在用户模式下，x86 CPU可以读取任何寄存器的值吗? [英] Can an x86 CPU read the value of any register while in user mode?

问题描述

我已经阅读到某些x86 CPU在用户模式下无法修改的寄存器(我相信这些寄存器称为特权寄存器").

I have read that there are some registers that an x86 CPU cannot modify while in user mode (I believe these registers are called "privileged registers").

但是x86 CPU是否可以在用户模式下读取这些寄存器的值，或者甚至不允许读取?

But can an x86 CPU read the values of these registers while in user mode, or is even reading not allowed?

推荐答案

您通常用于计算的所有寄存器都可以在任何模式下读取/写入(GP整数，x87/MMX，XMM/YMM/ZMM和AVX512 k0-7 掩码寄存器)，但是有许多基本上是模式/控制设置的寄存器.某些特殊"寄存器可以写在用户空间中，例如段寄存器，MPX bnd 寄存器.

All the registers you'd normally use for computation can be read/written in any mode (GP integer, x87/MMX, XMM/YMM/ZMM and AVX512 k0-7 mask registers), but there are many registers that are basically mode/control settings. Some "special" registers can be written in user-space, like segment registers, MPX bnd registers.

不能在用户模式(特权级别> 0)中读取或写入以下寄存器:

The following registers cannot be read from or written to in user mode (privilege level > 0):

• 所有MSR寄存器.这些包括MTRR.可以使用 WRMSR / RDMSR 以外的指令访问某些寄存器.这样的寄存器可以在用户模式下访问.例如，内核可以允许用户代码使用 WRPMC 和 RDPMC 指令访问PMC寄存器.
• GDTR，IDTR，LDTR和TR.
• 控制寄存器CR0-15.但是，在Intel处理器上，如果 CR4.UMIP = 0，则可以使用 SMSW 读取 CR0 .在AMD处理器上， CR4.UMIP 不可用，并且 SMSW 可以无条件地在任何特权级别执行.
• 调试寄存器DR0-15.
• 在80486上测试TR3-7，在80386上测试TR6-7.

• All MSR registers. These include the MTRRs. Some of the registers can be accessed using instructions other than WRMSR/RDMSR. Such registers may be accessible in user mode. For example, the kernel may allow user code to access the PMC registers using the WRPMC and RDPMC instructions.
• GDTR, IDTR, LDTR, and TR.
• Control registers CR0-15. However, on Intel processors, if CR4.UMIP = 0, CR0 can be read using SMSW. On AMD processors, CR4.UMIP is not available and SMSW can be executed at any privilege level unconditionally.
• Debug registers DR0-15.
• Test registers TR3-7 on the 80486 and TR6-7 on the 80386.

EFLAGS 寄存器允许的修改有些复杂，如英特尔手册第2卷中所述:

The modifications that are allowed to the EFLAGS register are a little complicated as described in the Intel manual Volume 2:

在受保护的，兼容的或64位模式下使用特权级别大于0，但小于或等于IOPL，全部除了IOPL字段和RF，IF，VIP，VIF和VM;这些仍然不受影响.AC和ID标志只能修改如果操作数大小属性为32，则中断标志(IF)为仅在至少以与特权相同的级别执行时才更改IOPL.如果执行的POPF/POPFD指令不足特权，不会发生异常，但特权位不会改变.

When operating in protected, compatibility, or 64-bit mode with a privilege level greater than 0, but less than or equal to IOPL, all flags can be modified except the IOPL field and RF, IF, VIP, VIF, and VM; these remain unaffected. The AC and ID flags can only be modified if the operand-size attribute is 32. The interrupt flag (IF) is altered only when executing at a level at least as privileged as the IOPL. If a POPF/POPFD instruction is executed with insufficient privilege, an exception does not occur but privileged bits do not change.

在虚拟8086模式下运行(EFLAGS.VM = 1)时，如果没有virtual-8086模式扩展(CR4.VME = 0)，POPF/POPFD仅当IOPL = 3时才可以使用指令；否则，一个发生一般保护异常(#GP).如果为虚拟8086模式启用了扩展名(CR4.VME = 1)，可以将POPF(但不能将POPFD)设置为在IOPL<的虚拟8086模式下执行；3.

When operating in virtual-8086 mode (EFLAGS.VM = 1) without the virtual-8086 mode extensions (CR4.VME = 0), the POPF/POPFD instructions can be used only if IOPL = 3; otherwise, a general-protection exception (#GP) occurs. If the virtual-8086 mode extensions are enabled (CR4.VME = 1), POPF (but not POPFD) can be executed in virtual-8086 mode with IOPL < 3.

这篇关于在用户模式下，x86 CPU可以读取任何寄存器的值吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！