptions.

That is why they refer to it as Hybrid Kernel, but above all also because it allows to have subsystems in the user space that communicated with the kernel through an IPC mechanism.

When you run an application, it enters user mode, where Windows creates a specific process for the application. Each application has its private virtual address, none can alter the data that belongs to another and neither access the virtual space of the operating system itself. Therefore it is the least privileged modeEven access to hardware is limited, and applications have to resort to the Windows API to request system services.

The kernel mode instead is the one in which the code running on it has direct access to all hardware and all the memory of the equipment. Here all the code shares the same virtual space, and can even access the address spaces of all the user-mode processes. This is dangerous, since if a driver in kernel mode touches what it should not, it could affect the operation of the entire operating system.

This kernel mode It consists of executive services, such as the cache controller, the communication manager, I / O manager, local procedure calls, or the power and memory managers among others. These in turn are made up of several modules that perform specific tasks, kernel drivers, a kernel, and a Hardware Abstraction Layer or HAL.

Differences between Linux and Windows kernels


The main difference between the Kernel of Windows and Linux operating systems is in their philosophy. The one developed by the Linus Torvalds team it’s open source and anyone can grab it and tweak it, something that helps it to be present in multiple operating systems or GNU / Linux distros. Microsoft’s, on the other hand, is much more closed, and is made by and for the Windows operating system.

In essence, on Linux they took the principles of modularity from Unix and decided open code and technical discussions. As a result, Linux has created a meritocratic community of developers, one in which everyone can collaborate and in which each suggested change is harshly debated to discard the worst ideas and keep the best ones. Those who manage to upgrade older functionality are also commended.

Meanwhile, in Windows the thing does not work like that. As a former collaborator of the Kernel explained in an article, those responsible for the Kernel do not welcome proposals that deviate from the work plan, and assure that there is little incentive to improve functionality that are not a priority.

This does, in the eyes of that former developer, that by giving greater importance to fulfilling plans than to accepting changes that improve the quality of the product, or to not having so many inexperienced programmers, the Windows NT kernel is always one step behind in stability and functionality.

Microsoft has fewer problems with drivers like those for graphics cards.

However, as Microsoft is a company and its operating system dominates the desktop, it costs less for you to partner to work with them implementing controllers. That means, for example, that in terms of hardware compatibility Windows is always a little ahead, at least in key aspects such as the drivers for graphics cards.

On a technical level there are similarities between the two. The two cores control low-level system software and interactions with computer hardware through the Hardware Abstraction Layer (HAL). The HAL is a system element that functions as an interface between software and hardware, and like APIs, it allows applications to be hardware independent.

Both are written primarily in C, and are capable of handling caching, device drivers, virtual memory, file systems, network protocols, and system calls. Come on what in essence its functionalities are the same, although the way to carry them out is different.

Just as the Windows Kernel has two modes, and is therefore considered hybrid, the big difference is that Linux only has one layer, that is, it is a monolithic nucleus. Of course, despite being simpler in this regard, to function correctly it has its core divided into three different sublayers.

They both handle memory problems in a similar way. They have “swapping” systems to move a process or part of it temporarily from main memory to a secondary storage memory in the event that the main one is low on space. Windows does it in the files pagefile.sys and swapfile.sys, while Linux usually does it in a partition, although you can also do it in one or more files or disable it. Come on, you have more options.

The Linux kernel does not have a user layer. It only has one, the kernel itself, so it is considered monolithic.

As to which type of structure is better, there is always debate here. Monolithic kernel advocates always point out that they are much easier to debug. Perhaps this is why many consider that Windows NT is tending more and more to a monolithic oneSince tools like Windows Nano Server do not have the window manager at all, everything is done through the console, and it is one of the varieties of WinServer 2016.

In any case, others consider this last statement very bold, and in fact consider that the Hybrid Kernel is one of the great advantages of Windows. Given the lack of performance of the microkernels and the lack of security against internal failures of the monolithics, Windows knows how to take advantage of the good aspects of each one of them to compensate for the bad of the other.

So that everyone can understand it, we have tried not to go too deep into the technical aspect. So, if you are looking for more technical details Of the kernels of different operating systems, in this graph you can find absolutely all of them, both those of Windows NT and Linux as well as those of Amiga, FreeBSD or GNU.

Therefore, we can say that the main difference between the two is the way each one develops. Also, the Linux kernel is much simpler, which is good for developers. Meanwhile, the Windows try putting a layer of protection in its user mode so that users with less knowledge have less chance of damaging the system, and its structure makes it more stable against, for example, graphic driver failures.

Images | Technozed, gpolydoros and hupstream
In Engadget | How has Microsoft made the Linux console work on Windows 10?