tags:

views:

70

answers:

2
+3  Q: 

Doubts in System call mechanism in linux

We transit from ring3 to ring0 using 'int' or the new 'syscall/sysenter' instruction. Does that mean that the page tables and other stuffs that needs to be modified for the kernel is automatically done by the 'int' instruction or the interrupt handler for the 'int 0x80' will do the required stuff and jump to the respective system call.

Also when returning from a system call, we again need to go to user space. For this we need to know the instruction address in the user space to continue the user application. Where is that address stored. Does the 'ret' instruction automatically changes the ring from ring3 to ring0 or where/how this ring changing mechanism takes place?

Then, i read that changing from ring3 to ring0 is not as costly as changing from ring0 to ring3. Why is this so??

Thanks, Bala

+2  A: 

This article: Sysenter Based System Call Mechanism in Linux 2.6 should answer most of your questions.

WhirlWind  2010-05-11 01:44:17
+3  A: 

The pagetables aren't changed when switching to kernel mode - the kernel part of the virtual address space is simply marked as only being accessible in ring0, so it just becomes accessible. The kernel changes pagetables when it changes the current process.

The int 0x80 instruction is served by a trap gate, which supplies the address for the processor to jump to as a CS:EIP pair. The new CS (code segment selector) includes a CPL (current privilege level) of 0, which effects the transition to ring0.

Due to the transition from ring3 to ring0, the processor also picks up new values for SS:ESP from the TSS (task segement selector), and saves the old ones in the TSS. This switches from the user mode stack to the kernel's stack.

The previous CS:EIP are then pushed onto the kernel stack (this is the return address in user space). All of this is done by the processor due to the int 0x80 instruction itself.

The IRET instruction can be used to return to userspace - it pops the CS:EIP from the kernel stack. Since the CS includes a CPL of 3, the processor is switching back to ring3, which causes it to switch back to the ring3 stack as well.

caf  2010-05-11 01:53:03

related questions

grep a file, but show several surrounding lines?
VMWare Server Under Linux Secondary NIC connection
Should I move from C++ to Python? ... Or another language?
Globus Toolkit virtual machine
How to avoid redefining VERSION, PACKAGE, etc.
How do I setup Public-Key Authentication?
showing a message box from a bash script in linux
Best Linux Distro for Computer Repair
Mapping my custom keys in Debian
Any IcedTea war stories?
How do you find the age of a long-running Linux process?
Personal Linux web server
Programmatically talking to a Serial Port in OS X or Linux
what's in your .bashrc ?
Linux - files and scripts that execute on boot
Text Editor For Linux (Besides Vi)?
Lightweight IDE for Linux
Shell scripting input redirection oddities
XML Editing/Viewing Software
What should a longtime Windows user know when starting to use Linux?
Gtk SSH client for Linux?
Getting root permissions on a file inside of vi?
Is it possible to drag windows between workspaces when using Compiz?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?