OSDev.org

i has been confused by the problem as in the title.i found the intel datasheet say "the Intel 64 and IA-32 architectures provide a protection mechanism that operates at both the segment level and the page level".
Does it mean the protected mode only provides protection for memory acess, and it provides no protection for CPU acess?
if CPU has no confine for its intructions acess,does that mean i can use some special CPU instructions such as,LGDT,LIDT,IN,OUT ,in user mode?

Hi,

uriza wrote:i has been confused by the problem as in the title.i found the intel datasheet say "the Intel 64 and IA-32 architectures provide a protection mechanism that operates at both the segment level and the page level".
Does it mean the protected mode only provides protection for memory acess, and it provides no protection for CPU acess?
if CPU has no confine for its intructions acess,does that mean i can use some special CPU instructions such as,LGDT,LIDT,IN,OUT ,in user mode?

From memory...

User mode code can never:

• use LGDT, LIDT, LLDT or LTR
• access MSRs
• use Intel VT or AMD-V instructions (hypervisor stuff)
• read or write to control registers (CR0, CR3, CR4, etc)

Depending on different things, a kernel can prevent user mode code from:

• using certain GDT and LDT entries (including call gates and TSSs)
• using certain software interrupts
• using certain I/O ports
• using the HLT instruction
• executing, writing to or reading from certain pages
• modifying "special" flags in the EFLAGS register (e.g. interrupt enable/disable)
• using RDTSC and RDTSCP
• accessing the debug registers (DR0 to DR7)
• using FPU/MMX
• using SSE

Unfortunately, it's not possible to prevent user mode code from:

• using SGDT, SLDT, SIDT or STR
• using CPUID

There's probably some things that I missed, but that should cover most things...


Cheers,

Brendan

Thanks a lot!

Brendan wrote:Hi,

From memory...

User mode code can never:

• use LGDT, LIDT, LLDT or LTR
• access MSRs
• use Intel VT or AMD-V instructions (hypervisor stuff)
• read or write to control registers (CR0, CR3, CR4, etc)

I think that may be right.
But I'm not sure who have confined user mode code code to do that?
the os kernel or CPU internal mechanism or both?
if only os kernel works, dose that mean some special written programs can bypass the confine of kernel to acess special CPU intructions?

uriza wrote: But I'm not sure who have confined user mode code code to do that?
the os kernel or CPU internal mechanism or both?
if only os kernel works, dose that mean some special written programs can bypass the confine of kernel to acess special CPU intructions?

Things which "user mode code can never do" are constrained by the CPU. It will give an exception (usually #GP) if ring 3 code tries to do it.

If you need a user mode program to execute those instructions, you can try setting up VX mode (I avoid even reading that section of the manual, as it is probably very ugly).

Also, you should be able to: detect the exception in your GP interrupt handler, emulate the effects, and return to the user program.

nedbrek wrote:
Things which "user mode code can never do" are constrained by the CPU. It will give an exception (usually #GP) if ring 3 code tries to do it.

Thanks !!
I think I get it.