汇编语言程序也受内核模式限制吗? [英] Are assembly language programs restricted by kernel modes as well?

问题描述

如果我要编写汇编语言程序，是否可以破坏操作系统的安全性机制-访问其他进程的地址空间，访问内核地址空间等?

If I were to write an assembly language program, am I allowed to break the security mechanisms of an OS - accessing other processes' address space, accessing kernel address space, etc?

编辑:

如果我编写了一个由OS提供的加载程序加载到内存中的汇编语言程序，那么OS在尝试访问受保护的内存地址空间时如何截获我的程序?我的假设是，此保护内置于操作系统提供的系统调用和库中，如果您不使用这些系统调用和库，则可以违反操作系统策略.

If I write an assembly language program which is loaded in memory by an OS supplied loader, how would the OS intercept my program while it tries to access protected memory address spaces? My assumption is this protection is built into the system calls and libraries supplied by an OS, and if you don't use those system calls and libraries, you're allowed to break OS policies.

推荐答案

注意:此答案是 glauxosdever 和库迪·格雷提供的评论 a>

NOTE : This answer is an amalgamation of the answers provided by Ira Baxter, glauxosdever and Peter Cordes, and comments provided by Cody Gray

如果您的程序是作为操作系统控制的进程运行，则不是在硬件上提供足够的进程隔离(通常是地址空间管理保护)的计算机上.

Not if your program is run as an OS-controlled process, on a machine that provides adequate process isolation (typically address space management protection) in hardware.

对于大多数体系结构(包括x86)，保护是内置在硬件中的.

For most architectures (including x86), protection is built-in into the hardware.

大多数现代操作系统(包括Windows，OS X，Linux，BSD等)都使用分页进行进程的内存管理.分页涉及具有页面目录和页面表，页面目录和页面表描述了每个虚拟页面的属性:物理地址，权限等.

Most modern operating systems (including Windows, OS X, Linux, BSD, etc) use paging for memory management of processes. Paging involves having page directories and page tables, which describe the properties of each virtual page: physical address, permissions, etc.

页面目录和页面表映射在内核空间中，因此不能由用户进程编辑.

对照页表检查每个单个加载/存储(和代码提取)(使用 TLB 缓存页表条目).

Every single load/store (and code fetch) is checked against the page tables (using a TLB to cache page table entries).

如果用户运行x86的 LIDT 错误的特权指令，如果由用户运行空间过程. (该手动输入的例外部分说，它引发#GP(0)如果当前特权级别不为0".)

Also, privileged instructions like x86's LIDT fault if run by a user-space process. (The exceptions section of that manual entry says it raises #GP(0) "If the current privilege level is not 0").

这篇关于汇编语言程序也受内核模式限制吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！