Page 1 of 1

Switching from ring0 to ring3 cause GP

Posted: Fri Jun 17, 2022 1:13 pm
by yvef
Hi everyone.
I'm trying to set up the correct ring0 -> ring3 switching, but I'm getting a General Protection exception because of that. Moreover, the all next instructions from ring3 are executed successfully.
this is my GDT:

Code: Select all

gdt64:
	dq 0
.csd0:
	dd 0
	db 0
	db 10011010b
	db 10100000b
	db 0x00
.dsd0:
	dd 0
	db 0
	db 10010010b
	db 10100000b
	db 0x00
.csd3:
	dd 0
	db 0
	db 11111010b
	db 10100000b
	db 0x00
.dsd3:
	dd 0
	db 0
	db 11110010b
	db 10100000b
	db 0x00
.tss:
	dw 0			; limit
	dw 0			; base
	db 0x00			; base
	db 11101001b
	db 00000000b		; limit (4 bits)
	db 0			; base
	dd 0
	dd 0
When I'm in ring3 I check the CS register value (it contains 111b in the low bits), then I stop the execution (hlt, jmp ... hlt) and check the registers values
using qemu:

ES =0023 0000000000000000 00000fff 00a0f300 DPL=3 DS [-WA]
CS =0008 0000000000000000 00000000 00209a00 DPL=0 CS64 [-R-]
SS =0000 0000000000000000 00000000 00000000
DS =0023 0000000000000000 00000fff 00a0f300 DPL=3 DS [-WA]
FS =0023 0000000000000000 00000fff 00a0f300 DPL=3 DS [-WA]
GS =0023 0000000000000000 00000fff 00a0f300 DPL=3 DS [-WA]
LDT=0000 0000000000000000 0000ffff 00008200 DPL=0 LDT
TR =0028 0000000000150ad8 00000068 0000e900 DPL=3 TSS64-avl

It's strange to me, why CS register value is 0x08, because the CS value check every time passes.

Also, I refer to the AMD system programming manual (vol 2). But I don't know yet, how to check the GP error code in my interrupt handler.
If anyone knows what I missed?
I appreciate any help :)

Re: Switching from ring0 to ring3 cause GP

Posted: Mon Jun 20, 2022 12:26 pm
by neon
Hi,

Where is the code for switching to user mode? Did note that not only is CS referring to kernel code but SS appears to be the null descriptor. Nonetheless you didnt post the code that does the actual switch.

Re: Switching from ring0 to ring3 cause GP

Posted: Wed Jun 29, 2022 2:37 am
by theflysong
Hi
Where is the code for switching to user mode?
I think you may use the long call instruction to switching to user mode, it's wrong.