Why is kernel mapped to the same address space as processes?
A process "owns" the entire virtual address space here, the kernel and the user portions of it.
Its inability to peek and poke the kernel code and data is not due to different address spaces, it's due to different access rights/permissions set in the page tables. Kernel pages are set up in such a way that regular applications can't access them.
It is, however, customary to refer to the two parts of one whole thing as the kernel space and the user space and that can be confusing.
Why is kernel mapped to the same address space as processes?
A process "owns" the entire virtual address space here, the kernel and the user portions of it.
Its inability to peek and poke the kernel code and data is not due to different address spaces, it's due to different access rights/permissions set in the page tables. Kernel pages are set up in such a way that regular applications can't access them.
It is, however, customary to refer to the two parts of one whole thing as the kernel space and the user space and that can be confusing.
Why is kernel said to be in process address space?
When the process makes a system call, we don't need to switch the page tables (from process address space page table to kernel address space page table) for servicing the system call (which should be done only in kernel mode). This is said to be that the kernel is running in the process context.
Some kernel events which won't run in process context will load the page tables only for kernel.
Got it ?
How are virtual addresses corresponding to kernel stack mapped?
Note: This is the OS agnostic answer. Details do vary slightly with OS in question (e.g. Darwin and continuations..), and possibly with architectural (ARMv8, x86, etc) implementations.
When a process performs a system call, the user mode state (registers) is saved, including the user mode stack pointer. At that point, a kernel mode stack pointer is loaded, which is usually maintained somewhere in the thread control block.
You are correct in saying that there is only one kernel space. What follows is, that (in theory) one thread in kernel space could easily see and/or tamper with any others in kernel space (just like same process threads can "see" each other in user space) This, however, is (almost always) in theory only, since the kernel code presumably respects memory boundaries (as is assumed user mode does, with thread local storage, etc). That said, "almost always", because if the kernel code can be exploited, then all of kernel memory will be laid bare to the exploiter, and potentially read and/or compromised.
Related Topics
Sed Command with -I Option (In-Place Editing) Works Fine on Ubuntu But Not MAC
Centos Through a Vm - No Urls in Mirrorlist
Linux Cross-Compilation for Arm Architecture
Adding Timestamp to a Filename with Mv in Bash
Shell: Redirect Stdout to /Dev/Null and Stderr to Stdout
Loading Elf File in C in User Space
Managing a User Password for Linux in Puppet
Sudo: Docker-Compose: Command Not Found
How to Set a Static Ip Address in a Docker Container
Grep from Tar.Gz Without Extracting [Faster One]
Why Is Kernel Mapped to the Same Address Space as Processes
Run Bash Commands from Txt File
Output File Lines from Last to First in Bash
Async Connect and Disconnect with Epoll (Linux)