Ring Architecture

shankarkolli
November 9, 2006 7:23 PM PST
Rate
 
#2 Reply to #1
Thanks a lot for the reply. I think i didn't make my point clear.

I will try to explain the problem with the help of a simple example.

Lets assume GDT starts at memory address, say 100(to make things simple) and it is already loaded into GDTR.

Lets say i am currently at ring 3 and need access to higher privilege level.  Then i should access this GDT via a call gate and do some privilege checking. If the privilege checking fails then the access is denied.

What i am wondering is we could always do a hack like the following and pass the privilege cheking -

MOV some_value, appropriate_entry_inGDT

We can modify the GDT in memory with the above instruction and hack the appropriate entry and then i can follow it with a call gate access now with the right privilege levels to access a higher privilege level.

What i am wondering about is the mechanisms that prevent this MOV instruction from being executed.


Hope i made my problem clear.

Thanks,

Intel Software Network Forums Statistics

8470 users have contributed to 31601 threads and 100640 posts to date.
In the past 24 hours, we have 31 new thread(s) 110 new posts(s), and 153 new user(s).

In the past 3 days, the most popular thread for everyone has been gemm(A,A,A) like possible? The most posts were made to gemm(A,A,A) like possible? The post with the most views is Dear Steve, excuse me for a d

Please welcome our newest member kopernikus