堆栈内存溢出
  简体   繁体   English

从用户应用程序访问ring 0模式(以及为什么Borland允许这样做)

[英]Accessing ring 0 mode from user applications ( and why Borland allows this )

 原文  2016-05-25 21:47:52       c++/ assembly/ borland-c++

问题描述

As the semester's deadlines approach, I decided to start working on a project in Operating Systems course at my college. 随着学期的最后期限临近,我决定开始在我大学的操作系统课程中开展一个项目。 The problem with the project assignment is that it requires students to develop a user application ( exe ) that will execute as a simple kernel ( basic process and thread management ). 项目分配的问题在于它要求学生开发一个将作为简单内核(基本过程和线程管理)执行的用户应用程序( exe )。

First thing that popped to my mind was : How the hell am I supposed to execute privileged code in user application? 我想到的第一件事是: 我该如何在用户应用程序中执行特权代码?

After consulting with other students ( who did the project on time ), I learned that they were able to execute privileged code without problems using Borland 3.1 compiler. 在咨询了其他学生(按时完成项目)之后,我了解到他们能够使用Borland 3.1编译器执行特权代码而不会出现问题。 However, none of them found that weird nor knew why that worked. 然而,他们都没有发现这种奇怪,也不知道为什么会这样。 Why ( better question here would be how ) does Borland do this? 为什么(这里有更好的问题, 如何 )Borland会这样做吗? Doesn't this violate fundamental principles of OS security? 这是否违反操作系统安全的基本原则?

Note: I added C++ tag because the project is supposed to be written as a C++ application, with most of the privileged code executed as inline assembly. 注意:我添加了C ++标记,因为该项目应该被编写为C ++应用程序,大多数特权代码都作为内联汇编执行。

Update My question was somewhat poorly phrased originally. 更新我的问题最初的措辞有点差。 Of course I was able to compile code with privileged instructions with any compiler - running the code was the problem. 当然,我能够使用任何编译器使用特权指令编译代码 - 运行代码是问题。

2 个解决方案

解决方案1
 6 已采纳  2016-05-25 22:39:54

Two things: 两件事情:

  1. Back in the days of 8086 real mode there were no privilege levels. 回到8086实模式的时代,没有特权级别。 Borland 3.1 was a 16-bit compiler. Borland 3.1是一个16位编译器。 If you're running code it produces on a modern version of Windows, it will run in Virtual 8086 mode using the NTVDM, which also has no privilege levels. 如果您正在运行它在现代版本的Windows上生成的代码,它将使用NTVDM在Virtual 8086模式下运行,该模块也没有权限级别。

  2. Even when using a modern compiler / assembler, it generally won't complain about privileged instructions even in protected mode and long mode. 即使使用现代编译器/汇编器,即使在保护模式和长模式下,它通常也不会抱怨特权指令。 This source code compiles just fine for me in MSVC 2015 but crashes whenever I run it because it tries to access a register that is off-limits to user-mode applications: 这个源代码在MSVC 2015中编译得很好,但每当我运行它时都会崩溃,因为它试图访问一个禁止用户模式应用程序的寄存器: 

int  main()
{
    __asm
    {
        mov eax, cr0
        or eax, 1
        mov cr0, eax
    }
    return 0;
}

解决方案2
 5  2016-05-25 22:29:58

The compiler allows it because the compiler's job is strictly to convert the input into compiled output. 编译器允许它,因为编译器的工作是严格地将输入转换为编译输出。 It's not designed to impose or enforce any system security rules. 它的目的不是强加或强制执行任何系统安全规则。 That's the job of the execution environment, typically the OS or emulator that executes the compiled code. 这是执行环境的工作,通常是执行编译代码的OS或模拟器。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 为什么此代码允许访问私有变量 - Why this code allows accessing private variables 从用户模式访问Windows Native API - Accessing Windows Native API from User-Mode 用于调试Borland和Visual Studio应用程序的工具 - Tool for debugging Borland & Visual Studio applications 访问内核模式驱动程序内的用户模式内存 - Accessing user-mode memory inside kernel-mode driver Borland C ++ Typecast覆盖-为什么要模棱两可? - Borland C++ Typecast overrides - Why Ambiguity? 如果 C++ 会产生访问私有成员等问题,为什么 C++ 允许使用指针? - why c++ allows pointers if they can generate problems like accessing private members? 数据抽象真正允许在C ++中将实现与用户隔离 - Data abstraction that really allows isolating implementation from the user in C++ 为什么POSIX允许在现有文件结束(fseek)之外寻找只读模式 - Why POSIX allows seeking beyond the existing end of file (fseek) for read only mode 在C ++中获取ring 0模式(Windows) - Getting ring 0 mode in C++ (Windows) 从用户模式创建蓝屏? - Create BSOD from user mode?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM