www.Usenet.com
www.Usenet.com
| <-- __Chronological__ --> | <-- __Thread__ --> |
[EMAIL PROTECTED] (Paul A. Clayton) wrote in message news:<[EMAIL PROTECTED]>... > The following idea came for a faster entry into specific > positions of privileged code: provide a special form of > jump register instruction (which would attempt to enter > supervisor mode--possibly also provide support for an > intermediate privilege mode), a special privileged-code- > entry instruction (which could be a regular instruction > such as ADD with a reserved bit set), and a bit in PTEs > to indicate privilege escalation allowed. > > It was thought that the privilege-code-entry operation > would only be activated immediately after a jump > instruction and when the instruction is aligned to, > e.g., 64B (minimizing the decoding complexity). > > (If one was willing to require forcing to privileged mode, > no special jump instruction would be required. Page > aliases would then be necessary to allow privileged > code to be used for non-privileged library functions.) > > Since this would not change the translation tables, > this would have limited usefulness; but it would > allow directly invoking a kernel function rather than > using a generic system call interface. (This might > slightly speed interprocess communication.) OTOH, > it should be much more friendly to traditional RISC > systems. You've got to be careful not to open up a huge security hole. If you're going to allow a user application to branch anywhere into a page marked "switch to privileged mode instruction OK", you had better be darn sure that that instruction's bit pattern does not appear anywhere you don't expect it. In the other variant, you have to ensure that the user can only branch to "safe" entry points on a "switch" page. You *must* keep very tight control over where a user mode application can call into privileged code. Usually the switch to protected mode is accompanied by an implicit branch to a fixed location, at which point some OS specific convention is used to select which routine to call (typically the caller sets one of the registers with an index to the routine to call). A quite minimalist way of doing this is implemented on newer x86's via the SYSENTER/SYSEXIT mechanism. In any event, I don't think you're solving the real problem. The actual switch to privileged mode isn't usually the big problem, it's all the other stuff that has to be done by the OS, and the impact on caching and TLBs if an address space switch is involved. FYI, for a current "call gate" like instruction that's actually used, check out S/370's Program Call.
| <-- __Chronological__ --> | <-- __Thread__ --> |
