tut23 - User Land
Posted: Tue Jun 07, 2011 12:22 pm
Hi,
I need a small explanation about this chapter... more about your insight
about running code on user land.. on machine point of view
01) user type 'user'
02) -There is GDT entry 5, pointing to TSS structure
03) -TSS: some fields are pointing to kernel (code and data) with rpl=3
04) -TSS: ss0 and espy are pointing to kernel:stack for (safety return); TR is set (LTR)
05) -There is 2 GDT entries, for user (code and data)
06) -segments are set to use 5)
07) -Artificial stack is builded to use iretd
08) -after iretd the system will be at 0x1b:label (at user land)
09) -...int 0x80
10) An IDT entry that will catch the Dispatcher;
11) Dispatcher get the index that will correspond to one function entry point
12) Execute that function and return...
My question is: what is the correlation with TSS? (since we don't jump or call that particular gdt entry... (we set TR). And setting only ss0 and esp0, living all others fields with '0', works in same way)
I need a small explanation about this chapter... more about your insight
about running code on user land.. on machine point of view
01) user type 'user'
02) -There is GDT entry 5, pointing to TSS structure
03) -TSS: some fields are pointing to kernel (code and data) with rpl=3
04) -TSS: ss0 and espy are pointing to kernel:stack for (safety return); TR is set (LTR)
05) -There is 2 GDT entries, for user (code and data)
06) -segments are set to use 5)
07) -Artificial stack is builded to use iretd
08) -after iretd the system will be at 0x1b:label (at user land)
09) -...int 0x80
10) An IDT entry that will catch the Dispatcher;
11) Dispatcher get the index that will correspond to one function entry point
12) Execute that function and return...
My question is: what is the correlation with TSS? (since we don't jump or call that particular gdt entry... (we set TR). And setting only ss0 and esp0, living all others fields with '0', works in same way)