NtDoom running inside the Windows kernel.

  • M_Djallo@feddit.it
    link
    fedilink
    arrow-up
    0
    ·
    2 years ago

    I’m ignorant, but what does this means? I mean, what’s the difference running it “in the kernel” and running it normally on windows?

    • Gradinko@kbin.social
      link
      fedilink
      arrow-up
      2
      ·
      2 years ago

      It means that all the code is running in privileged kernel mode instead of user mode. Kernel mode is usually reserved for the operating system and device drivers only. If code running in kernel mode has an unhandled exception or error, the entire system will crash. This creates the BSOD or “blue screen of death” on Windows.

      User mode is less privileged and where all your typical applications run. If something crashes in user mode, it only crashes that process, not the whole system.

      It’s a crazy thing that they did. Very impressive technically, but not really useful.

      • Big P@feddit.uk
        link
        fedilink
        arrow-up
        0
        ·
        2 years ago

        Forgive me if this is a stupid question but why is it technically impressive? Is it not just the same as running it in usermode but with higher privileges?

        • Barry Zuckerkorn@beehaw.org
          link
          fedilink
          arrow-up
          1
          ·
          2 years ago

          The API is much more limited for kernel mode, because Microsoft doesn’t want to make it easy to crash the kernel. So it’s not just a matter of taking old DOS code and making Windows run it in an old compatibility layer, but actually requires translating the whole thing into a much more limited set of commands to properly draw the graphics and respond to user input.

          It’s impressive like being able to play the French horn without using the valves, or painting beautiful pictures using only a mechanical typewriter. It’s being able to do something that is trivially easy with normal tools, but with such a limited toolset that the accomplishment itself is impressive.