The Linux Kernel is the core of the Linux operating system and is central to its operation. It provides layers of abstraction between the chunk of metal in front of you, and the software which runs on it. The kernel contains everything you need to get from the BIOS to the desktop, and includes drivers, networking protocols, and libraries. The linux kernel is not an operating system in itself. Rather, it serves as a sekeleton, upon which an operating system can be built. It is a collection of tools and spare parts strapped to a monolithic kernel. All Operating Systems Have Kernels The kernel governs every interaction you have with your machine, including memory and CPU usage, hardware resources, peripherals such as your mouse and keyboard, software IO requests, and more. Almost every computer built since the 1960s uses a kernel in day-to-day operations, although most OSs have the kernel tightly integrated with the rest of the OS. On Linux, it’s different. The kernel is developed separately from the rest of the distro, and you can swap out kernel components, switch kernels, or even build your own. The Linux Kernel has sole control over RAM, meaning every process must contact the kernel to have it’s own memory space. It divides the software running in memory into two spaces: the kernel space and the user space. The kernel space is where the kernel executes the services it provides. Code running in the kernel mode has unrestricted access to the processor and the memory. On the other hand, the user space is the area of memory that includes everything outside of the kernel space. When a computer is turned on, the bootloader finds the kernel image and is loaded first during startup and remains in memory throughout the computer’s operation. The kernel then initializes the devices and drivers, mounts the root filesystem and starts the first process called “ init” with the process ID of 1. This is when the user space starts. Software in one space cannot interfere with software in the other space, which helps prevent crashes, errors, and security vulnerabilities. What Is a Monolithic Kernel? There are two types of kernel in use today: modular microkernels and monolithic. A microkernel provides the absolute bare minimum you need to get an OS running. Linux uses a monolithic kernel, which means that it contains everything you could possibly need, including all of the basic services and drivers you’ll never use. This makes Linux extremely portable and it can run on run on a huge variety of platforms with different architectural types. What Does the Linux Kernel Do? The Linux kernel is divided into a number of subsystems, each responsible for certain tasks. You can access representations of these in a virtual filesystem through the terminal. There are also commands which will let you interact with the subsystems directly. Some of the major kernel subsystems are: Process Management A process is any program or app which runs on Linux, whether initiated by the user or not. A process can be a game, or a browser, or a single command, and there are hundred of processes already running before you even reach your desktop. Processes need to begin, end, and spawn other processes. The kernel manages these processes, and assigns an id to each, as well as scheduling CPU time, and allocating resources. It has efficient process scheduler that ensures each process gets the CPU time it needs. In practice, this means that you can have multiple applications running at the same time on your computer. You may, for example, listen to music or surf the internet while working on a paper. The /proc/ directory contains subdirectories representing each process running on your system, with a name corresponding to the process id. The status of a process is contained in a “status” file within the process directory, and you can view extensive information about it with the cat command. For instance: cat /proc/1/status Memory Management Memory is important on any operating system, and if you run out, your computer will simple freeze up until you reboot. Memory management is one of the kernel’s most important jobs, and it allocates keeps track of both physical and virtual memory. Memory is managed using 4kb “pages” and buffers. As your system memory fills up, the Linux kernel will start to use swap space, and as that is exhausted, will use attempt to purge and compress memory contents. If there is memory over usage in the system, OOM killer will activate (Out of memory). It will start to kill running processes according to their nice level. Device Drivers and Management A device driver is a piece of software that allows your OS to communicate with your hardware. If you don’t have the correct driver for your keyboard, mouse, networking card, or CPU, that hardware won’t work. The Linux kernel contains drivers for most PC hardware which has ever been invented, and much of the kernel source code is taken up with drivers for various devices. You can see the device drivers currently in use with: lspci -v System Calls and Support The kernel provides a wide range of system calls that allow programs to interact with the kernel and perform various functions. These system calls are essential for programs to perform tasks such as reading and writing files, creating network connections, and allocating memory. Networking is extremely important to PCs, and relies on protocols dating back decades. The network stack has a layered architecture with Internet Protocol (IP) at the bottom, above which is Transmission Control Protocol (TCP), with the sockets layer on top. Kernel Modules While the Linux kernel is designed to contain everything your system could ever possibly need, it can be extended with kernel modules. Kernel modules are pieces of software which add additional functionality to the kernel. Most often, these are additional device drivers for new hardware, and support for new filesystems. Most modern Linux systems can load extra kernel modules when needed, although sometimes, you may need to load kernel modules yourself. Where is The Linux Kernel Located? The Linux kernel is usually located in the /usr/src/ directory, though the actual kernel image file can be found in the /boot/ directory. The kernel modules are stored in /usr/lib/modules/ and are loaded dynamically as needed. Kernel Upgrades and Versions As new hardware is released and new features added, developers update the mainline Linux kernel. This eventually filters down to your distro, and your kernel is upgraded in the next release. It’s not unusual to have more than one kernel on your Linux system, although only one will be loaded at a time. You can check which kernels are installed on Debian based systems with: dpkg --list | grep linux-image And you can see which one is currently in use by entering: uname -rms It’s possible to boot Linux with a different kernel, by selecting “Advanced Options” from the boot menu. Panic in the Kernel Sometimes, things go wrong. This can be a result of software bugs or hardware problems, and means that your system would be at risk if it were to continue operating. If this happens, a routine called kernel panic is invoked. This attempts to write an image of kernel memory to disk for later debugging, and outputs an error message to your console. The machine will either reboot automatically, or freeze all operations, and wait for you to manually reboot it. Kernel panics are rare on modern well set up machines, and if you experience one, it may be a symptom of a deeper problem. Linux Is the Kernel As you can see, the Linux kernel is the most important part of your operating system, controlling every aspect of your experience on a deep level. But the kernel is not an operating system on its own, and requires extra software such as package tools, a compiler, and a desktop environment to run. There are hundreds of Linux distros available, catering to every possible niche and use case. The one thing they share in common is the kernel.