Hi,
uriza wrote:
i has been confused by the problem as in the title.i found the intel datasheet say "the Intel 64 and IA-32 architectures provide a protection mechanism that operates at both the segment level and the page level".
Does it mean the protected mode only provides protection for memory acess, and it provides no protection for CPU acess?
if CPU has no confine for its intructions acess,does that mean i can use some special CPU instructions such as,LGDT,LIDT,IN,OUT ,in user mode?
From memory...
User mode code can never:
- use LGDT, LIDT, LLDT or LTR
- access MSRs
- use Intel VT or AMD-V instructions (hypervisor stuff)
- read or write to control registers (CR0, CR3, CR4, etc)
Depending on different things, a kernel can prevent user mode code from:
- using certain GDT and LDT entries (including call gates and TSSs)
- using certain software interrupts
- using certain I/O ports
- using the HLT instruction
- executing, writing to or reading from certain pages
- modifying "special" flags in the EFLAGS register (e.g. interrupt enable/disable)
- using RDTSC and RDTSCP
- accessing the debug registers (DR0 to DR7)
- using FPU/MMX
- using SSE
Unfortunately, it's not possible to prevent user mode code from:
- using SGDT, SLDT, SIDT or STR
- using CPUID
There's probably some things that I missed, but that should cover most things...
Cheers,
Brendan