Protected Mode Question

ComputerPsi · Post by **ComputerPsi** » Mon Jul 17, 2006 12:36 pm

I have a kernel at ring 0 and a program at ring 3. Both are non-conforming, readable, code. I want to execute the program. Normally in real mode, I would just jump to it. Here, it's giving me an error saying that it's non-conforming. Anybody know how to execute the program? I am executing it from my kernel - I don't know why this error is appearing.

JAAman · Post by **JAAman** » Mon Jul 17, 2006 9:14 pm

you cannot jump to ring3 from ring0

normal way to do this(both by common use and intel recomendation -- see ), is to set up the stack, as if the process had been interupted by an interupt/exception, and then iret into it (see the stack setup in intel volume 3a, figure 5-4 (section 5.12.1) for PMode, figure 5-8 (5.14.2-3) for LMode)

feel free to ask if you have any further questions, or this doesnt answer the question you had

ComputerPsi · Post by **ComputerPsi** » Tue Jul 18, 2006 11:40 am

Interesting.. must iret or iretd be used, since it is in protected mode? Also, do you know how to formulate this? (How is the stack read by iret and iretd?) ..Sorry if I am asking questions that are in the manual.. my computer can't run acrobat.

chase · Post by **chase** » Tue Jul 18, 2006 12:09 pm

There are a lot of html versions of the original 386 manuals which should work for you still. Here'e one with the section I think you need - http://pdos.csail.mit.edu/6.828/2005/re ... s09_06.htm

ComputerPsi · Post by **ComputerPsi** » Tue Jul 18, 2006 3:59 pm

It didn't work.. I pushed eflags, the new cs register and the new eip register, and did an Iretd instruction. When the program was ring 0, it worked. When I changed the program back to ring 3, I got the same error as before.

To be exact, this is what Bochs gave me:
check_cs: non-conforming code seg descriptor dpl != cpl

ComputerPsi · Post by **ComputerPsi** » Wed Jul 19, 2006 3:25 am

okay.. I think I figured out what was wrong.. Never using rings other than zero before, I made my selector 32 (100000b), but I think a correction must be made to 100011b. When I did that, I got a different error:
"iret: SS selector null"
I'm not sure what this means.. Here is the code I jump with:

pushfd
push dword 100011b
push dword 0
iretd

Anybody know how to fix this? Is it something with the flags that I am not changing?

Toaster · Post by **Toaster** » Wed Jul 19, 2006 7:27 am

yeah its quite easy:

when the processor switches from an interrupt back to CPL3, the stack have to be switched
and the intel manual says then the stack segment and stack pointer are pushed on the stack

so if your iret (the d isn't required if bits is 32) returns back from CPL0 to CPL3 you have to push ss and esp

some part of code of my operating system (entering the interrupt):

; the stack after entering:

; high
; [esp+16] stack segment
; [esp+12] stack pointer
; [esp+8] eflags
; [esp+4] cs
; [esp+0] eip
; esp system stack (in Kernel memory)
; low

greetings,

Toaster

JAAman · Post by **JAAman** » Thu Jul 20, 2006 9:40 am

ComputerPsi wrote:Sorry if I am asking questions that are in the manual.. my computer can't run acrobat.

heres an idea:
order the intel manuals from intel -- just send an email to the address listed in the 'order hard copies' link at the bottom of the page (link is in my sig), they will send you all 5 books -- completely free of charge!

as an additional advantage -- the hard copies are easier to read (though the PDFs have a search function)