When setting up your system, you place an entry into the GDT. This entry is flagged as a TSS entry and includes the TSS base address. Please consult the manuals, they make this quite clear.how does the cpu know where to find the tss?
tss and user space
Re:tss and user space
- kataklinger
- Member
- Posts: 381
- Joined: Fri Nov 04, 2005 12:00 am
- Location: Serbia
Re:tss and user space
I - SS&ESP is current stack pointer (when you are in kernel it points to top of kernel stack, and when you are in user land it points to top of user (task's) stack.
II - Ther is only one GDT at the time, there is no such thing as user GDT, you can insert descriptor with DPL=3.
III:
1. allocate memory for TSS, write ss0&esp0 fields of TSS
2. add tss descriptor to your gdt
3. execute:
mov ax,YOUR_TSS_SELECTOR
ltr ax
(now cpu knows where is your current tss)
IV - If you want to go to user level then push desired selector (for ring3 code descriptor) & address on stack, execute retf instruction.
V - http://my.execpc.com/_geezer/os/pm.htm
II - Ther is only one GDT at the time, there is no such thing as user GDT, you can insert descriptor with DPL=3.
III:
1. allocate memory for TSS, write ss0&esp0 fields of TSS
2. add tss descriptor to your gdt
3. execute:
mov ax,YOUR_TSS_SELECTOR
ltr ax
(now cpu knows where is your current tss)
IV - If you want to go to user level then push desired selector (for ring3 code descriptor) & address on stack, execute retf instruction.
V - http://my.execpc.com/_geezer/os/pm.htm
Re:tss and user space
ok i think im starting to get it: i make an entery in my gdt that is user level and when i set up my task i need to set it's ds, ss, ds, gs, ... to my user level gdt entery? but how do i make it a user level gdt entery? (manuals somewere) and what should the base adderess of the entery be? the the start of the tasks space, or 0x00000000???, thx
Re:tss and user space
Your task need not be user-level. It will probably have a kernel- and user-level component.
Go here: http://www.intel.com/design/pentium4/manuals/index_new.htm. Click on the link under "IA-32 Intel? Architecture Software Developer's Manual, Volume 3: System Programming Guide". Find section 3.4.5 (Segment Descriptors). Another section you might want is 6.2.2 (TSS Descriptor). Someone can probably point you to the proper locations in AMD manuals, if you prefer those.
Set the DPL field of the descriptor to your desired priveleged level (3).but how do i make it a user level gdt entery?
The "start of the task's space", which is 0 in most cases.what should the base adderess of the entery be? the the start of the tasks space, or 0x00000000?
Go here: http://www.intel.com/design/pentium4/manuals/index_new.htm. Click on the link under "IA-32 Intel? Architecture Software Developer's Manual, Volume 3: System Programming Guide". Find section 3.4.5 (Segment Descriptors). Another section you might want is 6.2.2 (TSS Descriptor). Someone can probably point you to the proper locations in AMD manuals, if you prefer those.
Re:tss and user space
so what is my kernel is at 0x0 cant the program mess with it??? how does the cpu know that memory is protected when the user level ds includes all memory
Re:tss and user space
Most (all?) people use paging, which allows you to decide for each page whether it is accessible in user mode or not. If you don't use paging, you may want to use segmentation with non-zero base addresses, but be sure you keep things compatible with the assumptions your compiler makes. It's a design decision for you to make.
Re:tss and user space
so paging will protect space, and GDT will protect from execution of non privlaged code, right?
Re:tss and user space
Hi,
For example, to prevent user-level code from executing kernel code, you'd mark the kernel's pages as "supervisor level". That way user level code can only use the kernel through special entry points (the kernel API), and can't execute kernel code directly (it'd generate a page fault if it tried).
BTW have you read the Intel manual yet?
Cheers,
Brendan
There's many ways to combine segment level protection with page level protection, but most OSs use page level protection for everything.GLneo wrote: so paging will protect space, and GDT will protect from execution of non privlaged code, right?
For example, to prevent user-level code from executing kernel code, you'd mark the kernel's pages as "supervisor level". That way user level code can only use the kernel through special entry points (the kernel API), and can't execute kernel code directly (it'd generate a page fault if it tried).
BTW have you read the Intel manual yet?
Cheers,
Brendan
For all things; perfection is, and will always remain, impossible to achieve in practice. However; by striving for perfection we create things that are as perfect as practically possible. Let the pursuit of perfection be our guide.
Re:tss and user space
yes, read the intel manual (or AMD if you prefer) cover to cover 2 times, then refer back to it frequently!BTW have you read the Intel manual yet?
if you expect to port your OS to x86-64 at anytime, it would be a good idea to use only 'flat mode' segments (as discribed in section 3.2.1)
paging can provide complete protection, user/supervisor, read/only, and execute/noexecute
seriously, read sections 3&4 at least before you continue, and it will give you a better overview of what it is your doing (for task handleing, section 6 is also very important)
Re:tss and user space
whats the danger of having everything in ring 0 but using paging for protection???
- kataklinger
- Member
- Posts: 381
- Joined: Fri Nov 04, 2005 12:00 am
- Location: Serbia
Re:tss and user space
User programs is still in Ring 3.
In order to have protection you must have:
1x system code segment (ring 0)
1x user code segment (ring 3)
1x system data segment (ring 0)
1x user data segment (ring 3)
The with paging you can select level (only two: supervisor or user) for a single page.
In order to have protection you must have:
1x system code segment (ring 0)
1x user code segment (ring 3)
1x system data segment (ring 0)
1x user data segment (ring 3)
The with paging you can select level (only two: supervisor or user) for a single page.
Re:tss and user space
They can perform priviledged instructions.GLneo wrote: whats the danger of having everything in ring 0 but using paging for protection???
Re:tss and user space
so what i should do is make a tss that points to the kernel task and ldt its address and make a GDT pointing to it also???, help!
p.s. what keeps a task from doing this:
???
p.s. what keeps a task from doing this:
Code: Select all
call 0x08:evil_code ; make cs = ring 0 code seg
evil_code:
cli
Re:tss and user space
Hardware protection... right before the processor executes that call, it checks the CPL, and if it is greater than zero, it will generate some fault or other (GPF probably). Try it in Windows and see what happens.what keeps a task from doing this:
Why don't you read the manual carefully?
Re:tss and user space
well that i could of looked up but the first part i cant find, or at lest im having troble understanding