My question is exactly how the operating system protects its part of the kernel.
From what I found, there are basically 2 kernel and user modes. And there must be several bits in the memory segments if the memory segment is a kernel or user space segment. But where is the origin of these bits? Is there any kind of “switch” in the compiler that marks programs as kernel programs? And, for example, if the driver is in kernel mode, how does the OS manage its integration into the system, so malware is not added as a driver?
If someone could enlighten me on this issue, I would be very grateful, thanks
Jarek source
share