From owner-freebsd-arch@FreeBSD.ORG Wed Aug 31 20:05:13 2011 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8362D106566B for ; Wed, 31 Aug 2011 20:05:13 +0000 (UTC) (envelope-from vicmrml@gmail.com) Received: from mail-ew0-f54.google.com (mail-ew0-f54.google.com [209.85.215.54]) by mx1.freebsd.org (Postfix) with ESMTP id 1E0678FC12 for ; Wed, 31 Aug 2011 20:05:12 +0000 (UTC) Received: by ewy1 with SMTP id 1so919091ewy.13 for ; Wed, 31 Aug 2011 13:05:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; bh=owJ8etH0SlLW3j7swC2Fj5HUjJkbeVN19pbDU8nrQnA=; b=xpr4CvaOI8qn3t3uid6F/orlUIpA/kEdlOItLibdL+qlMPpDOYlk862g+fGW0UnzEb vmP9NtlYisV3JQcDeVLkl5k3cCthSbykmL+4F6vYgF7SEUGEbgVGKleawmYLPlx/R1u9 hGtYxrpHr433Mk4QanxgGWZDpSbcUg+8M/O04= Received: by 10.14.14.83 with SMTP id c59mr458965eec.180.1314819691984; Wed, 31 Aug 2011 12:41:31 -0700 (PDT) Received: from [127.0.0.1] ([188.123.241.56]) by mx.google.com with ESMTPS id r5sm159730eef.40.2011.08.31.12.41.30 (version=SSLv3 cipher=OTHER); Wed, 31 Aug 2011 12:41:31 -0700 (PDT) Message-ID: <4E5E8E69.1040506@gmail.com> Date: Wed, 31 Aug 2011 23:41:29 +0400 From: Victor User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.2.20) Gecko/20110804 Thunderbird/3.1.12 MIME-Version: 1.0 To: freebsd-arch@freebsd.org Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: Privileged mode commands in FreeBSD processes X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Aug 2011 20:05:13 -0000 Is it possible to write and start a program in FreeBSD, which could execute processor commands of previleged modes (protection rings), commonly prohibited to a process in the user mode? For example we could permit the process direct access to i/o ports (IN and OUT commands on PC architecture), execution of the software interrupt command with any operand (INT), access to descriptor tables registers (GDT, LDT, etc.) with capability of changing content of both these registers and descriptor tables themselves (situated in the RAM). We could also allow the process to change flag bits in the registers of CPU, responsible for processor modes (memory addressing modes, transition from protected to real mode and vice versa, etc.) In fact, if this feature exists in FreeBSD, it must switch the processor for the time of execution this process to the mode with higher privileges (to the protection ring from 2 to 0, not 3 in x86). I would like to ask the FreeBSD community, does this possibility exist in FreeBSD? I understand the problem can be easily solved by deviding the program into two parts: the process (COFF or ELF file) and the driver. All the code, containing privileged commands, could be placed in the driver, as the rest of the code (its unprivileged part) could be contained in the process. As far as I understand, the driver code is executed in the 0 ring mode, so it has no restrictions. On the other hand it would be interesting to have such an opportunity for common processes in both educational (e. g. studying assembler privileged mode commands) and technical purposes. Of course this feature is a great threat for system safety, and besides programs, using it, can easily completely destroy the system, however it could be useful for some aims. Does anything of such kind exist in FreeBSD? If it does, please give me a reference in the FreeBSD documentation. Victor.