IBM 10 SP1 EAL4 Manuale Utente
4.2.1.1 Logical components
The kernel consists of logical subsystems that provide different functionalities. Even though the kernel is a
single executable program, the various services it provides can be broken into logical components. These
components interact to provide specific functions.
Figure 4-3 schematically describes logical kernel subsystems, their interactions with each other, and with the
system call interface available from user space.
single executable program, the various services it provides can be broken into logical components. These
components interact to provide specific functions.
Figure 4-3 schematically describes logical kernel subsystems, their interactions with each other, and with the
system call interface available from user space.
The kernel consists of the following logical subsystems:
•
File and I/O subsystem: This subsystem implements functions related to file system objects.
Implemented functions include those that allow a process to create, maintain, interact, and delete file-
system objects. These objects include regular files, directories, symbolic links, hard links, device-
special files, named pipes, and sockets.
Implemented functions include those that allow a process to create, maintain, interact, and delete file-
system objects. These objects include regular files, directories, symbolic links, hard links, device-
special files, named pipes, and sockets.
•
Process subsystem: This subsystem implements functions related to process and thread management.
Implemented functions include those that allow the creation, scheduling, execution, and deletion of
process and thread subjects.
Implemented functions include those that allow the creation, scheduling, execution, and deletion of
process and thread subjects.
•
Memory subsystem: This subsystem implements functions related to the management of memory
resources of a system. Implemented functions include those that create and manage virtual memory,
including management of page tables and paging algorithms.
resources of a system. Implemented functions include those that create and manage virtual memory,
including management of page tables and paging algorithms.
•
Networking subsystem: This subsystem implements UNIX and Internet domain sockets, as well as
algorithms for scheduling network packets.
algorithms for scheduling network packets.
•
IPC subsystem: This subsystem implements functions related to IPC mechanisms. Implemented
functions include those that facilitate controlled sharing of information between processes, allowing
them to share data and synchronize their execution in order to interact with a common resource.
functions include those that facilitate controlled sharing of information between processes, allowing
them to share data and synchronize their execution in order to interact with a common resource.
•
Kernel modules subsystem: This subsystem implements an infrastructure to support loadable
modules. Implemented functions include those that load, initialize, and unload kernel modules.
modules. Implemented functions include those that load, initialize, and unload kernel modules.
•
Device driver subsystem: This subsystem implements support for various hardware and software
devices through a common, device-independent interface.
devices through a common, device-independent interface.
24
SELinux
Figure 4-3: Logical kernel subsystems and their interactions