在用户模式下可以允许或禁止执行哪些指令? [英] What instructions can be allowed to execute or prohibited from executing in user mode?
问题描述
有些指令在用户模式下 CPU 永远无法执行(例如:HLT 指令).
There are instructions that the CPU can never be able to execute in user mode (for example: the HLT instruction).
而且有些指令在用户模式下 CPU 将始终能够执行(例如:MOV 指令).
And there are instructions that the CPU will always be able to execute in user mode (for example: the MOV instruction).
还有一些指令可以让CPU在用户态执行或禁止执行(例如:IN和OUT指令).
And there are instructions that the CPU can be allowed to execute or prohibited from executing in user mode (for example: the IN and OUT instructions).
我的问题是:在用户模式下还有哪些指令(除了IN和OUT)可以允许执行或禁止执行?
My question is: what are the other instructions (other than IN and OUT) that can be allowed to execute or prohibited from executing in user mode?
推荐答案
原本分为三组:
可以在任何权限级别执行的指令
instructions that can be executed at any privilege level
对IOPL"(IO 权限级别)敏感的指令.这些指令是 IN(和变体 - 字节、字、双字、字符串)、OUT(及其变体)、HLT、CLI 和 STI.如果 IOPL(在 eflags 中)设置为 3,那么这些指令可以是在用户代码中使用 (CPL=3);并且如果 IOPL 设置为数值较低的值,则这些指令不能在用户代码中使用.
instructions that are sensitive to "IOPL" (IO Privilege Level"). These are IN (and variations - byte, word, dword, string), OUT (and its variations), HLT, CLI and STI. If IOPL (in eflags) is set to 3 then these instructions can be used in user code (CPL=3); and if IOPL is set to a numerically lower value these instructions can't be used in user code.
监督程序指令(例如 LGDT、WRMSR、INVD、...、MOV 到/从调试寄存器).这些永远不能在 CPL=3 时执行.
supervisor instructions (e.g. LGDT, WRMSR, INVD, ..., MOV to/from debug registers). These can never be executed at CPL=3.
从那时起,他们(CPU 制造商 - Intel、AMD、VIA、..)添加了(按大致时间顺序"):
Since then they (CPU manufacturers - Intel, AMD, VIA, ..) have added (in "approximate chronological order"):
对齐检查"功能,在 CPL=3 时不允许未对齐的读取和写入
the "alignment check" feature, which disallows misaligned reads and writes at CPL=3
RDTSC 指令和一个标志(在 CR4 中)以在 CPL=3 时禁止它.
the RDTSC instruction and a flag (in CR4) to disallow it at CPL=3.
保护模式虚拟中断"功能会影响 CLI 和 STI 在 CPL=3 的行为(主要用于 virtual8086 但不限于此).
the "protected mode virtual interrupt" feature that effects the behavior of CLI and STI at CPL=3 (mostly intended for virtual8086 but not limited to that).
MSR 中的一个标志,允许 CPL=0 代码禁用 CPUID 离开 >2(让 CPU 假装这些叶子不存在),这最初是针对旧版本 WindowsNT 中的错误的错误解决方法(软件是软的,硬件是硬的"),但在 20 多年后仍然毫无理智地挂起.
a flag in an MSR that allows CPL=0 code to disable CPUID leaves > 2 (make the CPU pretend these leaves don't exist), which is something that was originally a misguided work-around ("software is soft, hardware is hard") for a bug in an old version of WindowsNT, but still hangs around 20+ years later for no sane reason at all.
各种虚拟化内容(例如VMENTER、VMEXIT、...)
all kinds of virtualisation stuff (e.g. VMENTER, VMEXIT, ...)
RDTSCP 指令(在 CPL=3 时的访问仍然由 CR4 中较早的标志控制)
the RDTSCP instruction (access at CPL=3 still controlled by the earlier flag in CR4)
RDPMC 指令
SWAPGS 指令
SWAPGS 的替代/扩展(RDFSBASE、RDGSBASE、WRFSBASE 等)
alternatives to/extensions of SWAPGS (RDFSBASE, RDGSBASE, WRFSBASE, etc)
一个名为UMIP"(用户模式指令保护)的扩展(如果启用)主要防止用户代码使用指令来找出内核数据结构的虚拟地址(因此KASR"稍微少一些一个笑话).这不允许的指令是SGDT、SIDT、SLDT、SMSW 和STR.
an extension called "UMIP" (User Mode Instruction Prevention") that (if enabled) mostly prevents user code from using instructions to find out the virtual addresses of kernel data structures (so that "KASR" is slightly less of a joke). The instructions disallowed by this are SGDT, SIDT, SLDT, SMSW and STR.
MSR 中隐藏/未记录的标志,它允许某些内核(如果它们是由能够找到相关信息的开发人员编写的)禁用对用户代码不应该访问的更多指令的访问能够执行(CPUID,我不知道还有什么).
a hidden/undocumented flag in an MSR that allows some kernels (if they're written by developers that are able to find out about it) to disable access to a few more instructions that user code should never have been able to execute (CPUID and I don't know what else).
这篇关于在用户模式下可以允许或禁止执行哪些指令?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
