sysenter / sysexit: Inconsistent manual + ring 3 access rights

sysenter / sysexit: Inconsistent manual + ring 3 access rights

Hi all,

As part of my research project, I am currently implement my own security kernel. One of the key parts is, naturally, a user/kernel separation. For this I intended to use the sysenter/sysexit combination. Sysenter seems to work correctly, but sysexit causes problems. Digging through the manual I even found an inconsistency. In the developer's manual 3.A chp 5.8.7.1. It states that sysexit causes the use of the following stack segment: IA32_SYSENTER_CS + 40 (in ia32e mode). The manual 2.A at page 4.500 however, states that IA32+SYSENTER_CS + 8 is used.

Trying to resolve the issue, I looked at how Linux implements system calls. Unfortunately it uses syscall/sysret instructions. Surprisingly however, it sets the SYSRET CS value to 0x13. The two least significant bits are set to allow user mode to access the code and stack segments. How is this resolved with the sysenter/sysexit instructions?

Thanks in advance,
Raoul

2 posts / 0 nouveau(x)
Dernière contribution
Reportez-vous à notre Notice d'optimisation pour plus d'informations sur les choix et l'optimisation des performances dans les produits logiciels Intel.

Hi
I believe you are referring to the 4th bullet item on page 4-455 of rev 37 of Vol 2B, which said
"Stack segment - Computed by adding 8 to the value of CS selector."

What it meant, was, add 8 to the target code segment address, which was stated in the 1st bullet as IA32_SYSENTER_CS+32.

Laisser un commentaire

Veuillez ouvrir une session pour ajouter un commentaire. Pas encore membre ? Rejoignez-nous dès aujourd’hui