![dual mode processing operating system dual mode processing operating system](http://www.nzdl.org/gsdl/collect/cstr/index/assoc/HASH0148/4513bf2b.dir/lect20_2.gif)
User mode is the one in which execution is done on behalf of a user And Kernel/monitor mode is the one in which execution is done on behalf of operating system. All the process operations are performed through either User mode or Kernel mode. Hardware level protections is through following mechanisms in OS:ฤก) Dual mode operation: This is the basis of all the protections. I don't know what your teacher had in mind for the third one. The kernel is also responsible for changing MPU/MMU settings when switching between programs so that programs can only access their own memory and not other programs'.
#DUAL MODE PROCESSING OPERATING SYSTEM CODE#
It is up to that program to set up the MPU/MMU so that other programs cannot overwrite kernel code or access peripherals directly, thus enforcing isolation between kernel code and user code. That way, the initial program that is loaded at boot time remains in control of what can be executed in kernel mode. Switching into kernel mode from user mode always causes a jump to a fixed address. At any time, the CPU is in one mode or the other.
![dual mode processing operating system dual mode processing operating system](https://s3.ap-south-1.amazonaws.com/afteracademy-server-uploads/what-is-kernel-in-operating-system-and-what-are-the-various-types-of-kernel-banner.png)
Most CPU types that allow privilege isolation have at least two modes (sometimes more), which I'll call kernel and user, with kernel being the most privileged. In order to be of any use, the MPU has to be combined with some mechanism that assigns privilege levels to programs. The uClinux project is an example of operating system which enforces process isolation and runs on processors with only an MPU. There are processors with an MPU but no MMU. Often memory protection is performed by a memory management unit which combines protection with virtual memory management, but the indirection afforded by virtual memory is not necessary for the protection aspect. The most important part is the memory protection unit: a hardware component that assigns privilege levels to blocks of memory and ensures that only programs with the appropriate privilege level can access each block. That being said, most operating systems enforce process isolation by leveraging hardware means. Such operating systems are not very common, but they exist, for example some smartcards running Java Card work like this: only Java bytecode applications can be installed on the card, and they have to have been checked and passed by a bytecode verifier. You can design an operating system that verifies all programs before running them, and only runs a program if it can prove to its satisfaction that the program will never attempt to access a resource that it is not allowed to access. Resources include memory and peripheral devices. The problem in process isolation is to protect against processes that try to access resources that they should not (resources that are used by other programs or by the operating system itself). This is not what your teacher expects in this homework assignment, but it's true.