> Followup to: <Pine.LNX.3.96.980328150225.8094A-100000@vip.maestro.com.pl>
> By author: Marek Habersack <grendel@vip.maestro.com.pl>
> In newsgroup: linux.dev.kernel
> >
> > Hmm... It's enormous. The ring-0 code can do anything to your machine
> > including memory management, LDT/GDT/IDT management, virtual memory management
> > - everything your CPU and your hardware is capable of. The IOPL 3 merely
> > (yeah...) allows the application to output to any of the ports of your
> > hardware. That can crash the system, but usually the application are not
> > allowed to access ALL ports - the IOPL at the end of the TSS is used to
> > enable/disable access to the hardware ports. So the graphics application is
> > allowed to trash only the video card registers - that can only hurt your
> > display (unless your video card is buggy and freezes the bus ;-))
> >
>
> No, IOPL >= CPL means access to *ALL* ports permitted, as well as
That's what I wrote a few lines above, isn't it? You can write to ports of ALL
your hardware.
> CLI/STI and stuff. IOPL < CPL means that the I/O permission bitmap is
> consulted, and CLI/STI trap.
And that's the sane situation - as long the bitmap is used, the kernel is
safe.
best wishes, marek
--- Writing software is more fun than working.
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu