Page 1 of 1

cannot jump into a user code segment of DPL 3 with RPL 3

Posted: Sun Feb 22, 2009 1:45 am
by osmosys
hi, i am trying to run a user application with privilege level 3.i have made a separate code segment(with access 0xff) and data segment (with access 0xf2). right now i am standing on kernel code at privilege level 0 and trying to run my first process. i can move the data segment of the process to ds,es,fs and gs.

i cannot do two things
1. i cannot move the new stack segment to ss. i have read that to put values into stack segment with privilege DPL 3, i have request it with RPL 3 and CPL must also be 3. so i need to enter into CPL 3 first to load stack segment

2. i cannot jump into the new user code segment with DPL 3 with an RPL of 3. Right now i am at CPL 0.

what could be the problem ?

Re: cannot jump into a user code segment of DPL 3 with RPL 3

Posted: Sun Feb 22, 2009 5:20 am
by osmosys
i also tried the method of pushing all the required values on the stack and then calling iret. by doing so , i get the error invalid tss type on qemu

this is the piece of code, this is the code that creates the user segments

Code: Select all

	segment [3] = gdt_assign (codesegment,0x2000000,0xfa,0xc);
	segment [4] = gdt_assign (0xffffffff-0x2000000,0x2000000,0xf2,0xc);
	segment [5] = gdt_assign (0xffffffff,0,0xf2,0xc);
this is code that actually jumps into the user process

Code: Select all

	mov $0x23,%ax
	mov %ax,%ds
	mov %ax,%es
	mov %ax,%fs
	mov %ax,%gs
	
	mov $0x2b,%eax
	push %eax

	mov $0xffffffff,%eax
	push %eax
	
	pushf
	pop %eax
	or $0x200,%eax
	push %eax

	mov $0x1b,%eax
	push %eax

	mov $0x0,%eax
	push %eax

	iret
now i get the error invalid tss type on qemu..this is the actual qemu log after the quit

check_exception old: ffffffff new e
56: v=0e e=0005 i=0 cpl=3 IP=001b:00000000 pc=02000000 SP=002b:ffffffff CR2=02000000
EAX=00000000 EBX=001281e0 ECX=00000030 EDX=000003d5
ESI=00002e20 EDI=00007a00 EBP=0009fe2b ESP=ffffffff
EIP=00000000 EFL=00000202 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0023 02000000 ffffffff 02cff300
CS =001b 02000000 0012cfff 02c0fa00
SS =002b 00000000 ffffffff 00cff200
DS =0023 02000000 ffffffff 02cff300
FS =0023 02000000 ffffffff 02cff300
GS =0023 02000000 ffffffff 02cff300
LDT=0000 00000000 0000ffff 00008000
TR =0000 00000000 0000ffff 00008000
GDT= 00128240 0000002f
IDT= 0012a260 000007ff
CR0=e0000011 CR2=02000000 CR3=00605000 CR4=00000000
CCS=00000044 CCD=00000246 CCO=EFLAGS
qemu: fatal: invalid tss type
EAX=00000000 EBX=001281e0 ECX=00000030 EDX=000003d5
ESI=00002e20 EDI=00007a00 EBP=0009fe2b ESP=ffffffff
EIP=00000000 EFL=00000202 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0023 02000000 ffffffff 02cff300
CS =001b 02000000 0012cfff 02c0fa00
SS =002b 00000000 ffffffff 00cff200
DS =0023 02000000 ffffffff 02cff300
FS =0023 02000000 ffffffff 02cff300
GS =0023 02000000 ffffffff 02cff300
LDT=0000 00000000 0000ffff 00008000
TR =0000 00000000 0000ffff 00008000
GDT= 00128240 0000002f
IDT= 0012a260 000007ff
CR0=e0000011 CR2=02000000 CR3=00605000 CR4=00000000
CCS=00000044 CCD=00000246 CCO=EFLAGS
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000

Re: cannot jump into a user code segment of DPL 3 with RPL 3

Posted: Sun Feb 22, 2009 5:51 am
by neonek
Maybe this will help you.


Regards,
Mark

Re: cannot jump into a user code segment of DPL 3 with RPL 3

Posted: Mon Feb 23, 2009 1:43 am
by osmosys
thanks for the reply. but does the system use tss when switching to user mode from kernel mode ??

i tried to do as it is said in james molly's tutorial..
but when i try to do it exactly the same (with same segments, same tss) as he said, i get page fault after entering into user mode..what could be the problem ? cr3 register has the same value and all page tables and page directory are the same..i checked them, but couldn't find the source of page fault. the page fault occurs because the system cannot access the next instruction after iret. that is the address at cr2

Re: cannot jump into a user code segment of DPL 3 with RPL 3

Posted: Mon Feb 23, 2009 10:25 am
by gzaloprgm
thanks for the reply. but does the system use tss when switching to user mode from kernel mode ??
No, only in user-mode to kernel transition. (Via interrupts for example)
i tried to do as it is said in james molly's tutorial..
but when i try to do it exactly the same (with same segments, same tss) as he said, i get page fault after entering into user mode..what could be the problem ? cr3 register has the same value and all page tables and page directory are the same..i checked them, but couldn't find the source of page fault. the page fault occurs because the system cannot access the next instruction after iret. that is the address at cr2
Read carefully the end of the page and look what it says:
10.3.1. Possible problems
If you keep getting page faults when jumping to user mode, make sure that your kernel code/data is set to be user-accessible. When you actually load user programs you won't want this to be the case, however at the moment we merely jump back to the kernel and execute code in main(), so it needs to be accessible in user mode!