Doubts about the Linux system call mechanism

Question

Doubts about the Linux system call mechanism

We go from ring3 to ring0 using 'int' or the new syscall / sysenter command. Does this mean that page tables and other materials that need to be changed for the kernel are automatically executed by the "int" instruction, or does the interrupt handler for "int 0x80" perform the necessary actions and go to the corresponding system call.

Also, when returning from a system call, we again need to go to user space. To do this, we need to know the address of the instruction in user space in order to continue the user application. Where is this address stored. Does the ret statement execute a ring from ring3 to ring0, or where / how does this mechanism of ring change occur?

Then I read that changing from ring3 to ring0 is not as expensive as switching from ring0 to ring3. Why is this so?

Thanks Bala

+3

x86 linux system-calls

bala1486 May 11 '10 at 1:34

source share

2 answers

: Sysenter Linux 2.6 .

+2

WhirlWind 11 '10 1:44

caf · Accepted Answer · 2010-05-11T01:53:03+0000

When switching to kernel mode, the variables do not change - part of the kernel of the virtual address space is simply marked as available only in ring0, so it becomes available. The kernel modifies pagetables when the current process changes.

The instruction is int 0x80served by a trap gateway that supplies the address for the processor transition as a CS: EIP pair. The new CS (code segment selector) includes CPL (current privilege level) 0, which leads to the transition to ring0.

ring3 ring0, SS: ESP TSS ( ) TSS. .

CS: EIP ( ). - int 0x80.

IRET - CS: EIP . CS CPL 3, ring3, ring3.

Doubts about the Linux system call mechanism

More articles: