OSDev.org

Well,... I was wondering if it's possible for an application to have no pages to the kernel, but still be able to make a syscall.

For example the application calls :

int $0x80

This calls linux-compatible interruption.

Now I don't want to page the interruption handler to the application. It seems that cr0 and cr3 aren't altered when int is called, so I was wondering if it's possible for the system to jump to a non-mapped area upon receiving an interrupt. Obviously no, but still... I wonder if it's really impossible.

Any clue about that is welcome

Provided you have a valid ESP0/SS0, it can be done:

- application calls INT xxx
- processor loads ESP and SS from the TSS, CS and EIP from the IDT and jumps to that location.
- Processor generates a pagefault as the code does not exists
- Pagefault handler pages in the interrupt handler
- Pagefault handler resumes execution
- The interrupt is restarted and the syscall is executed

Alternatively, you can force a GPF on the INT call, check which int is called and act accordingly.

In either case, read the manuals for more info.

Now I don't want to page the interruption handler to the application

You should do that. Your application does not need write access to this page, but what's the problem if it sees this handler in memory ? If you want to change from user to kernel mode you can use Task Gates, but it's slow and needs a lot of extra work.

Ok, so I'll just have to have a readonly page somewhere in process memory to handle interrupts, which will just switch to kernel pages and give control back to kernel.

Thanks a lot