try to change cs register to point to kernel segment

[ITchimp]

I was trying some weird things to understand the behavior of linux(32 bit)..

one of them is to manually assign the cs register to the kernel segment, of course
that gets me a segmentation fault termination... just curious what is the flow of events that
lead all the way to segmentation fault....why syscall and int 0x80 are only possible ways to enter
kernel mode???

[iansjack]

You might want to read the Intel Programmer's Manuals.

[sunnysideup]

Yes.. There are only a handful of ways to enter switch modes. Try reading about call gates, interrupt gates task gates, trap gates, etc.

[thewrongchristian]

I was trying some weird things to understand the behavior of linux(32 bit)..

one of them is to manually assign the cs register to the kernel segment, of course
that gets me a segmentation fault termination... just curious what is the flow of events that
lead all the way to segmentation fault....

The segmentation fault will have started with (I think) General Protection Fault as a result of trying to use a privileged segment in user mode.

Once linux gets control in the GPF handler, it'll post a SIGSEGV signal to the process. Now, SIGSEGV can be caught, and if so, when the returning from the GPF handler, linux will arrange for the SIGSEGV handler to be invoked in the user process. This is how some programs capture errors like this and produce crash reports rather than just dumping core.

Of course, the default action for SIGSEGV is to terminate with a core dump (if core dumps are enabled).

why syscall and int 0x80 are only possible ways to enter
kernel mode???

It's the basic protection mechanism. By entering through a known door, the OS can frisk you to ensure what you're doing is safe.