Switch between user and kernel mode

[aap]

Hi,
after some time I began work on a project again, a port of unix v7 to x86 (I know, it's been done, but meh...).
Currently I'm trying to figure out the switch between user and kernel mode, especially how to handle the paging.
Since I'm porting Unix, I kinda know the PDP-11 architecture (much nicer than x86 ), where different memory mappings happen depending on whether the processor runs in kernel or user mode. On the x86, as I understand it, switching between kernel and user mode does not cause the MMU to switch page mappings; that confuses me.

Does this mean I have to constantly map some part of the kernel (Interrupt vectors and TSS, I suppose) in user mode, and at the same addresses as in kernel mode? Isn't this a rather clumsy approach?
My initial plan was to locate the kernel after 1MB, identity map everything till there in kernel mode, and have the user mode paging map the current process data to 0, but that would conflict with the kernel, parts of which I have to map there too.

So I wonder how you guys handle this. Please give me any recommendations or explanations how other systems handle this.
Thank you.

[bluemoon]

Yes, you have to constantly map some or all portion of kernel in the address space.
In x86 (or ADM64), the ring (kernel mode or user mode) do not affect the MMU, but the system provide protection to avoid user mode code to read/write kernel memory.

[aap]

I'll have to live with this then, thanks.

[palk]

Yes, you have to constantly map some or all portion of kernel in the address space.
In x86 (or ADM64), the ring (kernel mode or user mode) do not affect the MMU, but the system provide protection to avoid user mode code to read/write kernel memory.

That's not entirely true... it is possible to orchestrate it such that a user process can use all of the address space, it's just not particularly easy, and there are latency penalties for doing it. Therefore most x86 operating systems (Linux, FreeBSD, Darwin, and Windows included) all map the kernel into every user process.

[bluemoon]

Please explain more. I would like to know how the scheduler or PF handler work outside the address space - if you're doing page swap, you still need some memory to hold the swap itself.
(And note that I said some or all kernel, and I know the minimal address space kenel need is less than 1 megabyte for scheduler and such.)

[Owen]

...Darwin... ...all map the kernel into every user process.

Wrong (for 32-bit Darwin, anyway)

[palk]

Wrong (for 32-bit Darwin, anyway)

Well scratch Darwin then.

Please explain more. I would like to know how the scheduler or PF handler work outside the address space - if you're doing page swap, you still need some memory to hold the swap itself.

It is typically done by making the kernel its own "process" and task-switching to the kernel in response to an interrupt or exception (by setting up the TSS and IDT appropriately). Therefore, because loading CR3 flushes the TLB, a system call in this model has a much higher performance penalty than if the kernel were mapped into the user address space. And just to make it worse, the kernel process can't take advantage of the existing mappings in the user process' address space to retrieve data if it needs to, instead being forced through (at least) a layer of indirection to access the user process' memory.

[bluemoon]

I see, you meant by hardware task switching, that's correct, it's possible, and yes it's not practical.

[Owen]

...even then, the GDT, IDT and TSS need to be mapped in every process address space.