Hello,
First of all I’m sorry for bringing such “stupid” question here, forgive me
I’m new.
Here is the problem:
On w9x systems instructions like “in/out” (for example) could be executed
form ring3 mode, on NT based system the same will generate a fault because
“in/out”
is marked as PRIVILEDGED_INSTRUCTION.
My question is how OS checks is it priviledged instruction or not?
Is there any “opcode emulating” done by OS?
regards,
WI
This is part of the hardware protection built into the chip. There are
undocumented kernel calls that enable a process to use in and out for a
range of ports.
–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply
wrote in message news:xxxxx@ntdev…
> Hello,
>
> First of all I’m sorry for bringing such “stupid” question here, forgive
me
> I’m new.
>
> Here is the problem:
> On w9x systems instructions like “in/out” (for example) could be executed
> form ring3 mode, on NT based system the same will generate a fault because
> “in/out”
> is marked as PRIVILEDGED_INSTRUCTION.
>
> My question is how OS checks is it priviledged instruction or not?
> Is there any “opcode emulating” done by OS?
>
> regards,
> WI
>
>
>
Is this undocumented “feature” created only for “in/out” instructions?
or can be used with any OPCODE, and any instruction can be “hooked”?
I heard also about MOV FROM/TO cr0 / LMSW instructions “emulation” but i
guess it is
some kind of “vdm” feature??
regards,
WI
No, you can open I/O ports, but the rest is a protection mode. You could of
course map kernel memory or I/O space into user space (there are drivers
that do this)., but this doesn’t enable priviledged instructions.
–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply
wrote in message news:xxxxx@ntdev…
> Is this undocumented “feature” created only for “in/out” instructions?
> or can be used with any OPCODE, and any instruction can be “hooked”?
>
> I heard also about MOV FROM/TO cr0 / LMSW instructions “emulation” but i
> guess it is
> some kind of “vdm” feature??
>
> regards,
> WI
>
>
>
> Is there any “opcode emulating” done by OS?
Windows provides very limited support for such kind of things by
having “Virtual Device Drivers” or VDDs.
From the DDK:
******************************************************
VDDs provide a translation layer between 16-bit MS-DOS applications and
special-purpose hardware devices in the NT-based system. A VDD turns an
application’s attempt to write directly to a device into a Win32 API call
that makes a request to a kernel-mode device driver. The key characteristic
of every VDD is the original MS-DOS application does not need to be modified
to work on 32-bit NT-based machines. By adding a VDD and a kernel-mode device
driver, an application developer can move an existing MS-DOS application and
its dedicated hardware device to 32-bit NT-based systems.
For improved performance, the MS-DOS application can be modified to directly
call its companion VDD. Otherwise, the unmodified application can rely on the
VDM to intercept disallowed device accesses and route them to the VDD.
The three main areas in which the VDM intercepts an application’s attempts to
interact directly with device hardware are:
I/O ports
Memory mapped I/O
DMA
The VDD can install callback functions to handle I/O port access and
memory-mapped I/O. The VDD can also make calls to functions provided by the
NT-based environment to support DMA transfers between an application and a
hardware device. In addition, NT-based systems supply functions that allow a
VDD to query and set processor registers and simulate interrupts. These
services allow the VDD to fully support the functionality of the original
MS-DOS application and its accompanying hardware device.
***********************************************************
Dmitriy Budko, VMware
> My question is how OS checks is it priviledged
instruction or not?
Is there any “opcode emulating” done by OS?
IN/OUT are checked with the I/O Permission Bitmap
contained in the Task State Segment.
Best regards,
Razvan
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com