I have never dug into low level things like cpu architectures etc. and decided to give it a try when I learned about cpu.land.

I already was aware of the existence of user and kernel mode but while I was reading site it came to me that “I still can harm my system with userland programs so what does it mean to switch user mode for almost everything other than kernel and drivers?” also we still can do many things with syscalls, what is that stopping us(assuming we want to harm system of course) from damaging our system.

[edit1]: grammar mistakes

  • The idea behind user mode and kernel mode is that it gives the operating system a framework to establish security permissions etc. some operating systems might take this more seriously than others, but the point is that the modes are a feature of the cpu, provided by the manufacturer.

    Also, when you’re talking about “harming” the system, you should consider what’s possible in user land vs kernel mode. Kernel mode is where drivers manipulate hardware - these days, there is an additional layer of safety/abstraction done in the firmware level, so software can’t create physical damage to the hardware (like the classic “hackers can turn your computer into a bomb” advertisement).

    However, the kernel can:

    • trash a filesystem by writing data directly to the drive
    • trash system memory (RAM)
    • trash cpu registers

    In kernel mode, it’s very easy to cause the OS to crash via these methods. A user mode program will have much higher level access to the system and won’t be able to cause damage so easily. Programs often crash themselves - maybe you’ve seen null pointer exceptions, or out of bounds memory exceptions - these are caused by a userland program doing something it shouldn’t (even unintentionally), and the OS intervening to stop that. However, a userland program shouldn’t be able to crash the whole OS (e.g. cause a BSOD on windows, or a kernel panic on Linux). Usually when you see that, it’s caused by a driver. Drivers run in kernel mode.

    As for being able to do bad things with syscalls, you’re exactly right, and that’s why we have permissions around syscalls :)

    On Linux there’s systemd.exec, seccomp, the capability framework, and of course selinux. On openbsd they have pledge (which is slightly different, but their threat model is also slightly different to begin with). I’m not sure what windows offers in this regard, from a quick search it seems there isn’t an exact equivalent of the Linux systems, but there are still security frameworks.

    There are many frameworks and permissions systems that form an operating system, and each one might cover a different area. OS security is a pretty broad topic but very interesting, I encourage you to keep learning and asking questions!

    Also, I just woke up and haven’t had coffee, so please bear with my rambling post.

    • classic “hackers can turn your computer into a bomb” advertisement

      Somewhat ironically, with hardware allowing drivers to overclock their speed, voltage, cooling, and thus temperature and heat output… which drivers allow userland software with cool visuals to tweak at will… and laptops with high energy density lithium batteries… that would be more plausible today than at the time of those advertisements.

      (except for some CPUs that used to burn a hole in the motherboard if cooling stopped… but those didn’t explode; some PSUs exploded, but back then were not controllable by software)